New Antiexecutable: NoVirusThanks EXE Radar Pro

In a virtual sandbox it's tame, but outside it could behave differently.
It can detect its environment.

 

It depends on the malware, I don't believe a lot of them try to fool SBIE, most of them will simply not run correctly or at all. And that already gives you a clue whether you should run it on the real system. And on top of that, HIPS can also monitor apps who are running sandboxed. So if you only see alerts when running outside the sandbox, then something is wrong.

 

Andeas is NVT, he was pursuing an opportunity, so he might be on a money making project.

It surprises me that he dropped communication completely.

 

I agree Kees.
You don't just abandon your 'babies' altogether when you are a talented developer.
He spent so much time here and also on the other NVT threads.
Seems strange he doesn't pop in every now and again even just to say a Hi and a Howdy

I presume by the deathly silence that noone has had any 'personal communications' with him to confirm what his real plans are ?

 

You guys are going to be super excited when he does return, and in all likelihood he'll drop a new release to make up for the extended absence.

 

I really hope your words are prophet's words, hopefully. I'd be more than happier in this world lol

 

You know or you hope?

 

If Andreas come back without a GUI-based SoB i will kick him to the moon
Im too tired writing rules ^^

 

and some more ideas:
+ integration into the context-menu (Add Folder/Executable to SOB)
a) SOB collects information about all files and is presenting these prepared rules to the user
b) Now the user can edit them or just click "Accept"
c) after accepting SOB is adding them to DLL.DB / Driver.DB / Process.DB
(maybe with an additional check if these rules are already added)
+ switching modes with a right-click on the tray-icon like ERP (+timer 10min/30min/1 hour/...)
+ disable/enable specific protections (DLL/Driver/Process) via tray-icon
+ drivers cross-signed from Microsoft

My last contact was several months ago. After that, all emails => /dev/null
At least the beta of ERP is very stable and has no serious/critical bugs that needs to be fixed.
-----
An enhanced Blacklist for ERP would be nice.
"Blacklist - File Locations / Command-Lines / Parent Process"

 

Others have made this assumption too, and I agree with you.

 

My vulnerable process list. Can someone take a look at it and comment please?

Spoiler: AlertWhiteList

Code:

B67DB709F5FDAA89CA6C2CB6C1E39B3B=C:\Windows\regedit.exe
2F3FED31AC2846D8AD5DBC396A7E3DF1=C:\Windows\SysWOW64\regedit.exe
055CCE830A54C2C1B598E2066F65C9AB=C:\Windows\SysWOW64\msiexec.exe
F4F9FC355B6C729EEB4D69186E0BA93E=C:\Windows\System32\msiexec.exe
9AC75D112F499D1466ADFD96738BF978=C:\Windows\SysWOW64\bitsadmin.exe
707D3D8A2A2F1B8923C383AEF6370AF7=C:\Windows\System32\bitsadmin.exe
9CB8ACC3ACF20C07D99DC41D5E44BAFA=C:\Windows\SysWOW64\vssadmin.exe
D9EE4ACBA0FD5AF721EC2CE5226B5E2E=C:\Windows\System32\vssadmin.exe
F5AE03DE0AD60F5B17B82F2CD68402FE=C:\Windows\System32\cmd.exe
622D21C40A25F9834A03BFD5FF4710C1=C:\Windows\SysWOW64\cmd.exe
E457CB1C6A436873D5E1B5E3EDA71248=C:\Windows\SysWOW64\regsvr32.exe
6994D557AC4E5E5F358C3412C0E866F9=C:\Windows\System32\regsvr32.exe
6C308D32AFA41D26CE2A0EA8F7B79565=C:\Windows\System32\rundll32.exe
8BFE805555CDAF6387912A34D7978DAA=C:\Windows\SysWOW64\rundll32.exe
D536CCCE2A7992688DB76941506EA970=C:\Windows\SysWOW64\wscript.exe
BEAFD6DD127E7798928FA8C4835EED3E=C:\Windows\System32\wscript.exe
3853171F1D9BC8BD3F3E679B0125740D=C:\Windows\SysWOW64\cscript.exe
17E650E888D57AB51E9C3494E49A2045=C:\Windows\System32\cscript.exe
63182B43F5E479840C1C7648042C9F1C=C:\Windows\SysWOW64\diskpart.exe
FC94451298C32170A5DCB8581586585A=C:\Windows\System32\diskpart.exe
B934411DFE7DEACFA95A1255A48133C9=C:\Windows\hh.exe
ED2E7B5224BA827838C012C26A561DDB=C:\Windows\SysWOW64\hh.exe
942FAF084F4417750E5B53613191B1CA=C:\Windows\System32\cipher.exe
B3595442D82ADCB77E05F40356AC0E70=C:\Windows\SysWOW64\cipher.exe
DA66E801F6A77E5FD1EFDA4EFAB3660F=C:\Windows\System32\syskey.exe
C72F56AC33E9F1204528020CD0840A5A=C:\Windows\SysWOW64\syskey.exe
D5F797FC4D5434EB677A09C143962231=C:\Windows\System32\bcdedit.exe
F3EF56F76D69361022B47EF1E6201644=C:\Windows\SysWOW64\wusa.exe
8930570F7F76840334962EFC6C173438=C:\Windows\System32\wusa.exe
FB62A87E7EAF3567F59FF0562906DBD3=C:\Windows\SysWOW64\reg.exe
A3F446F1E2B8C6ECE56F608FB32B8DC6=C:\Windows\System32\reg.exe
159199095C9959BE75E61C0FF947708F=C:\Windows\SysWOW64\iexpress.exe
CA2F3153EF3BCB0BD3A8984C933DF604=C:\Windows\System32\iexpress.exe
3FA76B67F25D84B3C2A4E8A8C0919E6E=C:\Windows\SysWOW64\mshta.exe
A3871DED5ED88F59C0D1396761708F81=C:\Windows\System32\mshta.exe
3BB588C6C4B35DE5C438E8CBADAE0D9B=C:\Windows\SysWOW64\mstsc.exe
789FC70CD6956C3E480630385CBFBE12=C:\Windows\System32\mstsc.exe
0F482667A9E21B73590DC55FF52A726A=C:\Windows\System32\mmc.exe
B316385FD7C1E1CBAD339C33CF3C0409=C:\Windows\SysWOW64\mmc.exe
C554258F7B2D2E80ABB96744D76E31FA=C:\Windows\SysWOW64\netsh.exe
5E1B10477EF43893470C8E4D76CB68F2=C:\Windows\System32\netsh.exe
6343A4BB2F54CC5950DAE2280E199486=C:\Windows\SysWOW64\setx.exe
062DDCA8B2CC2B9EF0A4E27FAA0CCD32=C:\Windows\System32\setx.exe
19F810B1F9ABC04F6E6CB66A2AFB5327=C:\Windows\SysWOW64\PresentationHost.exe
35200D32C398793D85F900B0273E6F43=C:\Windows\System32\PresentationHost.exe
3A84DDB49BF46DD19436ACEFEC71929B=C:\Windows\System32\systemreset.exe
EF8FA4F195C6239273C100AB370FCFDC=C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
C031E215B8B08C752BF362F6D4C5D3AD=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
FE79F0387DFF3417FFDFAB25E103F8F3=C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe
579D1F6B52ADDDB09A75094382D3F6BC=C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe
42701691D2345A67A37E5899DD148285=C:\Windows\SysWOW64\at.exe
5FD22B915C232378E567160D641CC9F2=C:\Windows\System32\at.exe
7999AA6512A538A3BB1DAC08D398869E=C:\Windows\SysWOW64\attrib.exe
116D463D2F5DBF76F7E2F5C6D8B5D3BB=C:\Windows\System32\attrib.exe
CA351630EA88F256B7058B7D118DD831=C:\Windows\SysWOW64\bootcfg.exe
733B68BE10125275664761C421711334=C:\Windows\System32\bootcfg.exe
D3C5EA3BC3DEA379F768050860A54C96=C:\Windows\SysWOW64\ByteCodeGenerator.exe
A28D8409C85320EF7AC2DBBA954F4AA5=C:\Windows\System32\ByteCodeGenerator.exe
2256BC9746D7D020DD98F19CDF0CD43A=C:\Windows\SysWOW64\cacls.exe
D2CDE111F1F7EF8BA469CF980A1A13BA=C:\Windows\System32\cacls.exe
9578C9BD78F531885E3A1979B6F8A9FF=C:\Windows\SysWOW64\NETSTAT.EXE
03624871AACA779A07E4DB0670DDCBE1=C:\Windows\System32\NETSTAT.EXE
50752D2AEDF0E27FF7EFCA584755A203=C:\Windows\SysWOW64\regini.exe
395075C20E663FC622981C9EE3DD5AC4=C:\Windows\System32\regini.exe
9F82D4C1A2CAE60C4D6ECE19B9B1A3FF=C:\Windows\SysWOW64\RunLegacyCPLElevated.exe
517D31BB7C8673F5F3F992656028FD48=C:\Windows\System32\RunLegacyCPLElevated.exe
948BE69F835E0D6C5978978935DDD5A3=C:\Windows\SysWOW64\gpscript.exe
65A87F52C76B0FFD52132AF8CFA7E42B=C:\Windows\System32\gpscript.exe
71F454FDDC36732FA5E0AC6B518DF41F=C:\Windows\SysWOW64\takeown.exe
B4804CA5C860C8210FB894D882E7D33E=C:\Windows\System32\takeown.exe
32983919437EEC5EE9BA31B7F7766C72=C:\Windows\SysWOW64\taskkill.exe
0BDA7EC0A57799EF56854017F57E9F9B=C:\Windows\System32\taskkill.exe
046325408558B6EBF7EFDA3511C5289D=C:\Windows\SysWOW64\UserAccountControlSettings.exe
601679C218E707954A86A693DB9A5326=C:\Windows\System32\UserAccountControlSettings.exe
C0EEC0815A343B93969777DE7EDCAA60=C:\Windows\SysWOW64\wbem\WMIC.exe
28C17798ECB0E8D548CEEDEC6CCE2640=C:\Windows\System32\wbem\WMIC.exe
2BC3C46D9FF5DEACE62D581E905B60FC=C:\Windows\System32\bcdboot.exe
9ACC1BEAE4D314964EFBEC910279D9CA=C:\Windows\System32\bootim.exe
D71E670D8ABA49FCD8570CDE2ED6CCF0=C:\Windows\System32\bootsect.exe
E848C527736B577F535C6750401AF2D5=C:\Windows\System32\quser.exe
2A488C54E43AACE58DAE37C0D0161945=C:\Windows\WinSxS\amd64_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.3.9600.17415_none_08bc83387855a8e1\Journal.exe

A43BA35AE0211496848666D0F7D8D715=C:\Windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
242442835D9CC7B75557DC4492E860BB=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ngen.exe
C7C7173564C3C84EFF3EF441900A125F=C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C10D258FC00671E0C68E8E51A311B225=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
659DC1C25F742633428FF5F4D4E5E543=C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
3521BA745C5D03F5E26CD62A7E67037A=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\vbc.exe
49E85D74F61CA93F44CED9B9EB241EF3=C:\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
DBBD7B2FF7826653C52A5F0F92B805BF=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ilasm.exe
458ABFBE6584486F4233594FA18814EB=C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
98F22A89D5AEF3E42DC5FBC465B98CFE=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe
7C6A11E80FE4E837219A880E7C8C62F7=C:\Windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
E402BC6B03F7C6C878178D214BEF9757=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe
AB67A82B60EECA985CC91FDAB03663A0=C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
05BA87F1516D24A5B0E19461B5C3AF32=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\RegSvcs.exe
DFDFD4255F959D860D0343E05D353296=C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
BCD38C354E785F121E9A8F52CDE987B8=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\RegAsm.exe
40B5345FF645F149C5CA677442A5FF0D=C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
820A162E0093895DF5F197B58A104368=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_compiler.exe
9B167479236A1232B4BFC3C4B59AD7DA=C:\Windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
5BF1DA190B1ED999C24DCAA3FD2C15DA=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\MSBuild.exe
57873746FBD36C12D574559275D4976F=C:\Windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
2BC7EE90A2D8017392A17FB953C2EDA0=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dfsvc.exe
0ACA1AC0E70EDD8C44854AAE627F5D60=C:\Windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
53251FA6FAE01C5DA836E006E4409C77=C:\Windows\Microsoft.NET\Framework64\v2.0.50727\jsc.exe

276A35B2EA237DD1EA420EB03D4F0CC3=C:\Windows\Microsoft.NET\Framework\v3.5\vbc.exe
281ED6284A182147ED1AE502C8D1D69A=C:\Windows\Microsoft.NET\Framework64\v3.5\vbc.exe
747C1C3EC29982856B3899782181DEAD=C:\Windows\Microsoft.NET\Framework\v3.5\csc.exe
20E52970180F1E3B47AE06471232DA6A=C:\Windows\Microsoft.NET\Framework64\v3.5\csc.exe
667A9F2D1D7D8FF0B088DC118D6E7F35=C:\Windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
F2EECF4C7208D6069E0E11C760AD7C6A=C:\Windows\Microsoft.NET\Framework64\v3.5\EdmGen.exe
0653B51FE3E822CB95619D9E6388E37F=C:\Windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
044CB423EEF5F1C1EE746DB33A8AE8E4=C:\Windows\Microsoft.NET\Framework64\v3.5\MSBuild.exe

80458B6F3AD03E91D251886EA6E43DB7=C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
E09375E6C071059E987D2895AEBC127A=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
350C510CA8D8C425944EEEB3D346E64B=C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe
09D35AEF39E3A2F679AC4DC8D56FFAAD=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
2F59E01571184098075B7AFA4B88D86E=C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
358211FA9ADE1F6DE7FE08EF9513CA5C=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
F2D67EB6DEB0BDE3904510E16305B3AD=C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
5C65C8DB1BE9B8BF5AAC77F91C1E7459=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\vbc.exe
700AF30605BA89EF7C7DD2A8842040EE=C:\Windows\Microsoft.NET\Framework\v4.0.30319\ilasm.exe
8119D822D3D9822F8B7931583F156D45=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ilasm.exe
F1EE3CA47A879591A0620C787074C1C3=C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
047ADAE7A966CB1DDC84E3DBB49FACCD=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
A6416F4DE48C0E0356063776D9BD83C0=C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
9207920FE7A7721BAD213E1B223F4446=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe
44E42862B13BD5101E811D743992ABC9=C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
D5248109B73C712FF3AB414CDEF72F99=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegSvcs.exe
8AC456013A834BFAEFEE7F306D302EA9=C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
0D8ECF8A9CCE1E589DC0DFC7327293AF=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe
044B6A6D700881E87B56025EA8DC348C=C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
78BFD2821C5C041DBCE85F2BC4B83483=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_compiler.exe
1CD8DCF590A866DF9E75F2E91138EDA4=C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
AC12F910E2C1B9237EE19B9F5B433A97=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe
B78148E0B43FC775FDED24CC164A7397=C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe
5CDFC00FB147E86BAEBB8EDC29AAF63C=C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe

 

There is nothing wrong with thist list.

Some suggestions for Vulnerable Processes:

Spoiler: Vulnerable Processes

// "Fileless" UAC Bypass using Eventvwr.exe is possible
// (but UAC level to “Always Notify” should mitigate this)
C:\Windows\System32\eventvwr.exe

C:\Windows\System32\tasklist.exe
C:\Windows\SysWOW64\tasklist.exe
C:\Windows\System32\PING.EXE
C:\Windows\SysWOW64\PING.EXE
C:\Windows\System32\whoami.exe
C:\Windows\SysWOW64\whoami.exe
C:\Windows\System32\ipconfig.exe
C:\Windows\SysWOW64\ipconfig.exe
C:\Windows\System32\sc.exe
C:\Windows\SysWOW64\sc.exe

// Java
C:\Program Files\Java\jre1.8.0_102\bin\java.exe
C:\Program Files\Java\jre1.8.0_102\bin\javaw.exe
C:\Program Files (x86)\Java\jre1.8.0_102\bin\java.exe
C:\Program Files (x86)\Java\jre1.8.0_102\bin\javaw.exe

 

Thanks @mood

Added now!
Except this one, eventvwr.exe as I don't use UAC at all. So if I add it to Vuln. Proc. I think is meaningless, isn't it?

 

Then you don't have to add it.
----
For sc.exe you may get one or two alerts while installing/deinstalling AG, or using .cmd-files from the Excubits-tools ("sc query ...")

 

Thanks.

 

Wow, this is a very extensive list. Do you often get alerts, and does it interfere with normal OS operations? So far, I have chosen to add only the most "popular" apps to the list. BTW, this is also an interesting article:

https://sentinelone.com/blogs/the-truth-about-whitelisting/

 

So far, none for Vulnerable Processes list. Neither alerts nor normal OS operations, with exception of some .net framework processes which triggered lots of alert popups. Hence I added some to CommandLineWhiteListWildcard database. Now ERP is mostly quiet:

Spoiler: CommandLineWhiteListWildcard

Code:

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" ExecuteQueuedItems 2 /LegacyServiceBehavior
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe" ExecuteQueuedItems 2 /LegacyServiceBehavior
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" RemoveTaskDelayStartTrigger /LegacyServiceBehavior
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe" RemoveTaskDelayStartTrigger /LegacyServiceBehavior
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" ExecuteQueuedItems /LegacyServiceBehavior
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe" ExecuteQueuedItems /LegacyServiceBehavior
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe" install *
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" install *
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe" uninstall *
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" uninstall *
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\NGenTask.exe" /RuntimeWide /StopEvent:*
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\NGenTask.exe" /RuntimeWide /StopEvent:*
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\NGenTask.exe" /StopEvent:*
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\NGenTask.exe" /StopEvent:*
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -StartupEvent * -InterruptEvent 0 -NGENProcess * -Pipe * -Comment "NGen Worker Process"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent * -InterruptEvent 0 -NGENProcess * -Pipe * -Comment "NGen Worker Process"
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\NGenTask.exe" /RuntimeWide /Critical /StopEvent:*
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\NGenTask.exe" /RuntimeWide /Critical /StopEvent:*

If you want to be fully protected you have to tweak apps bit more, as usual with any security app. Popular settings are for most novice users at expense of security though.

 

Sorry to chime in guys...but is "EXERadar_Pro_x86_x64_v3.1_24062015_BUILD1.exe" compatible with Windows 10?

Just going to the settings and noticed a "Windows 8 Start Screen" type option...and it sort of clicked in my head that this program hasn't been updated in a while and might be incompatible with Windows 10.

 

Sorry again, I also have a follow-up question about the "How do you want to handle signed processes" option.

Do the settings here over-ride the pop-up prompt?
I want the prompt to make the decision myself. It shouldn't be an automatic decision made in the background.

For example, there are two "Allow all signed processes signed..." options.
Am I right in assuming I won't get a pop-up asking what I want to do with a new exe?
Like it will automatically let these "signed processes" run.

Then there is the "Do not allow signed processes" option.
Again, am I right in assuming I won't get a pop-up prompt if I check this option?
Like it will automatically block exe's if they're signed?

In my current ignorant state, the "Do not check if a process is signed" looks like the best option for my needs.
I'm assuming here this will force the program to not care about signing and prompt me about all new exe's.

 

I'm using it on Win10 (1511) with no issues that i can tell

 

yes, this prompts - so does the 2nd option, but i guess it still checks to for a signature. you can also use the "trusted vendor" option and just delete the list. so take your pick... I use a short "trusted vendor" list - a bit less secure, but I've found it much easier to setup/maintain

 

Thanks for that report. Still testing Windows 10 here but not yet installed NVT-ERP. Looks like it will be ok AS-IS (old version)

 

you're welcome - I haven't tested on AU, but I'm sure we'd hear about it here if there was an issue

 

I don't expect anything out of the ordinary really and am quite surprised as well as impressed in how Microsoft has improved compatibility across various apps that before times would clash and throw off balance your desired security setups.

So far much more reliable with Windows 10.

 

I just installed it on my Xiaomi MiPad 2 Windows 10 tablet.
I've done lots of software installation & restarts. So far, I see no problem.

But is it correct to assume the latest build was never actually designed for Windows 10?