Jump to content

emwul64

Member
  • Posts

    73
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by emwul64

  1. I do agree with this. I already spent time to elaborately report it, with screenshots and all. Most likely Emsisoft's words carry more weight, whereas my post will automatically end up in the Recycle bin.
  2. There is an earlier thread titled 'BUG in forum software', but that one is closed. There is no section to post non-Emsisoft software topics. Please allow me to post here. It's about forum notifications. (1) Clicking on the URL in the notification leads to me to a "Sorry - We could not find that topic"-error (2) (3) Assuming that it is because I am not logged in, I log in, but I am not redirected to the specific post. (4) Then I open the notifications panel of my profile and notice that the notification is not listed there. (5) Whilst being logged in I click on the URL again, same error. Am I the only one having this problem?
  3. Wait ...! Not sure whether Emsisoft support is to blame here. This matter has been solved in the a direct communication (PM/Mail). In my case it had something to do with hardware acceleration. Adding lines [General] and renderer=WARP to skin.ini solved it, see post above. Maybe it had something to do with Emsisoft having "Redesigned user interface"(??) Anyway, after the matter was solved, I guess both Emsisoft and I went on and more or less forgot about this thread. Probably, as TS, I should have posted the solution.
  4. Matter solved - thanks! disabled self protection then used "TakeOwnerShip" (see: https://www.tenforums.com/tutorials/3841-add-take-ownership-context-menu-windows-10-a.html) edit the skin.ini re-enabled self protection reboot Note that I do not know whether the 'takeownership' was essential in this case. It is a registry entry.
  5. Please allow me to step in here... (I think it makes no sense to create a separate thread about the same problem) Frankly, I am 'happy' to see that I am not the only one. Also see my post titled "Is there a way to remove uninstall left overs?" Uninstalled Emsisoft a few times. Even did the 'EmsiClean' (tagged the option to remove the Emsisoft folder entirely) Re-installed Emsisoft. It did not solve the problem. There is indeed an empty skini.ini-file in C:\Program Files\Emsisoft Anti-Malware. However, even as administrator I can neither edit/rename or delete it nor overwrite it. Permissions are the same as SYSTEM. Emsisoft-Interface-Video-06112021 061036.mp4
  6. Thanks. I could launch Emsisoft from taskbar-icon, even though it was 'uninstalled' and not showing in the programs list. Also this time update Emsisoft went fine, at least.. it looks that way. The GUI still looked like above. Funny, updating a non-installed program. Anyway, I'll do the emsiclean and see what happens. Thanks again.
  7. Tried to update Emsisoft, update didn't work. Emsisoft showed up with funny colours. So I decided to uninstall it. It is not in the program list, but after reboot, taskbar-icon and desktop-icon are still there. Running EmsisoftAntiMalwareSetup64.msi didn't work out: Emsisoft detected an installed version. Any tool that may remove all leftovers, so I can perform a fresh install? Thanks.
  8. Up front, to be honest, I have not read all about Emsisoft Browser Security. The Emsisoft Browser Security is active and it is displayed in the browser toolbar, next to uBlock Origin. The combo works together nicely and I have never had any questions. I stumbled over a problem of site that is constantly showing a pop-up. It is good site, about Microsoft Excel, tips and tricks, a blog and a forum etc. I sent them a mail asking how to get rid of this pop-up and they answered it had something to do with cookies. OTOH the site has no way to 'accept' cookies, like most other sites. After checking (Edge in developer mode, F12 > Console) I noticed that a number of tracking cookies were blocked access to store data. "Tracking Prevention blocked access to storage for..." (etc) "Failed to load resource: net::ERR_BLOCKED_BY_CLIENT"... I then had VirusTotal check a few URLs and they were fine. Probably uBlock Origin is blocking a site named I.sharethis.com Above as background. Comes in Emsisoft Browser Security: if I were to disable uBlock Origin on that site, would then Emsisoft take over and to what extend are these tools overlapping? So far there was never need to compare both products: they worked together nicely. Maybe it has always been 'overdone', I don't know. Thank you.
  9. Thanks. I didn't know that, to be honest. ("name of a signature"... etc.) As for the plain text file, it is/was simple text, no scripts or something special. No doubt it was a false positive. It can be that some AV software are stumbling over such self extracting files with 'potentially unwanted behaviour'. As said, I'd expected this from Emsisoft rather than from WD. Then again, WD reports that actions are recommended, but leaves the user puzzled as to what exactly the user is required to do ... 🙂
  10. Windows Defender showed a "This program has potentially unwanted behaviour"-warning that refers to Win32/Wacapew.C!ml Vainly tried to find this file. The affected file was a self extracting .exe of a plain text file that I created myself. Defender has blocked the file and required me to scan the system. I did so. Probably everything is okay now. The thing I was wondering about is why Emsisoft didn't come in here. Maybe I am wrong, but I assumed that Emsisoft did the virus protection part and the firewall part was left to Windows Defender(?) I believe even searching the Emsisoft website did not show any hits on Wacapew. Thanks.
  11. Thanks for the explanation. Probably a one-off glitch or something. Windows does respond a peculiar way sometimes. Actually shutting down never goes wrong so far, so I don't wait: start the shut down - shut off the monitor and just walk away. Nowadays I wait...🙂 Best regards
  12. Yesterday I shut down my PC as usual, shut down the monitor and went away. This morning I discovered that my PC has been running whole night. So I checked out the event log and noticed that after I initiated the shutdown, Emsisoft started the update procedure Date Time Event Source Description . 07-05-2021 16:59:21 1074 User32 The process Explorer.EXE has initiated the shutdown of computer DESKTOP...etc. 07-05-2021 16:59:22 15 SecurityCenter Updated Emsisoft Anti-Malware status successfully to SECURITY_PRODUCT_STATE_ON. Followed by quite a number of 'Errors' : the usual eppcom64.dll that did not meet the XX signing level requirements and ended with: Date Time Event Source Description 07-05-2021 17:01:02 1073 User32 The attempt by user DESKTOP-K5IEMOI\<USER> to restart/shutdown computer DESKTOP-K5IEMOI failed I needed to log on (normally this is not the case, I have disabled having to enter my password. I am the only user, so, no password, I get the desktop straightaway. After entering my password I got a blank screen, remained blank for half an hour, so I rebooted. Then the logon screen showed two user names, left bottom corner. Managed to get in. I just wonder, could it be that updating -after- initiating the shutdown could have posed these problems? Thanks.
  13. Thank you very much indeed. I'll switch it on as well. It is a bit strange why it was Off in the 1st place. Anyway, thanks for the tip.
  14. Frankly, I am not sure about the Potential unwanted app thing. Will leave it as it is right now. OTOH I assumed(!) that EAM would take over all settings relating to security, except the firewall, leaving that one to Defender. Anyway, thanks again for getting back on this.
  15. Thanks for the above. I have 3 Windows 10 x64 VM's. #1) clean, x64 19041.662 #2) clean, x64 19042.662 #3) 19042.662 with applications and Emsisoft. I installed Emsisoft on #1 and #2 Below find the powershell results: VM1: Name VMP Windows 10 20H2 19041.662 (19041...) Clean system Installed latest Emsisoft Windows PowerShell Copyright (C) Microsoft Corporation. All rights reserved. Try the new cross-platform PowerShell https://aka.ms/pscore6 PS C:\WINDOWS\system32> Get-CimInstance -NameSpace root/SecurityCenter2 -ClassName AntiVirusProduct displayName : Emsisoft Anti-Malware instanceGuid : {5FD8BF8F-F242-6153-61B5-8FF333E8736B} pathToSignedProductExe : C:\Program Files\Emsisoft Anti-Malware\a2start.exe pathToSignedReportingExe : C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe productState : 266240 timestamp : Fri, 04 Dec 2020 05:09:10 GMT PSComputerName : displayName : Windows Defender instanceGuid : {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} pathToSignedProductExe : windowsdefender:// pathToSignedReportingExe : %ProgramFiles%\Windows Defender\MsMpeng.exe productState : 393472 timestamp : Fri, 04 Dec 2020 05:09:12 GMT PSComputerName : ====================== VM2: Name: UserX - Windows 10 x64 19042.662 Clean system - no Emsisoft. Installed Emsisoft. Windows PowerShell Copyright (C) Microsoft Corporation. All rights reserved. Try the new cross-platform PowerShell https://aka.ms/pscore6 PS C:\WINDOWS\system32> Get-CimInstance -NameSpace root/SecurityCenter2 -ClassName AntiVirusProduct displayName : Emsisoft Anti-Malware instanceGuid : {5FD8BF8F-F242-6153-61B5-8FF333E8736B} pathToSignedProductExe : C:\Program Files\Emsisoft Anti-Malware\a2start.exe pathToSignedReportingExe : C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe productState : 266240 timestamp : Fri, 04 Dec 2020 05:02:18 GMT PSComputerName : displayName : Windows Defender instanceGuid : {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} pathToSignedProductExe : windowsdefender:// pathToSignedReportingExe : %ProgramFiles%\Windows Defender\MsMpeng.exe productState : 393472 timestamp : Fri, 04 Dec 2020 05:02:20 GMT PSComputerName : PS C:\WINDOWS\system32> ===== VM3: Name: Windows 10 x64 - 19042.662 with a number of applications installed. Emsisoft installed PS C:\WINDOWS\system32> Get-CimInstance -NameSpace root/SecurityCenter2 -ClassName AntiVirusProduct displayName : Emsisoft Anti-Malware instanceGuid : {67773CDD-EA83-AD98-A2ED-386463EB3B0D} pathToSignedProductExe : C:\Program Files\Emsisoft Internet Security\a2start.exe pathToSignedReportingExe : C:\Program Files\Emsisoft Internet Security\a2service.exe.old productState : 266240 timestamp : Sun, 18 Aug 2019 14:16:56 GMT PSComputerName : displayName : Emsisoft Anti-Malware instanceGuid : {5FD8BF8F-F242-6153-61B5-8FF333E8736B} pathToSignedProductExe : C:\Program Files\Emsisoft Internet Security\a2start.exe pathToSignedReportingExe : C:\Program Files\Emsisoft Internet Security\eppwsc.exe productState : 266240 timestamp : Fri, 04 Dec 2020 04:19:35 GMT PSComputerName : displayName : Windows Defender instanceGuid : {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} pathToSignedProductExe : windowsdefender:// pathToSignedReportingExe : %ProgramFiles%\Windows Defender\MsMpeng.exe productState : 393472 timestamp : Wed, 02 Dec 2020 07:43:00 GMT PSComputerName : PS C:\WINDOWS\system32> === Note: Windows Settings > Update & Security > Windows Security > App & Browser Control > Reputation-based protection > Potentially unwanted app blocking is 'Off' Hope above will serve its purposes. If you need any further details, let me know. If not, I am going to clear / release the used licenses. Best regards.
  16. Selecting 'Dismiss' - the exclamation mark will disappear. Tried to find information in the Help file on "potentially unwanted app blocking" I suppose they should be enabled? Both on my VM and host pc they are disabled. Even after re-installing Emsisoft.
  17. It is probably in the 20H2 version build 19042.66x There are some changes there, specifically the item "Potentially unwanted app blocking" I have Windows 10 x64 19041.662 (2004) running as VM, there was no exclamation mark in Defender in the toolbar. Screenshots 1909 build18383.1198 to 2004 build 19041.662 to 20H2 build 19042.662 Maybe because 19042.662 is an insider thing this still needs some update/development.. Thanks.
  18. Yesterday, after updating to Windows 10 v20H2 (19042.660) I noticed that 'App & browser control' was turned off. Tried to turn it on from within Windows settings > Emsisoft (see attachment) but turning on would not stick, i.e. it remained 'Turned off'. Later I updated to build 19042.662 rebooted a few times, but it remained turned off, also this morning. Any suggestions? Thanks.
  19. As always, many thanks! Likely the 'crash' was just a one-off case. Never had this before. Again, thanks. Best regards.
  20. The Windows 10 x64 (18363.1082) event log is showing the following entries (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the 8 signing level requirements. (\Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the 7 signing level requirements. Emsisoft v2020.11. At one point the protection was 'Off', but the 'Fix Now' didn't work. Had to shut down and restart. Any suggestions? BTW it almost always involves harddiskvolume4 which is in fact a Samsung 850 Pro SSD C:-drive with Windows. Thanks. = =
  21. Thank you! It's no problem. I'll get back on this if it happens again, but, as said, I guess it is just a one-off thing. Best regards.
  22. At boot I always get the below Windows notification " Check virus protection Windows Defender Antivirus and Emsisoft Anti-Malware are both turned off. Tap or click to see installed antivirus apps. " Normally I don't pay attention to it, as one or two minutes later both are turned on anyway. Today, however, they both remained turned off and even the Emsisoft 'Fix now' would not work. I needed to reboot my PC to get both running again. (Of course first with the above warning) Log file shows: Shutdown at 18:21 PC Boot at 06:12 Reboot at 09:44 (see below) Emsisoft Anti-Malware v2020.9.0.10390 Windows 10 x64 1909 (18363.836) Probably this is just a one-off thing, but I report it anyway.
  23. Thanks for the above. Probably a one-off glitch then. I logged into my account -> devices and the license showed 'Valid' for all devices listed there. The pop-up disappeared and did not show up anymore this morning.
  24. This morning, after booting, Emsisoft showed a "Change License" panel. Apparently the software changed into a kind of non-license mode(?) Checked Event Log - probably the below error caused the issue. Event Log Error Event ID 3033 Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the 12 signing level requirements. How come? Nothing wrong yesterday. Thanks.
×
×
  • Create New...