fax

ok thanks!

Spot on, thank you. Problems solved by rebooting,

As per subject, I am stuck with the error in windows defender center. Tried to use the emsisoftclean but it does not detect any installation. Any manual step to deregister it from WDC? Thank you,

Thanks GT500, make sense. I see that ZAfree installers cointain indeed PUP code (fusioncore). So, you can't simply whitelist as it will be across all signed applications. A pity as all the ZA/Checkpoint retail packages don't have that code included. I will feedback the checkpoint developers about it but I guess this is more the fault of marketing people than the developers.

Yes, it digitally signed, See screenshot. This must be due to the non specific logging which does not distinguish between user actions and EAM actions (Auto resolve). May be development could think of refine the logging capability to allow separating the two as this could be a common scenario, Thanks, Fax

Go to Protection --> Surf Protection --> Malware Hosts .... and choose the desired behaviour (e.g. Block silently)

Any chance to find a more permanent solution to EAM trying to kill checkpoint anti-ransomware (luckily the anti tampering in checkpoint blocks the attempts)? Whitelisting by digital certificate? 07/10/2017 14:36:28 1912 C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe Allowed by rule Behavior.TrojanDownloader 07/10/2017 13:01:25 8332 C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe Quarantined by user Behavior.HiddenInstallation The file is digitally signed by Checkpoint Security. As it updates often the only way I found is to add it to the exclusion list. I have contacted support in the past to whitelist but at every new version the problem re-appear. Thanks, Fax

Explained here: https://www.wilderssecurity.com/threads/zonealarm-firewall-release-is-15-159-17147.392124/#post-2655799 Main difference with ZAPRO: With ZAfree you can't open specific ports or create ad-hoc rules for apps.

Possibly just due to Emsisoft updating to a new version. Normally this is just few seconds. Can you check if you still see Emsisoft tray icon in the taskbar. You may need to go in the taskbar to show it.

In simple terms you cut off any internet/network connections. From the help file:

Open EIS main GUI. Go to "Protection" tab and then: File Guard --> PUP Detection --> choose your preferred behaviour Surf Protection --> PUP Host --> choose your preferred behaviour

Yeap.... no more pop-up. Fixed. Thanks!

Yeap, same problem here with skypehost exe on win10

Thanks! The false positive is triggered when you try to download the emsisoft installers. For example this link; https://www.emsisoft.com/en/software/internetsecurity/download/

And here you have the Asus response... i.e. you are vulnerable I give up on my side. Cheers,