Yes, the main problem is that folder isn't created, I think RogueKiller doesn't have the rights to. This is strange issue, is it running as Admin?
Yes, I always run it with admin rights. There are no problems with V12 to perform its tasks and create its files/folders. So the issue should be introduced with V13.
Ok...A friend of mine tested the tool on two computers - One with Windows 10 and one with Windows 8.1. On Windows 10 RogueKiller V13 was able to create the folder in the ProgramData folder but on Windows 8.1 it didn't (the same as on my system). On Windows 10 he uses Windows Defender as main antivirus, on Win 8.1 he uses Eset AV + Kaspersky Anti-Ransomware Tool. However he stopped ESET and Kaspersky Anti-Ransomware and V13 still didn't create the folder so the problem should be limited to 8.1 and not because there is incompatibility between V13 and Eset/Kaspersky. I am using Comodo Firewall and Kaspersky Free AV. I disabled them but nothing changed. So you should check if possible the behavior of V13 on Windows 8.1. Regards, Georgi
Ok thanks for letting me know. I don't have any Windows 8.1 machine right now, I'll set up one for testing.
Answer is no. It relies a lot on heuristics (MalPE, Path analysis, etc...), cloud signatures (VT), behavior, and of course signatures too.
Hey, RogueKiller V12.99.10 (V13 BETA 2) is available ! Here's the links to test: https://download.adlice.com/RogueKiller/V13/setup.exe (Installer) https://download.adlice.com/RogueKiller/V13/RogueKiller.exe (Portable 32 bits) https://download.adlice.com/RogueKiller/V13/RogueKiller64.exe (Portable 64 bits) Code: V12.99.10 10/03/2018 ================= - Technician license compatibility - Trusight cleanup at exit - Setup gives the ability to clean license/data at uninstall - Fixed issue where Filescanner was detecting Folders with suspicious path - Backported V12 missing settings (Proxy, Agent) - Backported V12 support form - Now detecting and migrating V12 config file and license - Added Scan mode information in report view and scan progress - Fixed report view for RogueKiller Waiting for your feedback This should be the last private beta, next release will be public beta !
hi, could u make it so it will ignore "safe" called "TCP servename" in RK, its DNS, like quad 9 (9.9.9.9) or cloudflare (1.1.1.1), it seams to pick anything if dns is not default. There is some false positive with google canary (threat suspicious path), appdata\local\google\chrome\chromeSXS\application\71.0.3569.0\notification_helper.exe it also crashed 100% (tested 5 times) on win 7 when scanning firefox nightly (?!) exactly here: appdata\roaming\mozilla\firefox\profiles\6tqy2fax.default\gmp-widewinecdm scanning more drives than C: would be could, can't find option for that (I have like 10 so rogues might be hiding there) that said its a very good application with some false positive issue but I trust it and saved me many times, keep up the good work. Plz consider some perma license option in future
Hey, We will add more DNS soon, so in your case it's just 1.1.1.1 and 9.9.9.9 ? Noted for (appdata\local\google\chrome\chromeSXS\application\71.0.3569.0\notification_helper.exe). As for the crash, did you send crash dump? Is it possible to share privately the profile folder? Scanning more drives will arrive in 13.1 with the Custom scan, you'll be able to pick more folders manually What's perma license? Thanks, EDIT: If you can send the log that would be easier for me to fix.
I've had all sorts of false positive with dns, not just this one, it seams to me any alteration of windows default dns settings gets picked up (from my experience, also tried open dns and hurricane electric). perma: permanent licence, I might be old school but I like to buy and forget but up to you of course about them payment options. My suggestion for the software if u allow me, rollback option as RK will change some registry settings back to default like disable task manager/regedit and threated as malware actions while I have done it myself actually and perhaps protect RK with a password if it becomes active anti-malware. That said if not for the CTD on this host, the application is much faster, good job /crash dump sent
V12.99.11 online @lucidstorm can you tell if still crashing? Code: V12.99.11 10/05/2018 ================= - Fixed a potential crash in FileScanner (COM) - Fixed detection color for PUP/PUM - Fixed FileScanner path scan for folders - Updated documentation link - Added detections
perfecto no crashes and very fast = impressive, previously it would crash on lnk files and firefox components still false-positive on google canary (should I be worried). If I delete the "threat" canary works though (71.0.3569.0\notification_helper.exe mentioned above). Also when u run simultaneous scan with emsisoft emergency rogue killer marks the a2emergencykit.exe [Emsisoft Ltd] as a severe threat (red color). Root.Waja Adw. Appli (downloaded Emsisoft from their site), this issue annoyed me for a long time. These are minor problems.
RogueKiller Anti-Malware 13 adds new scan modes, rewrites scan engine for faster performance October 30, 2018 https://betanews.com/2018/10/30/rog...-rewrites-scan-engine-for-faster-performance/
https://www.adlice.com/download/roguekiller/ ---------------- https://www.adlice.com/docs/roguekiller/updating/signatures-update/
RogueKiller 13.1 is available ! What's new ? - Scheduled scans - Custom scan (scan locations) - Cloud signatures (now separate from the software, downloaded at scan time) - Exclusions (Ability to add a folder/file to exclude) - New notifications - Signatures optimizations - Minor fixes https://www.adlice.com/download/roguekiller/
Free portable version here, no problems. Installed Signatures Package = 20190121_152739.zip -------------------