Frank H

I assume you mean after EAM restarted ? That depends on many things, but yeah it can take a few seconds.

This build only includes a UI fix for the overview screen, where the 'License ends in:' part was truncated.

We’ve just released Emsisoft Anti-Malware 2020.4.0.10100 beta. You will have to enable beta updates to get this version. Several UI improvements and fixes.

i'm aware stapp, it's a minor UI thing but needs to be improved.

Hi Raynor , thanks for your extensive feedback, appreciated. by default, and it always has been like this: the permissions tab is hidden for regular windows users. it is visible for local admin users. Regarding did you wait till EAM started an update ? Only an update triggers the switch. Where did you see this ? did you check it on the clients ?fyi and maybe obsolete: * Protection policies are computer/device based * Permission policies are user based. How did you run the webinstallers on devices with windows user accounts ? did you run it under the user context in elevated mode ?

probably before every next step

We’ve just released Emsisoft Anti-Malware 2020.4.0.10098 beta. You will have to enable beta updates to get this version. Several UI improvements and fixes.

didn't you tell Defender to ignore that file ? maybe you could check the defender exclusions list.

thanks for the feedback. as this seems to be a one time thing, lets keep an eye on this

yes

We’ve just released Emsisoft Anti-Malware 2020.4.0.10090 beta. You will have to enable beta updates to get this version. Several UI tweaks and fixes.

Yes. the uninstall protection is not related to user permissions. It gets activated when you set the administrator password. We have added a new event in workspace notifications: 'Protection uninstalled'. If you have setup workspace notifications you will receive and email with details, related to this event Additionally, you will see a new line in the workspace 'Unresolved issues' section, where you can decide to remove the device from the workspace or leave it in (e.g. in case of a reinstall of EAM)

The uninstall password protection is a 'simple' but effective way to block uninstall for admin users. As soon as a hacker gets RDP access to your machine, there is nothing that can stop them as they have all permissions on the system. We created a blog article about this subject: https://blog.emsisoft.com/en/28622/rdp-brute-force-attack/

if you test this again with defender disabled eek will detect eicar. Realtime protection (like Windef, EAM etc) usually use mini filter drivers. EEK doesn't use a file system mini filter to do file I/O. It just opens a file. And ANY file system mini filter gets to check out the file first.This is why Defender and other realtime protection always detect files first.

2020.4 improvement is: if you try to uninstall EAM and you have set the administrator password, you will get a dialog presented, asking for the admin password. This prevents unauthorized uninstall by (local admin) users.