User Review NoVirusThanks ExeRadar Pro v2.7

Discussion in 'Technology Reviews' started by Umbra, Dec 30, 2013.

  1. Umbra

    Umbra Moderator
    Staff Member

    Joined:
    May 16, 2011
    Messages:
    15,325
    Likes Received:
    19,978
    OS:
    Windows 10
    AV:
    Default-Deny
    Name of Software/Product:
    NoVirusThanks ExeRadar Pro
    Advantages:
    - Very Light on system responsiveness
    - High level of protection given by well-thought features.
    - Very simple to use
    - Very responsive support team, very open to suggestions
    Disadvantages:
    - Beginners may find the numbers of alerts dissuasive, but this is the purpose of all Anti-Executable/HIPS.
    Bottom Line:
    ERP is a young but very well designed product, it will give you a high level of protection and control over the processes running on your system. I like its simplicity and lightness.
    I highly suggest you to try it.
    Homepage

    Hi guys,

    Today i will review NVT ExeRadarPro (aka ERP).

    ERP is an Anti-Excutable, this kind of softwares monitors every processes/executable that start or run in your system, if one of them appears to be suspicious/malicious; depending the rules, it will block it or generate an alert and ask for your decision to allow/block the process.

    Anti-executable are simpler than HIPS (which monitors a broader range of processes including DLLs)

    Let's go for a tour (on my Windows 8 Pro x64)

    1- Resources Usage

    ERP uses only 2 processes, it is very light on my system responsiveness, that is a big "plus".

    [​IMG]


    2- Interface & Tray Icon

    ERP interface is quite simple and easy to use, you don't have to be a computer expert to use it. The tray icon shows some basic options.

    [​IMG]

    Status

    This tab, shows you the main status and informations about your version of ERP.

    Processes

    This tab shows you all active processes running on your system with detailed infos. A right click on a process display many options related to that process.

    [​IMG]

    I like the "search hash on Virus Total " (Virus Total is a security website that scan online a uploaded process against 40+ antivirus engines to determine if it is malicious or clean), so ERP can check directly for you.

    I also appreciate the "Terminate Process" in case of infection, you can kill malicious process that may hamper your accessibility to the system.

    Blacklist

    [​IMG]

    This tab will show you all the blocked processes then you can manage them.

    Whitelist

    [​IMG]

    Here will appear all the whitelisted (trusted) processes, once there the processes will not generate any alert anymore. You have some Sub-Tab:

    - Command Line/Command Line (Wildcards): here you set the whitelisted processes via Command Line and also via Wildcards.
    - Parent Proceses: Here will be shown the parent processes allowed to launch applications.
    - Folders: if you trust a whole folder, you can add it here.
    - No Hash Check: if you want avoid the hash check for some processes, this is the place where you add them.

    Vulnerable Processes

    Here ERP will displays all processes it deems vulnerable to infections, any processes here will be monitored even if you whitelist them (so they will always generate an alert if accessed).

    [​IMG]

    Tip: if you are an advanced user and you know how to differentiate a legit access from a malicious one, you can remove them from the list, so you will not have alerts from them anymore.[/color]

    Quarantined Processes

    Here goes the malicious processes quarantined by ERP, you can manage and remove them in case of False Positive.

    [​IMG]


    Password Protect Passwords

    Here you will set a Password and will need to use it to execute any processes you add there.
    For example, you can set a password to deny anyone to launch a sensitive application/software/process.

    [​IMG]



    Temporary Allow

    Here will be displayed the processes allowed to to run until the next reboot; you will mostly use this tab for testing some processes.

    [​IMG]



    Events

    Here will be displayed all the recents events that ERP acted on. It is mostly an history of what happened on ERP.

    [​IMG]




    3- Settings

    This is the options, it is divided into sub-sections, i will describe some of them below:


    General

    [​IMG]

    an interesting options is to allow ERP to allow all process automatically from Windows or Program Files folder; to minimize the number of prompts.


    Advanced

    [​IMG]

    this settings is mostly for block processes from external medias/drives, you can also allow all "signed softwares" to reduce the numbers of alerts.

    Idle

    here you can set ERP to perform an action in a selected time in case of inactivity.

    Policies

    here you can set ERP to be on Lockdown Mode (block any unknown processes not whitelisted) or Trusted Mode (allow any unknown processes not blacklisted)

    Popups

    Here you can set ERP to show the popups alerts when a process is blocked, for how long or exlude a process to generate a popup.

    Password

    here you will set a password to deny other users to modify your settings.

    [​IMG]


    Protection

    Here you will ser ERP to restore Realtime Protection or Lockdown Mode after a defined time if they are disabled.

    Stealth Mode

    Here you will set ERP to be invisible to other users via a hotkey and also lock CD-Roms while in Stealth Mode. useful if you don't want ERP to be known by other users (ex: school computers).

    Quarantine

    here you will set the path of the quarantined processes

    Logs

    Here you can allow the events logging, set the path of the log, and authorize it deletion on shutdown.

    Sound

    Here you can select a sound (system or custom) when a popup is made or when a process is blocked

    Debug

    Here you can generate a debug file , (mostly requested by ERP developers if you have an issue)


    4- Utilities

    Here are shortcuts to some Windows utilities.

    [​IMG]


    i will update this post if new infos are available or if i missed something important.


    Thanks to Andreas from NoVirusThanks for his complementary infos.
     
    #1 Umbra, Dec 30, 2013
    Last edited: Jan 7, 2014
    Niente, frogboy, Oxygen and 13 others like this.
  2. Umbra

    Umbra Moderator
    Staff Member

    Joined:
    May 16, 2011
    Messages:
    15,325
    Likes Received:
    19,978
    OS:
    Windows 10
    AV:
    Default-Deny
    Review i did on another websites but updates & correction on work
     
    #2 Umbra, Dec 30, 2013
    Last edited: Dec 30, 2013
  3. venustus

    venustus Level 40
    Trusted

    Joined:
    Dec 30, 2012
    Messages:
    2,938
    Likes Received:
    12,520
    OS:
    Windows 10
    AV:
    Kaspersky
    How is compatability with software like Kaspersky/Eset?
    Thanks!
     
    Cats-4_Owners-2 likes this.
  4. Umbra

    Umbra Moderator
    Staff Member

    Joined:
    May 16, 2011
    Messages:
    15,325
    Likes Received:
    19,978
    OS:
    Windows 10
    AV:
    Default-Deny
    you dont need since KIS/ESET has HIPS than monitor a wider range of items; anti-executables are lighter and easier to use.
     
    Niente, Cats-4_Owners-2 and venustus like this.
  5. venustus

    venustus Level 40
    Trusted

    Joined:
    Dec 30, 2012
    Messages:
    2,938
    Likes Received:
    12,520
    OS:
    Windows 10
    AV:
    Kaspersky
    Thanks for clarifying, Umbra!
     
    frogboy likes this.
  6. kjdemuth

    kjdemuth Level 8

    Joined:
    Jan 17, 2013
    Messages:
    374
    Likes Received:
    443
    ERP and voodooShield two great AE. ERP is more for experienced users since it has more informative prompts. VoodooShield is kind of set and forget. It also has the ability to run process through VT. Which is very helpful in checking a process possible detection.
     
    qftest, Cats-4_Owners-2 and Umbra like this.
  7. Moose

    Moose Level 22

    Joined:
    Jun 14, 2011
    Messages:
    2,274
    Likes Received:
    1,168
    Waiting on NoVirusThanks ExeRadar Pro for Windows 8.1! That is x64 Bits Operating System.
    X86 Bits O.S. is ready!
     
    Cats-4_Owners-2 likes this.
  8. BoraMurdar

    BoraMurdar Super Moderator
    Staff Member

    Joined:
    Aug 30, 2012
    Messages:
    5,528
    Likes Received:
    19,374
    OS:
    Windows 7
    AV:
    ESET
    What about this one? It's like running processes checker + cloud anti-exe or somethin'
    http://www.crystalsecurity.eu/
     
    Cats-4_Owners-2 likes this.
  9. Umbra

    Umbra Moderator
    Staff Member

    Joined:
    May 16, 2011
    Messages:
    15,325
    Likes Received:
    19,978
    OS:
    Windows 10
    AV:
    Default-Deny
    Too buggy at the moment and dependent of VT.
     
    Cats-4_Owners-2 likes this.
  10. kjdemuth

    kjdemuth Level 8

    Joined:
    Jan 17, 2013
    Messages:
    374
    Likes Received:
    443
    NVT ERP is available and running well on win 8.1 64 bit.
     
    Cats-4_Owners-2 likes this.
  11. Exterminator

    Exterminator Super Moderator
    Staff Member

    Joined:
    Oct 23, 2012
    Messages:
    11,553
    Likes Received:
    39,520
    OS:
    Windows 10
    AV:
    Kaspersky
    We have spoiler tags now? Was hoping this would get put in place saves a lot of room on the boards.

    Thanks for the great review once again Umbra!!
     
    Cats-4_Owners-2 likes this.
  12. Umbra

    Umbra Moderator
    Staff Member

    Joined:
    May 16, 2011
    Messages:
    15,325
    Likes Received:
    19,978
    OS:
    Windows 10
    AV:
    Default-Deny
    I confirm ^^
     
    Cats-4_Owners-2 likes this.
  13. kjdemuth

    kjdemuth Level 8

    Joined:
    Jan 17, 2013
    Messages:
    374
    Likes Received:
    443
    Can't wait for version 3 to be out. That along with Voodooshield ver 2 and Malwarebytes Anti-Malware ver 2. Happy times ahead.
     
    Cats-4_Owners-2 likes this.
  14. Umbra

    Umbra Moderator
    Staff Member

    Joined:
    May 16, 2011
    Messages:
    15,325
    Likes Received:
    19,978
    OS:
    Windows 10
    AV:
    Default-Deny
    Im using v3 since few days, will update the thread when it will be officially released.
     
  15. kjdemuth

    kjdemuth Level 8

    Joined:
    Jan 17, 2013
    Messages:
    374
    Likes Received:
    443
    Any idea when it will be coming out?
     
  16. Umbra

    Umbra Moderator
    Staff Member

    Joined:
    May 16, 2011
    Messages:
    15,325
    Likes Received:
    19,978
    OS:
    Windows 10
    AV:
    Default-Deny
    No idea at all because it is not a public beta, more a pseudo closed one
     
  17. Moose

    Moose Level 22

    Joined:
    Jun 14, 2011
    Messages:
    2,274
    Likes Received:
    1,168
    Umbra Polaris, Could you show us to set up NVT ExeRadarPro Version 3? For X64 Bits O.S.?When it is really? Kind regards!
     
    Cats-4_Owners-2 likes this.
  18. Umbra

    Umbra Moderator
    Staff Member

    Joined:
    May 16, 2011
    Messages:
    15,325
    Likes Received:
    19,978
    OS:
    Windows 10
    AV:
    Default-Deny
    yes i will do a small guide
     
  19. Moose

    Moose Level 22

    Joined:
    Jun 14, 2011
    Messages:
    2,274
    Likes Received:
    1,168
    Kind regards, can wait! ;) Thanks!
     
  20. conceptualclarity

    Trusted

    Joined:
    Aug 23, 2013
    Messages:
    743
    Likes Received:
    1,955
    AV:
    ESET
    These kinds of programs seem like a lot of trouble. Are they worth it?

    I believe NoVirusThanks is a first-rate company.
     
    Cats-4_Owners-2 likes this.
Loading...
Other threads that you may like Forum Date
NoVirusThanks YaGuard Other Security for Windows Apr 18, 2017
Video Review "Bypassing" NoVirusThanks EXE Radar Pro Video Reviews Apr 16, 2017
Help Me Decide Compliment Windows Defender: Zemana AM, NoVirusThanks or VoodooShield? War Room Archive Jan 21, 2017