NoVirusThanks EXE Radar Pro turns Freeware

[AtlBo]

The parent settings is very cool, because it gives you much more granular control over what your whitelisted processes are doing. You will figure it out right away.

Sounds very cool . Thanks for the information @shmu26.

 

[Aktiffiso]

Hey i understand the betas are free and the stables are paid

 

[shmu26]

Hey i understand the betas are free and the stables are paid

If we are talking about what it publicly available right now, the beta is free and is also better than the stable.

 

[AMD1]

Hi,

I have version 3 ( not beta) and its on alert mode. When i come home from work and login to windows, its blocking what looks like Kaspersky Total Security from updating as there are notifications from KTS advising that the update failed. Is there a command line or parent process i need to add ?

NB I have whitelisted all Program Files & Program(x86) Files and c\Windows processes.

Any help appreciated.

Thanks

Andy

 

[shmu26]

1 Take a look in the ERP log window, and see if there are any blocked events.

2 Try this: reboot your computer, open Kaspersky, and start up a manual update. See what happens. Even if there is no new update available, Kaspersky will check for its availability.

3 Next time your computer is closed for 12 hours or more, there should be an actual Kaspersky update available, so do 2 again, and see what happens when the update installs.

I have used KIS+ERP without issues, so I don't think ERP is the problem.
Kaspersky does not run a downloaded executable file when it installs signature updates, so ERP should sit quietly on the side while it all happens.

 

[AMD1]

1 Take a look in the ERP log window, and see if there are any blocked events.

2 Try this: reboot your computer, open Kaspersky, and start up a manual update. See what happens. Even if there is no new update available, Kaspersky will check for its availability.

3 Next time your computer is closed for 12 hours or more, there should be an actual Kaspersky update available, so do 2 again, and see what happens when the update installs.

I have used KIS+ERP without issues, so I don't think ERP is the problem.
Kaspersky does not run a downloaded executable file when it installs signature updates, so ERP should sit quietly on the side while it all happens.

Hi,
1. No blocked events
2. Re-booted and run KTS update ok
3. yet to check

Seems it only happens when it logs off and i have to log back on to my PC

 

[shmu26]

Hi,
1. No blocked events
2. Re-booted and run KTS update ok
3. yet to check

Seems it only happens when it logs off and i have to log back on to my PC

I am just guessing, but maybe your internet connection comes back kind of slow when you log back on, and Kaspersky is already trying to get an update before there is internet, so it fails.

 

[Mr.X]

I have version 3 ( not beta) and its on alert mode.

Then try the latest beta: http://downloads.novirusthanks.org/files/EXERadar_Pro_x86_x64_v3.1_24062015_BUILD1.exe

 

[shmu26]

Then try the latest beta: http://downloads.novirusthanks.org/files/EXERadar_Pro_x86_x64_v3.1_24062015_BUILD1.exe

Excellent idea. The beta is much better, because it gives you a ready-made list of vulnerable processes.

 

[AMD1]

Hi,

I have just logged into my PC after approx. 18hrs and what flashed up in alert mode was the following :

rundll32.exe AppXDeploymentExtensions.OneCore.dll,ShellRefresh

I have added this as a whitelisted command line rightfully or wrongfully ?

It seemed as though KTS had attempted a number of updates whilst not logged on which were unsuccessful. When i am loggod on there are no issues.

Andy

 

[shmu26]

Hi,

I have just logged into my PC after approx. 18hrs and what flashed up in alert mode was the following :

rundll32.exe AppXDeploymentExtensions.OneCore.dll,ShellRefresh

I have added this as a whitelisted command line rightfully or wrongfully ?

It seemed as though KTS had attempted a number of updates whilst not logged on which were unsuccessful. When i am loggod on there are no issues.

Andy

That command line looks perfectly normal and safe to me.

By the way, it is very common with ERP to get command lines with random character strings in them. If you want to permanently whitelist them, just edit them by putting a * instead of the random characters, wherever they appear.

 

[AMD1]

Thanks shmu26,

I have whitelisted the process for the minute and all seems ok.

Funny though, why does it not have a path of C\ in front of it ?

 

[AMD1]

Would i be better to have the beta version 3 rather than the stable version ?

Not sure what differences there are between the two.

 

[shmu26]

Maybe that part of the command line was not displayed because there was not enough room in the display box. Sometimes you have to scroll horizontally, if you know what I mean, to see the whole string. If you did not whitelist the whole string, it probably will not work.

 

[shmu26]

Would i be better to have the beta version 3 rather than the stable version ?

Not sure what differences there are between the two.

The main difference I know of is that the beta has a ready-made list of vulnerable processes. That's your exploit protection.
With the stable version, the list is empty and you need to populate it yourself if you want that kind of protection.

 

[AMD1]

Hi,

I have whitelisted the following command line but unsure if safe to do so:

rundll32.exe AppXDeploymentExtensions.OneCore.dll,ShellRefresh

Any reassurance would be appreciated.

Thanks

Andy

 

[shmu26]

Looks safe to me

 

[AMD1]

Thanks shmu26

 

[shmu26]

The AppXDeploymentExtensions commands are pretty common. They are for the Windows 10 apps or whatever you want to call them. If you get too many command lines like that, trying making a wildcard that will cover them all.

 

[AMD1]

Can i make a wild card with this as its not followed by a series of numbers etc:

rundll32.exe AppXDeploymentExtensions.OneCore.dll,ShellRefresh

Or do i just add "" at the end ?