No other security stuff apart from EAM; I've trimmed right back on fortress PC. OS as in my sig and it was a clean install of Rehips. In fact I've uninstalled and reinstalled twice just in case... The issue is probably caused by the OS because Rehips runs fine in a VM that's running Win10 on the same PC but I don't know how to resolve the problem short of a clean reinstall of Win 7 and I'm reluctant to do that at present.
@faircot 1- did RehipsAgent64.exe is added to EAM exclusions? 2- if you run SUA ; be sure the SUA is added to trusted users
Thanks for pointing that out! Maybe it's installed through Admin, but he uses SUA without proper permissions first, so maybe that's the reason. But maybe what you said about Emsisoft is the reason. Anyway, @ReHIPS might be able to point the problem.
1. I've just reinstalled Rehips having uninstalled EAM and rebooted. 2. I'm running a single administrator account - very simple 3. I've run Tweaking.com and reset a large number of Win7 defaults The result, unfortunately, is still a series of failed user environment messages. The prog itself works OK. If I set it in Standard mode it recognises new processes and creates new entries in the log. It's just not possible to right click on a prog and run it isolated. UPDATE: I've just attempted to reinstall EAM using Deploy Helper. All I got was the failed to create message again!
Thank you, guest. Much appreciated. Out of interest, what's the matter with access to Rehip's forum. Is it down or just unreliable?
i don't know , seems the server is unstable , in the past it was something with the DNS. yes, try the link @oZone gave.
Yesterday I also saw that error. Now I can reach site with no problem. Edit: that's strange on second try I get error - which was not a case a minute ago.
UPDATE: PROBLEM SOLVED This afternoon Bukasov Vasily remoted into my computer and spent a couple of hours looking for the cause of this issue. It turns out that Rehips wasn't at fault; it was a temporary file in the user profile that was causing Rehips to trip over itself and when that was removed Rehips started working perfectly. I can post the details here if anyone is interested. I impressed beyond words that the CEO of a company would give up his time to sort out a single customer's problem like this. If you haven't bought a licence yet do it soon! Thanks also to the members here who responded with suggestions.
I think I'll make a blogpost about this issue later. It has nothing to do with ReHIPS, but it completely blocked creation of other users. So who knows, maybe it'll be useful for someone. Unfortunately I wasn't able to deduce what exactly program created the file with bad access rights that made Windows abort profile creation, but I'm glad it's solved. Thanks, faircot, for your time. Best Regards, fixer.
I have a different issue with Rehips. I get an error msg. saying "wrong service version". Running windows 10 creators update, fully patched. No other security programs installed other than Windows Defender. The problem occurs after installation. Install in sua account, run installer as administrator. Everthing installs correctly and runs correctly. Shut down computer completely. Restart computer, all starts up correctly. Click on rehips control center from start menu and then get error msg above in quotes. Rehips control center does not open. Has anyone else had this problem?
This feature was made on purpose for : 1- allow ReHIPS to be fully compatible in SUA 2- to deny other users to access the settings and tamper with it. (for example if Lockdown Mode i used and the user is untrusted, ReHIPS will never ask any popups when a process is unknown, but directly block it (unless you are at Training or Permissive Level)
I've (finally) done some testing of my own for ReHIPS 2.2.0 Before I share my "Final Thoughts" there are some important ones to preamble with ReHIPS is awesome IF you think the windows integrity levels and security is good enough to start with ReHIPS is awesome IF you think having a GUI for *most* things you could do via windows already is cool (Hint: I think it could be but I hate the current GUI in this area) ReHIPS is awesome because it can use a separate desktop [and does so by default!!!] for 'isolated' apps ReHIPS is awesome because it *allows* us to use a token with less privileges than that which Windblows allows us to alter as *users* rather than API programmers. [/thumbsup!!!] ReHIPS is awesome because of its CMD Line Scanner! ~No doubt a strong inclusion {but you can't protect the user(s) from themselves} ReHIPS is awesome because it gives you a 'simple' GUI to modify things that Windows already handles like NTFS permisssions ReHIPS is awesome because it can protect apps launched in locations which another "Security Program" {BRN ring any bells?} can't even though both programs use the BFE! (So awesome!!!!!!!!) Final Thoughts: ReHIPS stinks {I think at least, ~maybe just atm?} because a ReHIPSUser# can still use runas (eg secondary logon) to escape which also implies that the *latest* escalation bug the internet might be screaming about can do the same. We are talking both real Windows kernel mode exploits (to a reasonable point, eg what might be able to help here really outside of the next?) and general brute force attacks on users. (Perhaps if IPC \RPC Control\SECLOGON was blocked [and even the runas.exe] by default this would only be a half-issue? Maybe if even included as an optional 'lock' of sorts set by default?) Expert Mode would of course mitigate this even more... BUT then we also have the CHILD prompt feature! (Awesome!!!) If applied properly by the USER (assuming they don't use runas often-like me) this ^issue^ is 'pretty much' moot. It annoyed me [strongly] though so I had to say *something*. There is not currently an easy way to import/export settings. I *like* to be able to retain settings across OS-reinstalls [not always possible] but in my limited tests so far there is no easy way to re-create protection as I would hope to. This is of course an, it's ME, not YOU, issue but I tend re-install my OS often (New NTLited builds) and don't want to spend hours settings things up from scratch for one program like this! {Sorry} Reported bugs (with enough info to help in recreation) have generally been taken care of swiftly! I don't have specific times but <48 hours in many cases. [VERY NICE!!!!] They've been {Kinda genius} in that they allow any VM user to test the software as it would function on a full (paid) version. [VERY NICE!!!!] P.S.: Props on keeping the *legit* registration checks in the service. I would normally suggest moving that stuff to the driver but in your case [not having any 3rd party DLLs loaded from the service] and the changes with 8/10 you're pretty much set on that front atm! With a sig of their own though someone might be able to circumvent that with 2 bytes changed and a ton of FF's in a certain .xml with a particular string?!¿ 88>FE 75>EB I certainly haven't tested *everything* ReHIPS might offer but Mr. X had kind words to share so I thought I'd look at it finally and thus far at least those final thoughts ended with ME giving up on considering it as viable on my system. I'd like to send a HUGE thank you to the Re-Team (Fixer, Crasher and whomever else I haven't recalled) even if my final use-stamp isn't a go at this point. VERY nice work@!
