New Antiexecutable: NoVirusThanks EXE Radar Pro

I'd ask Andreas about it. I brought it to his attention, but since typical user rarely, if ever, installs softs using Windows' hidden, primary Admin account I am not sure how big of an issue it is. I would simply think he would say "Don't install it that way, unless you intend on being signed into the primary Admin account all the time..."

Any how ask @novirusthanks

 

Come on @novirusthanks ! hehehe...

EDIT: I gave it a test run, mightaswell suss things out first hand so-to-speak...

Removed ERP from Stock Admin and installed in Hidden Admin, followed by reboot.
In Hidden Admin, made the modifications and rebooted into...
a) Stock Admin - tickboxes via settings committed, but lists were prepopulated
b) Standard User - tickboxes via settings didn't commit, and lists reflected this

So...
Removed ERP from Hidden Admin, reset Hidden Admin to default and returned the account back to hide-mode.
Installed ERP again into Stock Admin and followed with a reboot.
Prompted with Startup Wizard, went through that (removing whitelisting)
No lists were prepopulated, commenced adding prompted rules via command line, avoiding "allow process".
Performed 2-3 reboots to flush out extra prompts, then slapped ERP into LockDown Mode and rebooted into Standard User.
The settings tickboxes didn't commit (still appears to be default), only populated list is Whitelisted Command Lines.

Security issue with this is as follows: the vulnerable apps list is empty as well. So user will have to pay attention to what is entered into command line list.

 

@novirusthanks

Is there a way to disable the annoying Update prompt ? It is causing issues on my particular system.

 

Depends on the type of profile... if Admin, then it will stick. If it is Standard User, then it will not, which will require unticking every time SU boots... which is why I made my post @ #4808...

 

@ novirusthanks

I'm having system shutdown problems when I combine ERP with either MBAE or SpyShelter. When I put ERP in "learning mode", the problem seems to be solved but it will always reappear when putting the system in standby. If I uninstall MBAE or SS, the problem is solved. Do you have any idea why ERP combined with these tools might cause such a problem?

EDIT: And can you perhaps add a "sort by process name" option in the events log?

 

@novirusthanks
I am having weird window issues, revolving around the Settings window.
In Admin account, the window is mega small, in Standard User account, the window is fine. I have provided screenshots...
This is Admin...

This is Standard...

I am on W7 HP x64.
I have configured AppGuard and Sandboxie to work with NVT-ERP.

I have tried the following via Admin account with AppGuard switched off, to see if it would help:
1) Close ERP from trayicon->exit
2) Uninstall ERP completely
3) Reboot the PC (very important)
4) Install ERP

The screen shrinks regardless of reboot after install and then change settings, or if I use the initial wizard to choose recommended or custom settings / import my own backup, and then reboot.

 

I think there might be SpyShelter - NVT ERP driver issue. After all, both monitor essentially the same way.

When I install SS + ERP together, shutdown and startup is delayed. Takes SS about 45 secs... and I have SSD. W\O SS, boot takes < 10 secs.

I am going to try and create mutual exclusions to see if it helps. Stay tuned...

 

It's confusing...SS + ERP togheter with Kerio 2.1.5 are working fine more then 1 year on my wife's XP...no issue, no slowdown...just ecelent. I think you should try
- include ERP to the list in Keystroke Encryption/Process Filter/Do not encrypt keystrokes of...
- switch on "better compatibility mode" in "Advanced" tab.
BTW...SS and ERP doesn't cover the same protection area, its role is different.

 

"Better Compatibility" setting already enabled for Sandboxie.

Yes, different role... but both use kernel mode drivers to monitor system.

Thanks @ichito

 

Yes, perhaps it's some weird driver issue. I did notice that I don't have to uninstall SS Free, I only have to kill the SS GUI to solve this problem. BTW, does it also take long to put your system into standby? It takes about 10 to 15 seconds on my machine (SSD), I'm not sure if ERP plays a role in this.

 

I don't use Stand By mode... so I couldn't say.

 

I turned on my laptop today and found out all my whitelisted commandlines and safe apps were gone, i'm assuming this is a bug?

 

Had the same thing happen after I restored a backup and performed general maintenance tasks. Not sure why that happened. You may just have to restore a configuration backup if you have one, otherwise just restore to default and the default rules will comeback although you will have to retrain ERP.

regards.

 

Like I said it's probably a bug. I can't wait for a new version!

 

Yes, it happens to me lately with last build.
@novirusthanks we need a fix asap please.

TIA

 

There are problems with it... fixes needed.

 

Sure but Andreas is on vacation or having fun with SOB

 

Hmm, thanks for reminder to Export.
Probably not related. I had one off when tray Icon vanished.
I set 'Enable self defense against process termination'.
IDK if 'self defense' is good, bad or other.
Icon has been okay since...

 

Sure, dont expect weekly updates of ERP as before

 

I'm glad it's not just me, thought it was my pc