New Antiexecutable: NoVirusThanks EXE Radar Pro

Discussion in 'other anti-malware software' started by sg09, Jun 3, 2011.

  1. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    7,636
    Location:
    Hawaii
    IMO, "dev" = "development" NOT "developer".
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,193
    Location:
    The Netherlands
    I'm not sure what you mean, but I was under the impression that NVT had only one developer, namely Andreas.
     
  3. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,621
    Location:
    European Union
    "dev" might mean "developer" (the person that writes the software) or "development" (the process of writing the software, the programming itself). In the context of the post above, bellgamin assumed (correctly, I think) that "dev" is the short for "development" so the phrase can be read as: "The programming of the software is a bit slow due to release\update of other programs\services, we'll try to speed up the next ERP build."
     
  4. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    It's a small team....Andreas is the leader.
     
  5. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,092
    Location:
    Mexico
    @novirusthanks
    You answered yes to the following question:

    Is it possible to just purge old hashes without actually deleting the rule? This could be an improvement no?
     
  6. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,092
    Location:
    Mexico
    Under Signed Processes I set ERP to handle them this way:
    • Do not allow signed processes
    • Deleted all Trusted Vendors in the list
    What do you think about this?
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I do the same thing. Certificates have been compromised as a security tool
     
  8. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,092
    Location:
    Mexico
    Thanks Peter.
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,193
    Location:
    The Netherlands
    I now see what I meant, but he misunderstood, my question was because of "we'll try to speed up the next ERP build". I thought that there was only one developer.

    OK I see, didn't know this. Are they all active on this forum?
     
  10. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I think Andreas is the only one here. But not positive
     
  11. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    7,636
    Location:
    Hawaii
    I am running ERP 3.0.0.0 build 15-10032014

    When I boot, I get ERP error message "Failed to retrieve driver handle.". I click OK & then ERP disappears. I then load ERP manually & no error message ensues. I *assume* ERP is running okay after the manual load. Correct?

    I checked throughout this thread. This issue was reported several times. Each time the solution offered was that the issue would be fixed in the next beta. But -- for me -- the issue is NOT fixed.

    What now?
     
  12. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,410
    @bellgamin

    Perhaps you could try running the latest beta then. Though I do understand if you hesitate to try it, since it is a beta after all.
     
  13. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Try the latest beta
    Beta: v3.1_15052015_BUILD1
     
  14. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    That beta has been running so long it's only beta has NVT hasn't put the seal of approval on it. It's been working fine for me ever since I installed it.
     
  15. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,870
    Location:
    U.S.A. (South)
    LoL Same here. That same beta is been performing magnificiently on the old trusty 8 lappy that i use for everything. My setup is actually been surprisingly tight before but never this well covered. Throw in combo SOB and the coverage easily doubles. Also very very stable. It occasionally gets bumped off the tray icon bar when i do an explorer restart (customizing looks requires that sometimes) but process explorer easily restarts NVT to place it back in sight. It doesn't stop or terminate NVT when doing that, just knocks it out of the tray along with some others that i have to restart to get their icons back in sight again.

    Registry Guard is also promising to becoming another useful (newest) creation from the same developments as NVT/SOB group.
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,193
    Location:
    The Netherlands
    I'm actually running an older version, but perhaps I will try this one.

    Off topic, but is it perhaps possible to develop an anti-rootkit tool for Win 8 and 10, similar to Tuluka, including the nice looking GUI ?

    http://www.tuluka.org/screenshots.html
     
    Last edited: Dec 22, 2015
  17. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,092
    Location:
    Mexico
    Then why not use tuluka as it is?
     
  18. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,193
    Location:
    The Netherlands
    It's not compatible with Win 8 and the project seems to be dead. And NVT already offers similar tools, but not this advanced.
     
  19. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,092
    Location:
    Mexico
    Oh yes, sorry I didn't see the download page:
    http://www.tuluka.org/Download.html
     
  20. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    I've had some minor bugs but nothing major
     
  21. TS4H

    TS4H Registered Member

    Joined:
    Nov 5, 2013
    Posts:
    523
    Location:
    Australia
    I still have ERP issues where it fails to load at startup on Windows 10 and even on Windows 7 prior, for a while now. Its random and I cannot repeat it or figure out why this is so. Version 3.0, no issues.
     
  22. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,092
    Location:
    Mexico
    I unchecked "Allow all software from Program Files folder" box. Now every time my daughter launches Minecraft a Command-Line string is shifting in these two variables so to speak highlighted in red. The rest remains exactly the same:

    "C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" -XX:HeapDumpPath=MojangTricksIntelDriversForPerformance_javaw.exe_minecraft.exe.heapdump -Xmx1G -XX:+UseConcMarkSweepGC -XX:+CMSIncrementalMode -XX:-UseAdaptiveSizePolicy -Xmn128M -Djava.library.path=C:\Users\MrX\AppData\Roaming\.minecraft\versions\1.8\1.8-natives-32923067774469 -cp C:\Users\MrX\AppData\Roaming\.minecraft\libraries\java3d\vecmath\1.5.2\vecmath-1.5.2.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\net\sf\trove4j\trove4j\3.0.3\trove4j-3.0.3.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\ibm\icu\icu4j-core-mojang\51.2\icu4j-core-mojang-51.2.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\net\sf\jopt-simple\jopt-simple\4.6\jopt-simple-4.6.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\paulscode\codecjorbis\20101023\codecjorbis-20101023.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\paulscode\codecwav\20101023\codecwav-20101023.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\paulscode\libraryjavasound\20101123\libraryjavasound-20101123.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\paulscode\librarylwjglopenal\20100824\librarylwjglopenal-20100824.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\paulscode\soundsystem\20120107\soundsystem-20120107.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\io\netty\netty-all\4.0.15.Final\netty-all-4.0.15.Final.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\google\guava\guava\17.0\guava-17.0.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\commons\commons-lang3\3.3.2\commons-lang3-3.3.2.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\commons-io\commons-io\2.4\commons-io-2.4.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\commons-codec\commons-codec\1.9\commons-codec-1.9.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\net\java\jinput\jinput\2.0.5\jinput-2.0.5.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\net\java\jutils\jutils\1.0.0\jutils-1.0.0.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\google\code\gson\gson\2.2.4\gson-2.2.4.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\mojang\authlib\1.5.21\authlib-1.5.21.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\mojang\realms\1.6.1\realms-1.6.1.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\commons\commons-compress\1.8.1\commons-compress-1.8.1.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\httpcomponents\httpclient\4.3.3\httpclient-4.3.3.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\commons-logging\commons-logging\1.1.3\commons-logging-1.1.3.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\httpcomponents\httpcore\4.3.2\httpcore-4.3.2.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\logging\log4j\log4j-api\2.0-beta9\log4j-api-2.0-beta9.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\logging\log4j\log4j-core\2.0-beta9\log4j-core-2.0-beta9.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\lwjgl\lwjgl\lwjgl\2.9.1\lwjgl-2.9.1.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\lwjgl\lwjgl\lwjgl_util\2.9.1\lwjgl_util-2.9.1.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\tv\twitch\twitch\6.5\twitch-6.5.jar;C:\Users\MrX\AppData\Roaming\.minecraft\versions\1.8\1.8.jar net.minecraft.client.main.Main --username hername --version 1.8 --gameDir C:\Users\MrX\AppData\Roaming\.minecraft --assetsDir C:\Users\MrX\AppData\Roaming\.minecraft\assets --assetIndex 1.8 --uuid 0666134acd92430692cfc0b673e2b1a5 --accessToken fec496dd13b5498e8cc168a3c9492570 --userProperties {} --userType mojang --nativeLauncherVersion 286

    "C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" -XX:HeapDumpPath=MojangTricksIntelDriversForPerformance_javaw.exe_minecraft.exe.heapdump -Xmx1G -XX:+UseConcMarkSweepGC -XX:+CMSIncrementalMode -XX:-UseAdaptiveSizePolicy -Xmn128M -Djava.library.path=C:\Users\MrX\AppData\Roaming\.minecraft\versions\1.8\1.8-natives-16656397487061 -cp C:\Users\MrX\AppData\Roaming\.minecraft\libraries\java3d\vecmath\1.5.2\vecmath-1.5.2.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\net\sf\trove4j\trove4j\3.0.3\trove4j-3.0.3.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\ibm\icu\icu4j-core-mojang\51.2\icu4j-core-mojang-51.2.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\net\sf\jopt-simple\jopt-simple\4.6\jopt-simple-4.6.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\paulscode\codecjorbis\20101023\codecjorbis-20101023.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\paulscode\codecwav\20101023\codecwav-20101023.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\paulscode\libraryjavasound\20101123\libraryjavasound-20101123.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\paulscode\librarylwjglopenal\20100824\librarylwjglopenal-20100824.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\paulscode\soundsystem\20120107\soundsystem-20120107.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\io\netty\netty-all\4.0.15.Final\netty-all-4.0.15.Final.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\google\guava\guava\17.0\guava-17.0.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\commons\commons-lang3\3.3.2\commons-lang3-3.3.2.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\commons-io\commons-io\2.4\commons-io-2.4.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\commons-codec\commons-codec\1.9\commons-codec-1.9.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\net\java\jinput\jinput\2.0.5\jinput-2.0.5.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\net\java\jutils\jutils\1.0.0\jutils-1.0.0.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\google\code\gson\gson\2.2.4\gson-2.2.4.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\mojang\authlib\1.5.21\authlib-1.5.21.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\com\mojang\realms\1.6.1\realms-1.6.1.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\commons\commons-compress\1.8.1\commons-compress-1.8.1.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\httpcomponents\httpclient\4.3.3\httpclient-4.3.3.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\commons-logging\commons-logging\1.1.3\commons-logging-1.1.3.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\httpcomponents\httpcore\4.3.2\httpcore-4.3.2.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\logging\log4j\log4j-api\2.0-beta9\log4j-api-2.0-beta9.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\apache\logging\log4j\log4j-core\2.0-beta9\log4j-core-2.0-beta9.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\lwjgl\lwjgl\lwjgl\2.9.1\lwjgl-2.9.1.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\org\lwjgl\lwjgl\lwjgl_util\2.9.1\lwjgl_util-2.9.1.jar;C:\Users\MrX\AppData\Roaming\.minecraft\libraries\tv\twitch\twitch\6.5\twitch-6.5.jar;C:\Users\MrX\AppData\Roaming\.minecraft\versions\1.8\1.8.jar net.minecraft.client.main.Main --username hername --version 1.8 --gameDir C:\Users\MrX\AppData\Roaming\.minecraft --assetsDir C:\Users\MrX\AppData\Roaming\.minecraft\assets --assetIndex 1.8 --uuid 0666134acd92430692cfc0b673e2b1a5 --accessToken 98711dcfbecb49b5a09306c5805714e5 --userProperties {} --userType mojang --nativeLauncherVersion 286

    The point here is how to whitelist to prevent pop-ups? Is it advisable to do so?
     
  23. guest

    guest Guest

    do the numbers are fixed or change all the time?
     
  24. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Assuming the whole thing is safe, what is happening is the same as the delete string in Sandboxie. Every time the string is run those strings in red change randomly. Solution is to edit the string and replace the characters in red with the wild card * Then the pop ups will go away.

    As far as advisability. If you really aren't comfortbnle doing that, you shouldn't be running the program. ie, it's just as safe as allowing it all the time.
     
  25. guest

    guest Guest

    what i was going to suggest if the red numbers changes.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.