NoVirusThanks EXE Radar Pro turns Freeware

Status
Not open for further replies.
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
blueblackwow65 said:
How is this program compared to Crystal security?
Click to expand...
NVT ERP is a totally different concept. It does not scan anything. It is an anti-executable that only allows processes to run if they are whitelisted.
 
  • Like
Reactions: AtlBo
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
that's fine.

If it keeps bugging you about a certain program over and over again, and you know the program is clean, so whitelist the main exe file of it, under the "parent process" tab.

And in settings, disable updates, or it will update you to the paid version.
 
  • Like
Reactions: AtlBo
B

blueblackwow65

Level 23
Verified
Well-known
Dec 19, 2012
1,250
Ok Thks did not know about parent process, i keep getting a prompt for a run32.dll file when faststone viewer opens a photo.
 
  • Like
Reactions: AtlBo
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
blueblackwow65 said:
Ok Thks did not know about parent process, i keep getting a prompt for a run32.dll file when faststone viewer opens a photo.
Click to expand...
the run32 is a vulnerable windows process so you can't totally whitelist it (because it can be hijacked by malware).
But you can make faststone a parent process, and that should help.
 
  • Like
Reactions: AtlBo
D

Deleted member 178

Av Gurus said:
Does anybody know is this program is still in progres or not?
Too long is the same version in BETA.
Click to expand...

halted

SHvFl said:
Dev is gone for a while now. Someone said he had a project and when he is done with it he will be active again but i would not hold my breath.
Click to expand...

It was me :D

the dev is actually working on a customized version of Smart Object Blocker for a contractor.
 
  • Like
Reactions: AtlBo, ravi prakash saini, _CyberGhosT_ and 2 others
D

Deleted member 178

void011 said:
I use FreeDownloadManager which needs to install its extension to browser. Mine is Opera.
Eachtime I launch the browser, ERP (alert mode) always prompts for the command line calling FDM from parent process Opera, though I've already whitelisted the cmd line (I suppose it changes everytime).

How do I completely whitelist this?
Click to expand...

by putting this character * instaed of the changing part of the command line

example : C:\idiot.exe -123 become C:\idiot.exe*

better post here the full line so i can see how to change it.
 
  • Like
Reactions: AtlBo, _CyberGhosT_ and void011
void011

void011

Level 2
Verified
Nov 25, 2015
51
As I understand, I should put * after browsernativehost.exe and remove the rest?
Edit: Tried, didn't work :D
C:\WINDOWS\system32\cmd.exe /c "C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/browsernativehost.exe" --parent-window=0 chrome-extension://ahmpjcflkgiildlgicmcieglgoilbfdp/ < \\.\pipe\chrome.nativeMessaging.in.956c10a40d8418eb > \\.\pipe\chrome.nativeMessaging.out.956c10a40d8418eb
 
  • Like
Reactions: AtlBo
D

Deleted member 178

CC:\WINDOWS\system32\cmd.exe /c "C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/browsernativehost.exe" --parent-window=0 chrome-extension://ahmpjcflkgiildlgicmcieglgoilbfdp/ < \\.\pipe\chrome.nativeMessaging.in.956c10a40d8418eb > \\.\pipe\chrome.nativeMessaging.out.956c10a40d8418eb
Click to expand...

because it is cmd.exe; it is a vulnerable process so you will always get an alert for it. only choice is to remove cmd.exe from vulnerable process list, but by doing this you will reduce ERP protection. i
 
  • Like
Reactions: AtlBo
void011

void011

Level 2
Verified
Nov 25, 2015
51
I tried replacing the 2 numberal strings by * and it worked :)
C:\WINDOWS\system32\cmd.exe /c "C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/browsernativehost.exe" --parent-window=0 chrome-extension://ahmpjcflkgiildlgicmcieglgoilbfdp/ < \\.\pipe\chrome.nativeMessaging.in.* > \\.\pipe\chrome.nativeMessaging.out.*
 
  • Like
Reactions: AtlBo and Deleted member 178
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
blueblackwow65 said:
If I am using 360TS with this which options under custom settings can i uncheck when using NVT? Thks
Click to expand...
are you still using Qihoo with NVT ERP, and if so, what has been your experience?
anything you would advise to someone who wants to try the same setup?
 
  • Like
Reactions: AtlBo
TheMalwareMaster

TheMalwareMaster

Level 21
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
I can't find a download link for the Free version, can you link it please?
 
Last edited:
  • Like
Reactions: AtlBo
Status
Not open for further replies.

Similar threads

lokamoka820
    • Like
Serious Discussion What is the Best Alternative to Patch My Pc?
Replies
16
Views
670
System utilities
roger_m
R
lokamoka820
    • Like
New Update Trellix Stinger (formerly McAfee Stinger) Updates Thread
Replies
8
Views
527
Other security for Windows, Mac, Linux
lokamoka820
lokamoka820
lokamoka820
    • Like
New Update Windows 11: optional update KB5043145 restores removed Start feature and more
Replies
2
Views
487
Windows 11
lokamoka820
lokamoka820

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top