Q&A Regarding on NVT EXE Radar PRO?

jamescv7

Level 61
Verified
Joined
Mar 15, 2011
Messages
12,638
OS
Windows 10
Antivirus
Microsoft
#21
@Davidov: What do you mean? Voodoshield provide as much as possible an anti-exploit functionality that blocks any possible scripts to execute same goes to NVT too.
 

CMLew

Level 23
Verified
Joined
Oct 30, 2015
Messages
1,212
OS
Windows 10
Antivirus
Default-Deny
#22
@Davidov: What do you mean? Voodoshield provide as much as possible an anti-exploit functionality that blocks any possible scripts to execute same goes to NVT too.
I thought NVT by itself is a pure anti-executable?
 

Azure Phoenix

Level 22
Verified
Joined
Oct 23, 2014
Messages
1,145
#24
@Davidov: What do you mean? Voodoshield provide as much as possible an anti-exploit functionality that blocks any possible scripts to execute same goes to NVT too.
Apparently VoodooShield had integrated a basic anti-exploit function. I don't think EXE Radar Pro has that, at most what it does have is the "Vulnerable process" function which I think could help protect processes from being exploited. Though other users like @Umbra and @hjlbx could confirm or deny that.
 

CMLew

Level 23
Verified
Joined
Oct 30, 2015
Messages
1,212
OS
Windows 10
Antivirus
Default-Deny
#26
Apparently VoodooShield had integrated a basic anti-exploit function. I don't think EXE Radar Pro has that, at most what it does have is the "Vulnerable process" function which I think could help protect processes from being exploited. Though other users like @Umbra and @hjlbx could confirm or deny that.
That's what I thought too.
Possibly what could happen is that in NVT you can whitelist them and put it into vulnerable process. Then set it to alert mode. But that's about it.
Correct me if I'm wrong. :oops:

Anyway, side topic here.
Another question on NVT too.

Recently I've been updating softwares like ZAM, EIS and such.
I realise when NVT set to Alert mode, it prompt twice: one is exe and another one is TMP.
Is that normal? Thought NVT wouldn't block/alert those non-exe?
 

Umbra

Level 85
Content Creator
Verified
Joined
May 16, 2011
Messages
18,419
OS
Windows 10
Antivirus
Default-Deny
#27
NVT doesn't block exploit, but it monitors the child processes, that is maybe why the tmp files are detected.