New Antiexecutable: NoVirusThanks EXE Radar Pro

Discussion in 'other anti-malware software' started by sg09, Jun 3, 2011.

  1. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,203
    Location:
    .
    Aha.. I'll document my next 'Disable Protection' Alert. (if and when)
    Aha...Lockdown = Ask user re: Vulnerable and Block process = global block
    Thanks
     
  2. MikeMT

    MikeMT Registered Member

    Joined:
    Feb 7, 2015
    Posts:
    63
    Location:
    Malta
    Andreas… Once again my thanks to you for an excellent application that is forever improving.

    I have plans to deploy ERP as an additional protection layer to the endpoints in Lockdown Mode after white listing the system drive processes @ our other sites that are currently managed through VPN with Remote Desktop.

    Current thoughts would be to originally install ERP / config the endpoints @ the remote sites, there after manage remotely.

    The only issue that I have ATM is that when a RDP connection is made to the endpoint, the ERP tray icon is not visible, nor ERP X64 process in Task Manager. /admin or /console switches to the MSTSC command string have no effect.

    I may be having a brain freeze, as to date the only partial solution that I came up with for situations that require new software updates / installs, would be to RDP in, Disable the ERP service, reboot the endpoint, install / update the app, restore ERP service to start automatically & reboot again.

    If anyone could kindly suggest how to enable the configuration GUI when using RDP or a better procedure for remote management of ERP (if possible), I would greatly appreciate it.

    Thanks in advance

    Mike
     
  3. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,027
    Location:
    Italy
    @paulescobar @MikeMT

    We're going to investigate the issue reported with remote desktop session this week :)
     
  4. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    895
    @novirusthanks
    The link in your signature leads to page 178 however you posted a new build in page 180.

    And yes, considering the users here are very active this kind of things aren't much of an issue but simply wanted to address it is all.
     
  5. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,027
    Location:
    Italy
    @Azure Phoenix

    Thanks for the notify, I have updated the signature now :)

    @paulescobar @MikeMT

    The issue with RDP sessions should be fixed now.

    You can download the new beta build from this link:
    http://downloads.novirusthanks.org/files/EXERadar_Pro_x86_x64_v3.1_22042015_BUILD1.exe

    + Fixed issue with RDP sessions
    + Improved configuration wizard
    + Added more safe command-line strings
    + Minor fixes and optimizations

    To update:

    1) Close ERP from trayicon->exit
    2) Uninstall ERP completely
    3) Reboot the PC (very important)
    4) Install ERP
     
  6. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    3,526
    Location:
    Mexico
  7. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
  8. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,203
    Location:
    .
    v3.1_22042015_BUILD1 :)
     
  9. MikeMT

    MikeMT Registered Member

    Joined:
    Feb 7, 2015
    Posts:
    63
    Location:
    Malta
    Cheers for the prompt solution Andreas.
     
  10. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,257
    Latest Build is very smooth here. Just excellent. Again thanks Andreas
     
  11. Mage

    Mage Registered Member

    Joined:
    Nov 4, 2010
    Posts:
    22
    Cheers! :D
     
  12. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,822
    Latest build running great on my end.

    Great job as always, Andreas :thumb:
     
  13. NSG001

    NSG001 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    682
    Location:
    Wembley, London
    Must be close to the final release now surely :doubt:
     
  14. Mage

    Mage Registered Member

    Joined:
    Nov 4, 2010
    Posts:
    22
    @NSG001

    I don't think open betas in this case are for finalization of an already stable and proven program that's been developed for 5+ years. It's updated frequently to please its user base, not because it "has to be" for incompatibility reasons with an OS, in most cases. Users can choose to run older builds or grab what's served up fresh. So, it's their choice of course. In truth, there's really nothing "Beta" about ERP at all, but since it's updated so frequently it's simply an appropriate title... just in case experimental things don't work as designed/intended ;)
     
  15. NSG001

    NSG001 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    682
    Location:
    Wembley, London
    @Mage
    Thanks.
    As an owner of 6 'purchased' licenses please allow me to query this.
    I asked when the final would be ready around a year ago and was told 'next week'.
    Personally as an IT admin i have no issue running betas, but i do not want them deployed on my family's everyday machines.
    Hence my question.
    I am keen to see 3.1 finally realised :thumb:
    Not much to ask eh?
     
  16. Mage

    Mage Registered Member

    Joined:
    Nov 4, 2010
    Posts:
    22
    @NSG001

    Understood. Currently several users on this very thread are running betas on family PCs, utilizing password protected features on multiple accounts even to limit their children's access. I'm confident in saying that if any major issues cropped up they'd be promptly addressed here. Perhaps Andreas (novirusthanks) can give you specifics about v3.1 soon though. Thanks for replying, I understand where you're coming from of course
     
  17. bberkey1

    bberkey1 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    243
    Location:
    United States
    So I'm trying to run CMD elevated or normal, but NVT blocks it in lockdown mode, even though it is whitelisted, but the strange thing is, I don't seem to recall having this problem before today, in fact I know I've never had this issue. Any ideas as to why it would bock this all of a sudden?
     
  18. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,830
    Location:
    Poland - Cracow
    New build works smooth on XP SP3...practically excellent :)
     
  19. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,257
    That is what is supposed to happen unless you have whitelisted the command string.
     
  20. bberkey1

    bberkey1 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    243
    Location:
    United States
    Yeah, just realized I downloaded the new beat and accidentally removed my previous settings, which means I did not have it whitelisted. Problem solved
     
  21. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,822
    Latest build is a solid release.

    Final coming soon?
     
  22. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    11,701
    Location:
    The Netherlands
    ERP really needs a way to suppress vulnerable processes, without having to white-list the command-line. I sometimes get bombarded with alerts when installing or running certain tools, if you run SSD Tweaker in "alert-mode" you will see what I mean.

    Another thing that I find annoying is when apps automatically start up your browser, perhaps you can find a way to make ERP control parent-child processes in a more strict way?

    https://www.elpamsoft.com/?p=ssd-tweaker
     
  23. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,027
    Location:
    Italy
    @NSG001 @TyRizian

    We are very close to the final release :)

    @Rasheed187

    I think if you add the process of SSD Tweaker in the WhiteList->Parent Process then the alerts should stop, can you try that ?

    //EDIT

    I tested it myself, you need to do this:

    1) Add "C:\Program Files (x86)\SSD Tweaker\SSD Tweaker.exe" to WhiteList->Parent Process
    2) If you have disabled the option Settings->General->Automatically allow system protected processes, you need to WhiteList this system process: "C:\Windows\SysWOW64\fsutil.exe"

    That's all, see this screenshot:

    erp-and-ssd-tweaker.png

    And just as information, here are the command-line strings (related to Vulnerable Processes in ERP) frequently used by SSD Tweaker:

     
    Last edited: Apr 29, 2015
  24. Quassar

    Quassar Registered Member

    Joined:
    Oct 19, 2011
    Posts:
    94
    Where NVT ERP keep/storage all settings/rules
    I want to know what add to exlusion in Shadow Defender

    ~ Snipped as per TOS ~ Awesome software btw, keep doing you made rly good job !!
     
    Last edited by a moderator: Apr 29, 2015
  25. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,822
    Exclude this directory

    "C:\ProgramData\NoVirusThanks\EXE Radar Pro"

    In there contains Data, Logs and Quarantine Files
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.