New Antiexecutable: NoVirusThanks EXE Radar Pro

I do believe that older versions did indeed use less CPU time, I think it was about 1 to 2%. But I'm not getting to see anything near 20% like you do, so there's definitely something wrong on your system. What other security tools are you using? Personally I can live with 5%, and it also does not affect the speed of my PC.

 

I went back and tried this latest version in a snapshot with no security software other than ERP itself with the same results.

 

Yes, I forgot you already mentioned this, that's weird indeed. Sometimes these problems are hard to troubleshoot, I was having problems with the HMPA + SBIE combo while others don't have any issues at all, it's so weird and a bit frustrating. BTW, you might want to use Process Monitor to see what ERP is up to, perhaps you will get a clue.

https://technet.microsoft.com/nl-nl/sysinternals/bb896645.aspx
http://www.howtogeek.com/school/sysinternals-pro/lesson4/all/

 

Hello,

I was thinking back and there was one other instance where I had seen high CPU usage during the beta versions for ERP 3.1. I had asked about it and Andreas had replied:

I wonder if Andreas has added something again for testing purposes and this may be the reason I am seeing this high CPU usage. I guess I will have to wait to hear from Andreas for a definitive answer. In the meantime, the build from Jan. 25 is running perfectly here.

 

Thanks for the quick reply Rasheed187, I figured it is only a false positive. Was kind of odd that the build from Post #4287 EXERadar_Pro_x86_x64_v3.1_20022015_BUILD2.exe was flagged buy ESET Smart Security.

But the other .exe's that i have downloaded before, never got flagged.
Post #4096 EXERadar_Pro_x86_x64_v3.1_16012015_BUILD3.exe
Post #4107 EXERadar_Pro_x86_x64_v3.1_16012015_BUILD4.exe
Post #4109 EXERadar_Pro_x86_x64_v3.1_16012015_BUILD5.exe (blank process fix)
Post #4121 EXERadar_Pro_x86_x64_v3.1_17012015_BUILD1.exe (x86 OS fix)
Post #4154 EXERadar_Pro_x86_x64_v3.1_17012015_BUILD1.exe (cautious build)
Post #4207 EXERadar_Pro_x86_x64_v3.1_25012015_BUILD1.exe (log only blocked events fix)

Thanks again for the response.

 

Hello Andreas,

One user from another forum reported that latest Beta is not signed and got alert from Glasswire during the update process. I'll quote it for you.

Regards,
Kardo

 

So perhaps i may not be alone, is it possible because a .exe is not signed and that's why my ESET flagged it?
Sorry for the non tech savvy questions, i just want to make sure/learn about all this.

 

Released a new beta build:
http://downloads.novirusthanks.org/files/EXERadar_Pro_x86_x64_v3.1_22022015_BUILD2.exe

* Fixed Stealth Mode enable/disable
* When installing ERP a system restore point is automatically created
* Minor fixes and optimizations

@kardokristal @newguytosecurity

Thanks for reporting this issue, I just forgot to sign the PE files (my bad)

Try this new build, all files are signed now.

@puff-m-d

Try this new beta build, it should have decreased the CPU usage in the service.

@MikeMT

Thanks a lot for your feedback

It should be fixed in this new beta build, please let me know if it works fine for you.

 

@novirusthanks Thank you for the feedback and new release!

I quoted your answer to another user on another forum.

Regards,
Kardo

 

Hello Andreas,

I get the following error when trying to install on a Windows 8.1.3 Pro 64-bit system:

 

@puff-m-d ... You beat me to it as I too have the same issue.

Previous beta was uninstalled completely followed by a reboot. Clearing all leftover files / folders & registry entries did not assist either.

OS Win 8.1.3 X64

 

Same issue as puff-m-d and MikeMT I got with this beta.

 

Thanks for the quick response and for the new update novirusthanks.
The download was NOT flagged by ESET.
Everything so far is running smoothly. Thanks again.

 

Without having to restore back from a system drive image, the prior beta build re -installs & all saved settings import OK

 

I get this error on my Win 8.1 64 bit system. When installing

 

@newguytosecurity

You're welcome

@boredog @MikeMT @Mister X @puff-m-d

Can you try this new beta build 22022015_BUILD3 ?
http://downloads.novirusthanks.org/files/EXERadar_Pro_x86_x64_v3.1_22022015_BUILD3.exe

I removed the option to auto-create the restore point in the installer for now.

To update:

1) Close ERP with Trayicon->Exit
2) Uninstall ERP completely
3) Reboot the PC (very important)
4) Install the new ERP and start it

Let me know if that works fine.

 

Well done!!! Thanks NVT, now ERP service is below 2%... Nice!!!

 

@novirusthanks ..Cheers & it installed along with prior settings imported with no probs.

Thank you for the prompt response & resolution.

 

Hello Andreas,

ERP installed with no issues and CPU usage is now back to normal. Thanks !!!

As to the auto-creation of a system restore point on install, I do not use system restore and have it disabled. Perhaps this caused the error on the previous build's failed install? You probably already figured that out hence the reason you removed it, but thought that I would mention that I do not use it and have it disabled (just in case)...

 

THis build made it almost to the end of install but gave this error msg this time.

 

does it matter if I am trying to install this in a sandbox like program such as QuiteZone?

 

@boredog

Do you have other security software that may block ERPSvc.exe from loading nvterp.sys driver ?

@puff-m-d

Yes, the error message you noticed was showed because you have restore point disabled. Thanks for the additional information

 

I have QuiteZone , Norton 2015 Malwarebytes Antimalware Pre and Malwarbytes Antiexploit Pre installed.

 

@boredog

Yes, if QuiteZone blocks loading of kernel-mode drivers of sandboxed programs (it should) then you should install ERP outside the sandbox.

 

All I know about QuiteZone is anything done on my computer and any attached drives such as USB stick or even USb hard drives , when enabled all changes get erased on reboot. I don't know if it blocks driver install persay but maybe only delets the install aftrer reboot?