New Antiexecutable: NoVirusThanks EXE Radar Pro

never tried it , did you? and if yes , how you felt it?

from their website http://www.faronics.com/document-library/document/faronics-anti-executable-product-spec-sheet/ it seems to block dlls.

 

Faronics *.dll monitoring and blocking will consume system resources and visibly slow down a system - and for some to the extent that their system will be unusable.

System-wide *.dll monitoring that doesn't interfere with system performance is a pipe-dream...

 

I hope you don't mind me also quoting this post meant for Peter. If you enable the option to block .dlls then it trashes your computer lol. It has always done this to mine anyway. My computer would usually become none responsive within 2 hours with .dll mitigation enabled. Most of the time I would have to do a hard shut down. I have not tried it in almost 2 years though.

The last time I tried Faronics AE if I ran KillSwitch my computer would freeze immediately, and it would not recover most of the time with .dll mitigation enabled. It worked just fine as long as I did not enable .dll mitigation. I have a core i7 3.2 ghz with 8 Gigs of memory.

 

i see, so we all have to wait Andreas release a finalized GUIed version of Smart Object Blocker

 

Is this project dead, or just being developed extremely slowly?

 

I guess the thing I dislike about it the most, and correct me if I'm wrong, if that I don't like auto-whitelisting. Just because an app is safe doesn't mean I want it to run. I'm not getting prompted, which means I'm relying on their internal lists. I trust myself more.

 

Noticed an ever increasing uneasy buzz emanating from my daily laptop that I always use most to access everything including here. It's been noticeable to me for quite sometime so today I finally changed out the little lower storage HD (320Gb vs 500Gb) that is not exactly new but has seen little use (came with another laptop pulled off amazon that I replaced that HD with a 1TB Toshiba).

Thanks goodness I didn't even have to turn to Macrium Reflect to restore the whole programs and shebang to it since it looks like I pretty well filled it with enough of my security and common use programs etc. and she booted up perfectly and all.

However one crucial item wasn't installed yet, and that naturally of course was our NVT ERP. Got it done and done.

NVT ERP for me and Windows 8(8.1) is a critical element that absolutely must be on my systems. It has and continues to work out great!

 

Yes!

 

But that depends on how you look at it. If you think an AE should do more then to block execution of malware delivered via exploits, then yes. But for monitoring app behavior, I rather use a HIPS that can monitor a lot more than only driver loading and DLL injection, like SOB or AppGuard.

 

When I'm using ERP, my Windows keyboard layout gets automatically changed to English. Is there a way to stop that?

 

i am more for the first point. I expect it to just allow me to block exe/dll/drivers nothing more (hence my love for Appguard & SOB), i don't ask it to monitor every Parent-Children events of course, as you said , i have ReHIPS for that

 

Yes, settings dependent.
You get more alerts and are aware of changes (=good) after these settings are unticked.

The latest update was "only" 2-3 months ago (NVT-Tool: Process Logger Service), but i think that too.

 

I use SpyShelter to monitor code injection, service+driver loading and recording of keystrokes and some other stuff. SS also monitors parent-child execution, but the problem is that you can not fine tune it. That's why I combine it with ERP.

 

Where can I find the latest version of this program?
I maybe wrong about this, but I recall that the site does not contain the latest version...and links are actually posted in this thread.
Any help would be appreciated.

 

Thanks SHvFI!
Have added to my bookmarks.

 

There is a newer beta-release, that was not mentioned before in this thread.
EXERadar_Pro_x86_x64_v3.1_24062015_BUILD1.exe
Only some weeks newer than the latest beta-release but it fixes one important thing:

If you copy a whitelisted file to your administrator-directory (or c:\windows\temp) and execute it, you always get a "Unknown Application"-prompt, right?
But it's whitelisted, there shouldn't be a prompt...
Why is there a prompt? Because EXERadar.exe which has only Medium Integrity is checking the file. And it has no access to the administrator-directory = "Unknown Application"
But with the newer release the Service ERPSvc.exe is now checking the file, which has sufficient rights (=System Integrity).
Now there should be no prompt anymore for whitelisted files in such directories.

 

can you post link?

 

Direct link:

http://downloads.novirusthanks.org/files/EXERadar_Pro_x86_x64_v3.1_24062015_BUILD1.exe

 

thanks
can you install it on top of previous version, and retain settings?

 

first uninstall/save settings
then install newer version

 

Product version is the same.
Size of new version is smaller then old one.



Changelog: