havredave

Emsisoft Employee
  • Content count

    67
  • Joined

  • Last visited

  • Days Won

    1

havredave last won the day on August 8 2017

havredave had the most liked content!

Community Reputation

7 Neutral

3 Followers

About havredave

  • Rank
    Active Member
  • Birthday 07/11/1969

Profile Information

  • Gender
    Male
  • Location
    Idaho, USA
  • Interests
    Cleaning computers, gaming, rock hunting, helping people with computer issues, and teaching those who sincerely want to learn.

Recent Profile Visitors

5057 profile views
  1. after update computer won't boot

    Door Knob, This is a simplification, but delayed is the most stable of the last month's releases. While 2018.3.x is current, 2018.2.x's most stable version will be delayed. Again, this is a simplification and it's not guaranteed to follow that scheme at all. Yes, delayed uses current signatures, but may be missing features, even those that protect the computer better in some cases. Yes, it is current signatures in a slightly older program version. Back to the Comodo Firewall issue: On my test computer, I'm using stable, currently 2018.3.1.8572 on Windows 7 x64. I just put in a few Windows updates. I also updated Comodo Firewall. As of this moment, the problem isn't happening to me with no exclusions set up anywhere, and both programs running with everything enabled that would be by default with the Comodo installation options I chose, mentioned earlier. I have full logging enabled though, even beyond just turning on debug logging in-program. Hopefully I'll catch something. Note though that several changes were made in the latest stable, and one of those may have had an affect.
  2. after update computer won't boot

    Libor, endevite, Of course it is! I don't have new information at this time, which is why I haven't posted about it. When I do, I will!
  3. JeremyNicoll is not an Emsisoft employee. He is a long-time forum poster who often has good input. Note that his forum designation is "Member", like yours. Mine is "Emsisoft Employee". Yes, our Russian support is very competent. They should be able to help you soon.
  4. Emsisoft Crashing HP Computers running Windows 7

    BishBashBosh, Have you yet contacted [email protected]? I thought you had, but your post seems to indicate it does not. As I've mentioned before, I will not be posting these fixes on the forums, so people don't end up trying to fix something as sensitive as the affected location, when there's potentially nothing wrong. That could have seriously bad repercussions. If there is something wrong, contact us and we'll help directly. If you are in a no-boot situation, please contact [email protected] and I'll be quite happy to help. The fix, especially if you're savvy, should take less than ten minutes per machine, give or take.
  5. after update computer won't boot

    BishBashBosh, No, please email [email protected] Ask for me if you'd like.
  6. Thank you JeremyNicoll, I've moved the post to the Russian section, and will notify our Russian support staff!
  7. after update computer won't boot

    Leks: If you have a Windows 7 or Windows Server 2008 R2 machine (which uses Windows 7 codebase), and it's an HP, and it's running or has installed HP's drive protection (accelerometer, free fall protection) software, please email [email protected] and let us know. If that particular HP software does not exist on your machine, or it isn't an HP, or it isn't Windows 7 codebase, the problem should not exist. There have so far been no reports of any version of Windows, other than those, having the issue. Two of the affecting HP programs are named "HP 3D Drive Guard" and "HP ProtectSmart Hard Drive Protection". That is not to say that with those installed on a Windows 7 codebase machine the issue WILL happen. I will not give further details or help about that in this forum topic since it will derail the original topic (that I'm still working on), plus we need to handle these individually in some cases. Depending on how the machine was treated after affected, IF affected, what we need to do for that particular machine might change a bit. To keep this topic on-task for those having trouble with Emsisoft Anti-Malware and Comodo Firewall, please understand that I'll clean up further posts not related to that issue. I'm still very willing to communicate and have more details - just send in an email. This is only for housekeeping and staying on-task for this forum topic.
  8. after update computer won't boot

    'Delayed' is not an automatic promotion of older versions. We only pick those that have exhibited better stability. For a real firewall management system, you might think about evaluating one of the Windows Firewall front-ends. Windows Firewall is actually pretty good, albeit 'interesting' to manage. A lot more products use it as their back-end than I ever thought, until I looked into it. And yes, I hope this gets worked out soon too. Now that we've figured out and dealt with the issue specific to HP accelerometer (hard drive freefall protection) software, there might be more resources available.
  9. after update computer won't boot

    bmunoz: Please email [email protected] That issue is not related to this thread at all, which is specific to a Comodo Firewall conflict. The issue you're having might be a known one that is not related in function or symptoms to this particular one. When you email, please let me know the brand of the machines they're using. If this is what I think it is, it's actually pretty easy to fix for an experienced tech, not so much for others. endevite/Libor: I wish it was as simple as reviewing changes. That's a great idea in theory, but given how complex the systems are, and I'm not just talking about our program here, but our program and all of the things it could possibly interact with, it's not quite that easy. We do know roughly where to start of course, but that doesn't mean that's where the issue will be found. I'm not giving up on testing/trying.
  10. after update computer won't boot

    BishBashBosh: Please email [email protected] right away. That is a completely different problem, and we have a fix as of yesterday. If you've already emailed, I will get to your ticket as soon as possible. You can feel free to private message me (in the forums here) with your email address and I will look for it if you already have. Libor: I understood - it would seem much more likely to me that it is conflict related than timing related, but we'll see. Jeremy's issue is also (seemingly at least, we'll see) unrelated to the Comodo issue. I had thought context scan hangs were a thing of the past, and very short-lived, but apparently not. JeremyNicoll: Frank is actively working with you, correct? I don't want your issue to fall between the cracks! Ken1943: That is the basis of what I think is going on, in essence. Games often have anti-hacking protection, and sometimes think antivirus-capable monitoring software needs to be blocked, causing conflicts. I think that Comodo is not honoring whitelist entries fully and is still hanging when it touches our process, possibly due to how they or we perform monitoring. Just how to fix it, I don't know yet. Conjecture of course, based on how it's acting and past experiences. I wasn't able to do any testing yesterday due to another problem (that BishBashBosh ran into), but should be doing more today or tomorrow. When I have usable tests to perform, I'll mention them here first!
  11. after update computer won't boot

    Thank all of you for continuing feedback and information. Libor: It would be very strange if an SSD is the thing here, especially since I've been replicating this in a virtual machine, which doesn't know that the parent device is an SSD. I won't discount the possibility however. I'm not going to ask you to do more, but if you do notice anything, I'm interested in what you find. endevite: I rather expected that after my own experience. I still haven't found the culprit, but I'm not giving up. neneduty: Thank you for your loyalty! Hopefully though we can figure out the Comodo conflict quickly so everyone has the choice to use it if they wish. JeremyNicoll: I think that's unrelated actually, but thank you for sending in that information and offering help/feedback!
  12. after update computer won't boot

    I feel funny saying this, but thanks, Door Knob! I agree, it's the 2018.3.x update that introduced (not 'caused') a conflict. That's not to lay blame on the code or version, Comodo or Emsisoft, since security software by its nature is complex and deals with systems that can bring them into conflict. Comodo's free firewall is not just a firewall even with parts disabled, so falls into that category as well. That's part of why many (most?) experts recommend avoiding having multiple active antivirus on one machine, for example. I sure don't know exactly where the conflict is yet, but no, I'm not giving up. It's interesting that so far, I think everyone reporting this is using an SSD instead of a platter drive. Anyone out there using non-SSD system drive who has the issue of a boot hang in normal mode?
  13. after update computer won't boot

    Libor, The issue IS replicable on my virtual machine, after days of not being able to replicate it. I'd mentioned that several posts ago. Then I find a workaround, seems to work, but doesn't work for you. Then, I find that even though after several stop/start/restarts it worked fine, the next day it fails and locks on startup again. It is indeed work for us at Emsisoft to do, but we do need testing to see if we have a fix for you or not. Each time I posted, I had done something that effectively fixed the issue on my virtual machine, which is configured similarly to your computer, even with SSD. So, I was interested in seeing if the fix worked for you as well. I'm glad you took extra steps to disable all of Comodo and note that it still happened. For whatever reason, it happens much more frequently and certainly on your computer than it does mine, so testing was, while tedious I'm sure, much faster than doing it here. So, it's back to the drawing board for me. No, our developers do not simply know what the conflict is. Programs of this nature are far, far more complex than that, and most of the time, the cause isn't so obvious. That's why this testing is important, so I can narrow down exactly which modules, features, or settings cause the problem to go away, so they know where in code to start looking. Standard troubleshooting and debugging steps, really. I'll avoid posting more things that seem to work unless they work for several days in a row. Have a great week!
  14. after update computer won't boot

    Libor (and others), The toggling of Comodo's av might not do the trick completely. It did work for me across several reboots, but during one of my virtual machine boots today, it hung. After loading into safe mode and re-confirming that its av was off, I rebooted into normal mode and things appear to be working just fine. I'll keep on it, and update if I learn more.
  15. Ransomware infections are unique in many ways. Most importantly, a lot of the natural instincts which are usually correct when dealing with malware infections can make things worse when dealing with ransomware. Please see the following steps as a guideline when dealing with your ransomware infection. Do not delete the ransomware infection The natural instinct of most users is first to remove the infection as quickly as possible. This instinct is, unfortunately, wrong. In most cases, we will require the ransomware executable to figure out what exactly the ransomware did to your files. Finding the right ransomware sample becomes infinitely more challenging when you deleted the infection and can't provide us with the ransomware. It is okay to disable the infection by disabling any autorun entries pointing to it or by quarantining the infection. However, it is important not to delete it from quarantine or to remove the malicious files right away without a backup. Disable any system optimisation and cleanup software immediately A lot of ransomware will store either itself or necessary files in your temporary files folder. If you do use system cleanup or optimisation tools like CCleaner, BleachBit, Glary Utilities, Clean Master, Advanced SystemCare, Wise Disk/Registry Cleaner, Wise Care, Auslogics BoostSpeed, System Mechanic, or anything comparable, disable those tools immediately and make sure there are no automatic runs scheduled. Otherwise, these applications may remove the infection or necessary ransomware files from your system, which may be required to recover your data. Create a backup of your encrypted files Some ransomware has hidden payloads that will delete and overwrite encrypted files after a certain amount of time. Decrypters may also not be one hundred percent accurate, as ransomware is often updated or simply buggy and may damage files in the recovery process. In those cases, an encrypted backup is better than having no backup at all. So we urge you to create a backup of your encrypted files first, before doing anything else. Server victims: Figure out the point of entry and close it Especially recently we have seen a lot of compromises of servers. The usual way in is by brute-forcing user passwords via RDP/Remote Desktop. We firmly suggest you check your event logs for a large number of login attempts. If you find such entries or if you find your event log to be empty, your server was hacked via RDP. It is crucial that you change all user account passwords immediately. We also suggest to disable RDP if at all possible or at least change the port. Also, it is important to check all the user accounts on the server, to make sure the attackers didn't create any backdoor accounts on their own that would allow them to access the system later. Figure out what ransomware infected you Last but not least it is important to determine what ransomware infected you. Services like VirusTotal, which allows you to scan malicious files, and ID Ransomware, which lets you upload your ransom note and encrypted files to identify the ransomware family, are incredibly useful and we will probably end up asking you for the results of either of these services. So by providing them right away, you can speed up the process of getting back your files. If you struggle with any of these points, please feel free to ask for help. Our ransomware first aid service comes with no-strings-attached and is free for both customers and non-customers.