WheelieUK

Hi Andrew, Please see PM. Updates done and now functioning, but not without some problems. Not sure they were related to this issue, so advising more for information in case the same happens to anyone else. Details in the PM. Thanks for your assistance. Mike

Responded. Will await notification for beta updates. Thanks again for all your help. I thought the forum would be slower than email responses but I am, pleasantly, surprised, at how quickly this issue was dealt with. You guys are definitely the A team where customer service is concerned. Both on-line and off.

Hi Andrew, I have replied to pm via the same route. To confirm, the test solution suggested seems to be working ok. Will await further instruction on next step. Mike aka Wheelie

Just to clarify, bernx has resolved their problem. Mine continues and EIS is still crashing as per my initial post in this thread. (It was hijacked by another user with a similar problem, but on Windows 10).

bernx, Did you try using Chameleon from VyprVPN? That protocol would most likely work and would give you a high degree of security. I tried them before ExpressVPN. Good service, but I need access to more regions than they covered. Andrey Fedorinin I noted that there were a fair number of policy restrictions in the FRST logs I submitted. I have since corrected that error and attach a new log here. Emsisoft is still generating the same BSOD error, despite correcting the policy restrictions, so that was not the cause. This ONLY happens when trying to use the UDP or TCP OpenVPN protocol. At present, I have it set to L2TP/IpSec I have included the latest FRST Logs and the last mini dump which occurred after the group policy restrictions had been removed. (As I found no infection, I cannot say how the group policies got locked up. I am on Windows 7 Home Premium, so this shouldn't have been the case. I also ran JRT and Adware Registry Cleaners. Both reported no further errors. I uninstalled both using DelFix. Hope this helps Mike aka Wheelie FRST.txt Addition.txt 112615-35630-01.dmp

Hi Guys, I need a little help with this one. Since the update of 23rd November, I keep getting the BSOD when I run ExpressVPN (Version 4.1.1.380) on a Windows 7 32 bit O/S. This only occurred following that update. ExpressVPN DOES NOT crash when using the LT2P or the SSTP protocol options, just openvpn. I tried uninstalling and reinstalling the following Microsoft Net Framework 3.5.1 Microsoft Net Framework 4.5.2 Emsisoft Internet Security 11.0.0.5958 ExpressVPN Version 4.1.1.380 Whilst ExpressVPN app was uninstalled, and after reinstalling the other programmes above minus ExpressVPN, I tried installing OpenVPN 2.3.8 I601, using the ExpressVPN OVPN config files. I got the same result. Next I uninstalled Emsisoft Internet Security and ran ExpressVPN App in OVPN (TCP and UDP options) and it worked fine. No crash. So this is clearly a Emsisoft issue. I have included the last few minidumps and a Farbar scan as attachments. I would appreciate any advice. I don't consider myself a novice user, but having trouble souring the cause of this issue. I can see that fwndislwf32.sys is implicated in the problem but it still occurs even with the firewall turned off. Even with Emsisoft in disable all protection mode, this error keeps occurring. I have also run a Hitman Pro and MRT scan to see if anything came up but the system was entirely clear of any malware. The only thing that came up on Hitman Pro were tracking cookies, which would have been removed anyway by CCleaner when I closed the browser. Many thanks in advance. Mike aka Wheelie 112615-25490-01.dmp 112615-30295-01.dmp 112615-78452-01.dmp Addition.txt FRST.txt

Hi John, It may be that you will be asked to do a seperate thread for your issue. My issue is now resolved. I installed the hotfix, mentioned by Christian, and also found left over registry entries from Eset (Which I discovered as a result of using UnHackMe). Whilst the hotfix sorted out the firewall issue, it was Eset that was causing the issue with the protection. There was a driver in the unplug and play section in the device manager that needed to be deleted (I found a tutorial on Eset web site) To access the driver you needed to view hidden drivers. In addition, I also found, despite using a portable version, a file that had been installed by Panda. (This was when I thought that the issue was being caused by malware but was probably, at that stage, just the hotfix. There is supposed to be an alert to install the hotfix, but, like so many others who have had the same problem, I did not see an alert about this issue. I read about it in the forum, but thought it applied to 64 bit systems only, since it was in messages I read from 64 bit machines. Seems Windows 10 was not the issue in this case and just co-incided with a specific upgrade to the Emsisoft Software, which had the firewall issue. That said, I am immensely thankful to Christian, for pointing me in the right direction and for mentioning the UnHackMe in another post. It was that combination that resolved this issue. So it is another tick for the Emsisoft Staff.

Hi Christian, I realised I should have included the dump in the previous post and attempted to do so, but your reply arrived 1st. 2 mini dumps now included. Edit Only loaded 1 the 1st time so trying again 082215-25693-01.dmp 082215-25693-01.dmp

Hi All, I recently tried to update to windows 10 from a Windows 7 Sp1 32 bit machine. The update failed and put me into a continual reboot. I managed to recover the system, using system restore, to prior to the update, but then the shield goes either orange or red. Orange, when the firewall runs, which was fixed with an update (But see below) and then red when it the other protection and firewall failed to start. I get a pop up that says something like Edit "Emsisoft Internet Security (stable ( 10.0.0.5641) and beta) is unable to protect your computer. Emsisosft Internet Security was unable to load essential computer resources, needed to protect your computer." -- in addition I have been receiving intermittent BSOD reports such as 082215-25693-01.dmp 22/08/2015 23:48:02 DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x100000d1 0xbb3db000 0x00000002 0x00000000 0x8fd5c909 fwwfp732.sys fwwfp732.sys+8ae0 32-bit fwwfp732.sys+1909 fwwfp732.sys+34a2 fwwfp732.sys+4c21 fwwfp732.sys+50a5 C:\Windows\Minidump\082215-25693-01.dmp 4 15 7601 147,730 22/08/2015 23:49:56 082215-23930-01.dmp 22/08/2015 19:00:53 DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x100000d1 0x98871000 0x00000002 0x00000000 0x8f959909 fwwfp732.sys fwwfp732.sys+8ae0 32-bit fwwfp732.sys+1909 fwwfp732.sys+34a2 fwwfp732.sys+4c21 fwwfp732.sys+50a5 C:\Windows\Minidump\082215-23930-01.dmp 4 15 7601 147,730 22/08/2015 19:02:44 I have looked this up and it appears to a be a corrupted driver. I also saw some forum messages that have suggested marking the two drivers as old and deleting the A2 temp folder. Both of which I have tried. Another, related I am sure, problem was that when I installed EIS, it missed the initial scan during the installation stage. Instead of that page, it said finishing installation after the previous page. I have scanned the system with Malwarebyes, Eset online scanner and ASWBR. All of which said the system was clean (Thanks to Emsisoft). However, I have not been able to load the programme, since the attempt to update to Windows 10. Edit: I also read that there are sometimes issues caused by VPNs with EIS. I should add that I use ExpressVPN and did do before this fault developed. Whilst there has been a recent update to that application, (2 weeks ago) this was before the issue arose with EIS I have decided to stay with Windows 7 until the service pack is released next year, or these bugs are ironed out. In order to maintain some level of security I have loaded a trial version of Trend Micro Internet Security till I can get this issue resolved. I still have almost a year left on my licence so am keen to get Emsisoft back on the system and working. Any help would be much appreciated. Wheelie

On a related issue, I noticed, in the beta update this morning, that if you look at the custom application rules in the Protection sub menu that this "custom" rules are now shown when you click on edit to see what the rules are. I suspect this was the same on the earlier version and I simply hadnt spotted it by then. An exaample of custom rules which were auto created and have this issue is the UK BBC iplayer. (Pretty popular). It is not possible to see any of the custom rules for this application. I had to turn power off again last night, when I TRIED to disable the firewall from the taskbar protection menu. (This was the old beta and didn't reoccur today when I turned off the firewall for the below results using the same route). Seems to struggle with some VPN services. Two commercial versions I have tried out are Private Internet Access (With 20 million customers worldwide, this is an issue that needs looking at). It keeps popping up alerts for a Ruby file which is used to initiate the vpn connection. This may be because this particular vpn service creates new files in different locations on each restart. The second is AirVPN. This vpn keeps being disconnected when you try to change from one server to another. I will be testing out several others in the next few days as I am looking at VPNs generally, before deciding to settle on a particular provider. Although I was with VyprVPN and then Private InternetAccess since early this year. The firewall issue is again noticable with the AirVPN connection. Airvpn do not use standard ports for their service. They use 80 TCP / UDP, 443 TCP / UDP and 53 TCP / UDP. Additionally, every Air server supports directly OpenVPN over SSH and OpenVPN over SSL. With AirVPN, and firewall. active my speeds are http://www.speedtest.net/my-result/3568768518 With VPN running, but firewall turned off (VPN connection is still firewalled at modem and at their end) I get more than double the above speed.http://www.speedtest.net/my-result/3568790959 VPN has extra overheads and does slow the connection, so I tried the same thing with the vpn off. The speeds with no vpn increased a further 1/3 when with the firewall disabled but dropped back to the figure in the first link with both the vpn and the firewall enabled. So the firewall is responsible for approx 50% reduction of speed and there is nothing I can change in the settings available to enable me to do anything about this. Since even the custom rules do not show up.

Fabian Wosar, on 14 Jun 2014 - 7:28 PM, said: This would be against the current VirusTotal TOS if I remember correctly. Not to mention that such a feature would be of very limited use due to the limitations public VT API keys have. I merely suggested this because hitmanpro uses the api to do exactly that. In a scan I did with that, whilst using version 8. 4 medium risk threats were detected that antimalware missed completed. (Even when I did a manual scan of the relevant files. As several engines reported the threat on totalvirus, I didnt consider that it was a false positive and dumped the files concerned. Surf protection replaces the old blocklist in Online Armor. This has proved to be a bit of a problem. Under version 8 I was getting speeds of between 80-100mbps. (Tested on speedtest.net). Using version 9, without being able to whitelist core ip addresses, the speeds have dropped (dramatically) to between 20-25mpbs. This was a useful feature which helped me optimise my connection. Those logs would be quite helpful to track down the issue. Any chance you could install EIS 9.0 again? I have installed it as requested. So far, I have noticed System getting warmer One forced (Power) shutdown 2 System freezes that resolved themselves, but took time (like a couple of minutes). Lagging key strokes (Usually just before the system freezes) As mentioned in the beta announcement: All trial keys are reset during the beta to ensure people can continue to test without a license. We will also reset all trials once the final version is released. I did see that, but wasnt sure on that process. having reached that period, I see that they are remotely updated. The ChangeBlog would be the most obvious location to track our progress: http://changeblog.emsisoft.com/ Seems that it has been updated a couple of times since my initial comments. It is running much better now, but still a few kinks to work out. Happy to help if I can, Tell me where to recover the relevant log files (and which files you want) and I would be more than happy to forward those on.

Not sure it might be too late for the version 9 release, but it would be good to add the virustotal api for those registered with Virustotal, as a secondary option to check the validity of a file. I also don't see an option to add the blocklists. I use this feature and know of several others that do, so would hope to keep that feature in version 9. I had to uninstall the beta version as my system completely froze up, on 3 seperate occassions, after 3 reinstalls. It seemed to be caused by the firewall but lost the logs to be able to be check after each freeze. On to the question, have the licences for the version 9 internet security beta been released yet? I suspect the 30 day licences will have expired for some already. Finally, is there a place I can check for updates, without having the current beta installed. I am hoping that a future beta will fix the freeze issue (Which may also be memory related now I think of it, although I have tonnes to play with). Would like to give it another go if and when it updates. I have more confidence in the new version antimalware than the firewall at present. Hoping that will change with advanced features etc.