stapp

Global Moderator
  • Content count

    3221
  • Joined

  • Last visited

  • Days Won

    36

stapp last won the day on May 22

stapp had the most liked content!

Community Reputation

89 Excellent

About stapp

Profile Information

  • Gender
    Not Telling
  • Location
    Yorkshire UK
  1. You will not get the 'Renew for Free' text back. This method is to enable you to have the build number permanently showing on the GUI.
  2. Have a read of this thread here for reason https://support.emsisoft.com/topic/27631-event-id-6281/
  3. You have already posted this in the Malware removal area of the forum (which was the correct place for it) https://support.emsisoft.com/topic/27683-rj-scanlan/ so I will close this one.
  4. Just for info Frank, my build number of 1703 is 15063.413
  5. Win 10 Pro, latest build of 1703 Creators Update. If you want a screenshot it will have to be later after dinner.
  6. Should I see MemCompression in BB list using build 7640? (because I do..it's listed as good)
  7. I know it has been like this since the introduction of sched scans Frank However, it is part of my duty as a tester to do silly things to the Emsi program I ticked them all and then thought ''Why on earth is Emsi allowing me to do that??''
  8. Jeremy as this area is for discussing issues/finds etc with the latest beta builds, perhaps we should wait for Frank's comments (unless you have beta installed and are wondering about this too :))
  9. Jeremy scheduled scans happened before for me as I am auto logged in at boot. Frank I find this odd. I just tested the scheduled scans to make sure they worked. Apart from a full custom scan taking ages (50 minutes longer than my malware scan !) I cannot understand the weekly settings which allow me to tick(select) every day under the weekly settings and still call it a weekly scan?
  10. EAM on Win 7 64bit via autoupdates. No issues so far with new build. As I do not logon to my machine I guess this won't affect me ''Unattended scheduled scans: Scans now run even if no user is logged on in Windows.''
  11. But Frank I have slept hundreds of times since then Also this was after a Win 10 cold boot (fast boot disabled) with a day in-between when the machine had not been turned on.
  12. Windows 7 and Windows 10 using EAM. Why has this event id of a security audit failure mentioning a2hooks64.dll started showing under the Security section of the Event Viewer? I see there was a post about it in German section which Fabian answered but German is not my strongest subject Here are debug logs of the audit failure after boot on my Windows 10 64 bit machine just now, along with entry from event viewer. a2service_20170620144414(1336).zip
  13. It is the very first time I have ever seen that error in my Security Event Viewer logs. Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 17/06/2017 07:10:02 Event ID: 6281 Task Category: System Integrity Level: Information Keywords: Audit Failure User: N/A Computer: ****-PC Description: Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error. File Name: \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" /> <EventID>6281</EventID> <Version>0</Version> <Level>0</Level> <Task>12290</Task> <Opcode>0</Opcode> <Keywords>0x8010000000000000</Keywords> <TimeCreated SystemTime="2017-06-17T06:10:02.733267200Z" /> <EventRecordID>187929</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="52" /> <Channel>Security</Channel> <Computer>Jean-PC</Computer> <Security /> </System> <EventData> <Data Name="param1">\Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll</Data> </EventData> </Event> The error is not there today.
  14. See your pm's Frank, I have sent them.