Jump to content


  • Posts

  • Joined

  • Days Won


Pilis last won the day on January 2 2019

Pilis had the most liked content!


3 Neutral

Profile Information

  • Gender

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. This came with update 2018.12 and is no phishing but a new browser extension to better prevent phishing: https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/ https://help.emsisoft.com/en/1974/emsisoft-browser-security/
  2. Still no bloat I would say. The extension is not 100% needed but "only" recommended for EAM users since it adds to the phishing protection. The existing surf protection based on DNS-requests will still be available. (And of course is still needed to block network requests by malware.) The extension is also only ~90KBs. What would be bloat imho and much more invasive is adding some sort of MITM, deep packet inspection, intercepting SSL-certificates in the browser and stuff.
  3. The blog post is online now: https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/
  4. Yes, it is legit and from Emsisoft. I guess the blog post annoucing the changes with version 2018.12 has been delayed a bit. Here you can read some more information about it: https://malwaretips.com/threads/emsisoft-browser-security.88869/ (Written by Fabian Wosar who is Emsisoft's CTO.)
  5. Just for completeness, not really an issue: There are two other processes which show up as N/A just like the "Memory Compression" process. Registry: Has been introduced with Windows 10 Build 17063 in December last year. So if you have updated to the latest Windows 10 version 1803 (RS4) it will show up in the task-manager. It basically just holds the memory of the registry hives: https://blogs.windows.com/windowsexperience/2017/12/19/announcing-windows-10-insider-preview-build-17063-pc/ (somewhere at the bottom, search for "Registry Process") Secure System: This process only shows up if you enable the Hyper-V feature. It holds the Hyper-V container (VSM). Check here for more infos: https://df-stream.com/2017/08/memory-acquisition-and-virtual-secure/ & https://deploymentresearch.com/Research/Post/490/Enabling-Virtual-Secure-Mode-VSM-in-Windows-10-Enterprise-Build-10130 EDIT: Woops, sorry. Looks like this has been reported already: https://support.emsisoft.com/topic/29477-build-8631-na-entries-in-bb-list/
  6. Still valid with 2017.4.0.7424. (I know it's a very minor issue, just mentioning.)
  7. This is the process which shows the amount of memory which has been compressed through the memory compression feature introduced in Windows 10. Originally this compressed memory (stored in "compression stores") was located in the "System"-process’s working set. With Win 10 1607 (Anniversary Update) this compressed memory has been split up into a separate process called "Memory Compression" to account for the general confusion why the "System"-process has been so "memory-greedy" compared to Win 8.1. This process is hidden in the default Task Manager. But you can for example show it with an elevated PowerShell (Get-Process -Name "Memory Compression") or using Process Explorer: I'm still on 1607 and for me EAM also hides this process in the Behavior Blocker window. Since you are already on 1703 (Creators Update) it looks like there maybe have been some changes to this process and the exception Emsisoft created doesn't work anymore. Since there is no real executable for this process I guess there's no easy way to actually create hashes of it. Which most probably is the reason why the reputation keeps staying on "Verifying...". Cloud lookups won't work if they don't know the hash of the process. Maybe Microsoft has only changed the name? (from "Memory Compression" to "MemCompression" like your screenshots say) Can you show us the output of "Get-Process -Name "Memory Compression"? (or "Get-Process -Name "MemCompression" respectively) It has always been called "MemCompression". Only third-party tools like Process Explorer or Process Hacker have named it "Memory Compression". (Source) So that's not the issue. Still Emsisoft simply needs to hide it again.
  8. The current status from the submission site is: SHA192CBB4204FB774FCC61342DF2FCF7123B53D8BF5 Detection Status: Under investigation Alert Level: File:a2hooks64.dll For me it currently still gets detected. Excluding the file in Windows Defender should help.
  9. My versions are on the left. I do not experience this issue atm. But I also have not yet restarted my computer to enable the new components from the latest EAM update So I guess this incompatibility was introduced with that new version. EDIT: Aaaaaand there we go: http://www.wilderssecurity.com/threads/hitmanpro-alert-support-and-discussion-thread.324841/page-345#post-2561371 As always awesome fast support by the Surfright guys (and Emsisoft of course!).
  10. You have a source for this? Between 43.0 and 43.0.1 I can't find any changes in the pushlog relevant to add-ons.
  11. You could just hover your mouse cursor above the link and (depending on your webbrowser) you should see the URL appearing on the lower/upper left corner. If you're using touch you could touch and hold to see the URL. This version is outdated. Re-download it again from "https://www.emsisoft.com/en/software/antimalware/". The latest version is
  12. Seriously? It's just linking to another thread on this forum. Ok then, here's the suggestion:
  13. Try this suggestion by Christian. Worked for me. I was getting the same messages and was not able to update since the last six hours ("Unknown update error"). After disabling encryption the update went through. Not sure though if these issues are serverside or because of some connection issues on the way to the update server.
  14. Isn't that what this Temp-directory (%USERPROFILE%\AppData\Local\Temp or %TEMP%) is for? A place where third-party programs can store their temporary files. Many many other programs temporarily store some files in there. There are all sorts of log-files getting created during installation or while updating a software. I'm not sure what's the reason to "manage" those files other than regularly deleting the content of that folder (or letting Windows do that job for you). Edit: You were faster, JeremyNicoll.
  15. Yep, you got it fixed. The 30s wait is gone and "a2service.exe" doesn't run into a timeout. Looks like everythings back to normal. (At least over here.) Awesome customer service on a weekend!
  • Create New...