• Content Count

  • Joined

  • Last visited

  • Days Won


Posts posted by JeremyNicoll

  1. >> Some banks use phone numbers to send an SMS code to...

    > As does PayPal and a few other services. Unfortunately this is not an ideal method of 2FA, since sim-swapping would allow someone else to receive your 2FA code on their phone
    > rather than your own...

    I see some (most?) modern phones have SIM drawers readily accessible from the outside of the phone ... which would make that quite a risk.   In mine, you'd have to take off an outer cover, then prise the back off the phone, then take out the battery, then the SIM.  It's a whole-lot less likely to happen.  I expect one would be more likely to have one's phone stolen... and then the email option is no more secure.

  2. Some banks use phone numbers to send an SMS code to... and they tend to provide a choice of numbers - typically "home", "work" & "mobile" - though they can be anything and their three labels are irrelevant.  But at least there's some resilience if, say, one phone network is unavailable.  How difficult would it be for the Emsisoft code to support use of an alternate pre-defined email address? After all, email is not by any means 100% reliable. 

    Also, do Emsisoft have any monitored checking that their email-sending code (or the providers they use) is still working?  What happens if the SMTP server they use ends up on a blacklist?   

  3. Ah right.  Programs & Features only shows the version of something at the instant the oriiginal installer ran.    Some products, when they update, do update the info shown there but many don't.  On my system (which actually has EAM 2019.8.1.9715), Programs and Features shows the previous product "Emsisoft Internet Security"  v2017.7. 

    You can check the feed you're on at Settings - Updates - Update Feed. 

    I made a mistake when I queried the feed you were on - I meant to ask if you were on the "Delayed" feed, ie getting the oldest version.  But clearly you're either on Stable or Beta.


  4. 21 hours ago, 22Green said:


    What is that (single horizontal line) a screenshot of?   Is it for example from Task Manager?

    Is the date - nearly 500 days ago - your system's  current date, or is that associated with the version of EAM you're running?   And as that's v18 ... is that on the current 'Stable' feed?   It strikes me that it's not impossible that coding changes made in EAM since v18 was current might be required to support something in Win 10.


  5. So... today you say that without EAM it works.  But yesterday, when EAM wasn't installed, you had the problems that made you start this thread.

    Something else must be different.   I clear all cookies, caches etc, every day.  Do you clear history etc often/ever?    According to:   safe mode doesn't bypass the caches, and it also alters a few of FF's preferences.   

  6. I can see all the replies in  - using FF69.0, no special rules in EAM... but I'm not using the Emsisoft browser extension.

    Earlier, before you realised EAM wasn't involved (because it wasn't installed) you said   "The only difference is I am not allowing any scripts with No Script maybe that is the difference I don't know."

    That suggests to me that this is a problem with how you have Noscript configured - or maybe Noscript itself needs to be updated?

  7. When the countdown timer reaches 0s, does the file concerned get quarantined... or this (also) an example of a freezing notification?

    I'm wondering why your last screenshot highlights (green arrow) the clock time.   Is it significant that in that instance the time is 2 minutes after the first?

  8. Which version of Windows?     How much RAM does your machine have, and what processor?   

    Do you see apparent freezing in anything else?   Does this happen every time there's an update, and for every notification?  Or only when you're doing certain other things?

  9. There's more than one type of Exclusions list in EAM - one so that files/folders named in it won't be scanned, and one to prevent programs from being monitored.  I think you need to add mbam's .exe's (or maybe its whole programs folder) to the Exclude from Monitoring list (which is under the other one).

  10. I suppose also, anyone concerned with viewing/changing BB rules ultimately has to know what the actual .exe's name is (and where it runs from).  You'll also be aware (from TM) that multipe simultaneously running programs can have the same Description name, but (of course) different .exe names.  


  11. Here (albeit using the Portable Apps version of LibreOffice), I do see "LibreOffice" in the Description column in BB, but the .exe name in the Process column.   If I type   libre    in teh search field BB does show me all the relevant entries.

    Task manager's "Processes" tab (on W8.1 anyway) distinguishes between "Process" which is BB's Description, and "Process name" which is the name of the .exe.  In the "Details" tab the column names work differently with "Name" being the .exe and "Description".   

    (I hardly ever use TM, preferring Process Hacker.)

  12. I don't know, but I think that what that means is that the actual blocking/allowing of traffic is done in either case by the Windows Filtering Platform code.  The thing you can switch off is the MS-supplied GUI and the set of rules it maintains.   I think it means you can maintain a set of rules using MS's hard-to-use interface, or a set of rules using Sphinx's product.  But the actual power of the thing is in both cases dependent on what the filters that are built-in to Windows are capable of doing.   

    Ah... I read further into the FAQ.  At the bit entitled "Leak found":

     "W10FC is based on Windows Filtering Platform (WFP), security core of Windows10/8/7/Vista/2008/2012 completely. (Note: The built-in Windows10/8/7/Vista/2008/2012 firewall is based on the same security core). So any leaks detected in Windows 10 Firewall Control should be addressed to Microsoft directly probably. Windows 10 Firewall Control is not able to affect quality of the underlying core neither positively nor negatively anyway, Windows 10 Firewall Control is a user friendly front-end to WFP. "

  13. I'm sure Emsisoft would say there's two columns, and each one has a left-justified piece of text and a right-justified clickable thing.  

    It's unfortunate that the rh part of the left column is next to the lh part of the right column.    It'd be better if there was a wider gutter between the columns.

  14. Because you screenshotted the middle part of the display?  Layout is

      Firewall (windows)                  <switch>         Last update: (longago>                       <update now>
     Network lockdown                   <switch>         Your licence ends in:  <when>           <View details>

    so there's two columns on each line; each tells you something then perhaps lets you affect it.    It might be better laid out as:

      Firewall (windows)    <switch>                      Last update: (longago>                <update now>
     Network lockdown     <switch>                      Your licence ends in:  <when>     <View details>


  15. 14 hours ago, xeon said:

    This is not a front end firewall for windows.

    Why do you say that?   According to:   - the third question in:

      "Windows 10 Firewall Control is based on Windows Filtering Platform (WFP), the security core of Windows10/8/7/Vista/2008/2012, completely and does not install any third party kernel drivers."

    which means (to me) that a front-end is exactly what it is.

  16. Only Emsisoft support staff will be able to see those files.  Someone will take a look in due course, though maybe not until Monday.

    When an MSI installer runs it can optionally generate a log file (which can be anywhere between slightly detailed or very very detailed).   Turning on such logs is done by setting up a registry key, as described at:      As it says there, if you do turn this on you should probably plan to undo that later on as every MSI install would then create its own log file.   The log file might indicate why your install is not working... but it might also be hard to understand.    If you're a programmer it's maybe worth trying, otherwise, probably not.

    Oh - the logs will most likely be placed in your admin user's %TEMP% folder.