New Antiexecutable: NoVirusThanks EXE Radar Pro

ERP is using Themida ("protections")?

 

@guest

I already added it to v2.7.5

@Trespasser

Probably that issue is caused by the protection system, I will install EMET and test it. Thank you for reporting the issue.

@puff-m-d

The option to keep the protection was disabled in v2.7.4 but will be re-introduced in v2.7.5 that will be released in few days.

@MRF71

Sure, you can whitelist that both commandline strings, they are safe.

@therube

Yes, that is used to protect the main PE files.

 

Finally I encountered on the trial. Trying it on 2 PC.

 

I see that the bug that PC freezes when you go between accounts is resolved.

That's good that there's an option to start in stealth. I like it. I didn't find an option to start in Lockdown Mode. Or I missed it?

 

in the Settings > Policies
when set on lockdown, now ERP keep it for every subsequent boot, until disabled.

 

thanx
then it must be the same when you check the Lockdown Mode in the tray icon

 

Has there been any discussion about NVT ERP phoning home about every 4 hours. It seems to stay connected unless I kill the tcp connection, but then it auto establishes the connection again & again. Support says it's to validate the license, ok... But seems odd that ERP needs to repeatedly do this. Have not taken the time to check the packets, but I find it a tad "unnerving" for a security app to do this without documentation or the user's ability to disable it. (I suppose there may be some registry edit to disable it). Would appreciate your thoughts about this.

 

I do trust the authors. I don't like the software phoning home. On the side note, I am one of the early adopters of NVT ERP. I have to say that developers did put long hours of hard work to polish out some bugs and annoyances and make this software as mature as it is right now. So I am just going to close my eye on this one minor issue.

 

i dont have this "call home" issue, so i think it is an individual problem.

 

im not a firewall expert. can anyone else confirm this?

 

I installed trial version in SUA, win-7. When I enter Admin account it says it has expired though it is too early. It must be a bug.

 

Have you changed system date?

 

Of course no! Right now I entered the admin account to check that the both dates are the same. And they are the same. And ERP again informed that it has expired in the Admin account. In SUA it works OK.

 

Since trial is new feature I guess it is a bug cause it has not been tested on many systems.

 

If NVT needs some logs, IDK what else, I can do this, only describe what buttons I should press.

 

I noticed port 80 outbound attempts to a novirusthanks IP via the "system" process which I assumed to be coming from SwiPEInjDrv.sys. This was post-activation and seemed to happen at random times. Because of the conflicts I had, I removed ERP from my system and don't have the firewall logs anymore to reference. You're not alone in your observations or opinions related to this. I saw it too and I also didn't much care for it.

I noticed right after installation, I would get a trial expired unless I launched EXERadar.exe as administrator. Kind of the opposite of what you observed (I'm assuming SUA means standard user account).

 

So i guess the question is now what will happen if i dont connect my computer to the internet for a week or so. Will nvt erp stop working?

 

I e-mailed the company, and the reply was he would fix this "call-home" in the next version. I have it blocked with my firewall with no side effects.

 

Yeah, SUA stands for stand. user acc. I explored the issue, it seems like yours:
1. It works in SUA OK.
2. In Admin account:
2.1 it starts automatically and says expired.
2.2 If I start ERP not as admin then it says expired.
2.3 If I start ERP as admin it works there OK.

 

@Solarlynx

Thank you for reporting that issue with the trial version. I will try to reproduce it today and I will keep you updated.

@mattdocs1234

If your PC is not connected with Internet it will not check for the license and ERP will continue to run normally. When ERP (PRO version) detects an Internet connection active, after N hours, it tries to check the validity of the license. It should take no more than 1 or 3 seconds to check it.

@Peter2150

Thanks for the update about SBIE v4. I will take a look at it.

 

Are there any plans to implement auto update feature in the nearest future?