New Antiexecutable: NoVirusThanks EXE Radar Pro

Right click the system tray icon to change them

 

Cool thanks

Is that ins the help file? It sure isn't mentioned in the main GUI.

Also what does the import/export restore default lists do?


Also how do I Enable Process Behavioral Analysis Technology.
Thanks

 

http://novirusthanks.org/help-files/exe-radar-pro/#protection-modes

This feature is removed from ERP.

 

Why did they remove that feaure? Seemed like it worked well.

 

Andreas thinks it is not needed.

 

not needed and will makes the soft heavier

 

I installed today NVT Exe Radar Pro 2.7.7 build 25 and I came across the following situation: few minutes after installation and after validating the license, when I tried to start a certain application, my firewall warned me that EXERadar.exe is trying to connect to internet. I had updates notifications disabled, an empty trusted vendors list and I selected not to allow signed processes. The bigger problem is that I wasn't able to start any other applications until EXERadar Pro decided that it cannot connect to the internet and gave me back control! My questions:

1. Is this a bug?
2. Is this internet connection the normal behaviour?
3. Is it something in the configuration/settings that I missed and that can disable this connection completely?

Thanks!

Later edit: It seems that EXERadar requests a list of certificates, despite the settings. That would be fine, but applications cannot start (the computer is effectively blocked) until the communication is complete. That is not an ideal situation, especially when the internet connection is poor.

 

@Nebulus

When a process is executed in the system, ERP checks the certificate (if the exe is signed), an example of HTTP query is like this:

Code:

GET /pca3-g5.crl HTTP/1.1
Accept: */*
User-Agent: Microsoft-CryptoAPI/5.131.2600.5512
Host: crl.verisign.com
Connection: Keep-Alive
Cache-Control: no-cache
Pragma: no-cache

How many seconds does it needs in your PC to execute the GET query ?

 

Yes, I used Wireshark to determine that your application is requesting a certificate.

Under normal circumstances, it doesn't take too long, but if I block it from firewall or if I have no/poor internet connection at the time, it takes around 40 seconds until it gives up connecting and it presents me to a prompt to choose if I want to block or allow running the application. Is there no way to disable this behaviour and to show me the prompt directly, without checking for a certificate first?

 

NVT documentation mentions it applies a whitelist of command strings.

Does NVT interpret the command line string of vulnerable processes with location or origin info of the executable?

E.g. it would be much easier to allow command strings referring to safe locations (e.g. Windows and Program Files) and to block command strings referring to executables which come from the internet (using default Windows mechanism).

Regards Kees

 

Hello,

Just a quick question concerning the version 3 betas and release to come. The last version that I see is build 13 from November 28th. Since then I have seen posts referring to a Windows 8.1 bug or two followed by a reply that it had been fixed in the next version to be released in a few days. I am wanting to install ERP on a Windows 8.1 machine but want to wait for the version 3 that has these bugs fixed. Is there a later version than build 13 that I have missed and if not, is a new version coming soon? I do not mean to seem impatient but with replies stating a new version was coming in a few days (and now it has been a while) and the fact this next version seems to be taking longer than in the past (yes, I realize the holidays), I was wondering if I had missed something or could get a staus report. Thanks as I look forward to trying this version on a new 8.1 machine...

 

Build 13 is the last publicly known build. Very stable here on 7x64.
Can't be of help for systems running 8.1, so good luck with it.

 

Hello,

Thanks for verifying. I was fairly sure build 13 was the latest and just did not want to install a version with any known 8.1 bugs on the new machine. I can wait for the next release with the fixes.

 

Bug Report
ERP Pro does not understand my Calender Settings and greets me with an alert on startup. Windows 8 Pro 64 bit. Thing started after I changed the date settings. See below

 

Fair, just wondered whether NVT would help by assessing location and origin

 

Any news about release date?

 

+1 on this

 

How to force NVT ERP to recognize all programs in the Programs Folder?
I have installed ERP and I checked the following options:

• Allow Microsoft Windows system protected processes
• Allow processes signed by Trusted Vendors
• Allow all software from Program Files folder

But after I started Vsee, NVT ERP asked me if I wanted to allow the process... This is bad, I need NVT ERP to recognize ALL software in Program Files and never ask me again. How do I do it?

 

Thank you. But is there a way to whitelist all vulnerable processses?
Im setting this up for a family member and I can't have anything popping out. I just don't want him/her to install any new software or run any malware.

 

Can you clarify this?

 

I just noticed that for some strange reason, ERP hasn't created/saved any Log folders since 12/31/13 - and I haven't changed anything. Any thoughts on this?