Phil_S

OK, thank you. Yes, it was pre-installed on purchase.

Hi Marcos, No. As I said, I'm trying to avoid that as the product is already installed. I just transferred it across to my licence in my ESET account. It has updated to a new version since I transferred it, but the logo persists. Can I do an over the top install with the installer? I assumed I would have to remove EIS and reinstall if I went down that route?

Last year I bought a new laptop, which came with EIS pre-installed and licensed by the vendor for an initial period. When opening EIS, the window has the logo of the PC vendor in the lower left corner. On expiration of the initial licence period, I transferred the licence to an unused seat on my own subscription, which is all good, but I thought that the vendor's logo might disappear after the licence change, yet it hasn't. I know it's not the end of the world, but is there a way of removing the logo from the product without a complete uninstallation and reinstall? I'm guessing there must be a logo file in a folder somewhere, and perhaps a registry entry that could be removed?

Thanks Marcos 👍

Hello, I have a new laptop running W10 Pro, configured with local user accounts and bitlocker encryption enabled. Bitlocker is also configured to require a pre-boot PIN. In the circumstances, is there any point in enabling Eset Anti-Theft? As I understand it, EAT relies on the device having booted and a thief logging in to the phantom account. But if they can't boot the machine in the first place...

I can't help except to say that I had exactly the same error messages during automatic update to EIS v13.2.18.0 today. Everything seems to be working OK with no more error messages after a reboot. I have edevmon.sys file version 10.15.30.0 installed in System32\drivers, but whether this is the current file version I can't say.

Thank you @Peter Randziak Everything is still normal so far. If it happens again I will let you know.

Thanks @Peter Randziak, So far, everything is normal since the reboot. If it happens again I'll do as you suggest, but I thought I ought to mention it in case there was an unknown issue with the new release, having found a similar post in the NOD32 AV forum. @Marcos, files attached. Thank you. AppCrash_ekrn_exe.zip

This is all I can find. It's from 24 hours ago and I don't know if it's relevant as according to the Eset log EIS successfully updated at 09:48 hrs today. The application update to 13.2.16.0 was completed at 08:01 yesterday, around 7 hours before this log was created. I have collected the files from C:\ProgramData\Microsoft\Windows\WER\ referred to below and can send them to Eset if required. Log Name: Application Source: Windows Error Reporting Date: 01/08/2020 15:56:57 Event ID: 1001 Task Category: None Level: Information Keywords: Classic User: N/A Computer: XXXX Description: Fault bucket , type 0 Event Name: APPCRASH Response: Not available Cab Id: 0 Problem signature: P1: ekrn.exe P2: 10.15.29.0 P3: 5f196609 P4: ntdll.dll P5: 6.3.9600.19678 P6: 5e82c88a P7: c0000024 P8: 00000000000ecf40 P9: P10: Attached files: C:\Windows\System32\config\systemprofile\AppData\Local\WER946A.tmp.WERInternalMetadata.xml WERGenerationLog.txt These files may be available here: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_ekrn.exe_87839f69d911de32f43cbe516cfcea1a4f1c5e4b_c3d09738_cab_1a639499 Analysis symbol: Rechecking for solution: 0 Report ID: 3da11dd7-d407-11ea-85f7-50e549b22cc4 Report Status: 131076 Hashed bucket: Event Xml: <Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Windows Error Reporting" /> <EventID Qualifiers="0">1001</EventID> <Level>4</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2020-08-01T14:56:57.000000000Z" /> <EventRecordID>305328</EventRecordID> <Channel>Application</Channel> <Computer>HOME</Computer> <Security /> </System> <EventData> <Data> </Data> <Data>0</Data> <Data>APPCRASH</Data> <Data>Not available</Data> <Data>0</Data> <Data>ekrn.exe</Data> <Data>10.15.29.0</Data> <Data>5f196609</Data> <Data>ntdll.dll</Data> <Data>6.3.9600.19678</Data> <Data>5e82c88a</Data> <Data>c0000024</Data> <Data>00000000000ecf40</Data> <Data> </Data> <Data> </Data> <Data> C:\Windows\System32\config\systemprofile\AppData\Local\WER946A.tmp.WERInternalMetadata.xml WERGenerationLog.txt</Data> <Data>C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_ekrn.exe_87839f69d911de32f43cbe516cfcea1a4f1c5e4b_c3d09738_cab_1a639499</Data> <Data> </Data> <Data>0</Data> <Data>3da11dd7-d407-11ea-85f7-50e549b22cc4</Data> <Data>131076</Data> <Data> </Data> </EventData> </Event>

Rebooted. Eset has just successfully checked for and completed an update . ekrn.exe now 125,000 KB memory in use, 0% CPU. Will see how it goes.

Eset updated to v13.2.16.0 yesterday and last completed a successful definition update over 4 hours ago. Wondering why my PC has slowed to a crawl I opened Resource Monitor to find that ekrn.exe is using over 12GB of physical memory, currently 93% memory usage and still increasing. The Eset tray icon is continuously spinning and the program has been reporting "Module update in progress" for at least the last hour that I am aware of, possibly since the last update check over 4 hours ago for all I know. I have tried clicking "Cancel Update" but it is not responding. Current stats for ekrn.exe are 132,933 threads 18.4% CPU Memory 12,419,948 KB Going to try restarting my PC now...

No, as I say all updates have completed without any errors since the end of June. I'm afraid I deleted all the notifications that I has, as there have been no problems for three weeks now, and my mailbox was filling up with successful notifications due to the bug in the current version. It is interesting though that my daughter's laptop also has an SSD.

I doubt it's of any help, but since my previous post in this thread on 24th June, I had a flurry of these differential update notifications from her laptop over a period of 3 days, seemingly affecting every download attempt, but since then nothing untoward at all. Since she has changed nothing on her laptop, I suspect some kind of external influence must have been involved.

Well, my daughter appears not to have had any further reports on her laptop since first experiencing the issue in a flurry over 2 days of attempted Eset updates. She has a standard W10 laptop with a single SSD partition and a default W10 installation, so I find the discussion relating to moved swap files and temp folders a bit of a red herring, at least in her case. @Samoreen are you still experiencing the issue? It seems to have stopped in my daughter's case, so the circumstances suggest some outside influence to me?

I have just found this topic as the result of a search on error notifications that I have just started receiving from my daughter's laptop: 24/06/2018 15:29:48 - During execution of Update on the computer xxx-LAPTOP, the following event occurred: Error occurred when applying differential update to base file. This has only started today, but so far I have received several notifications by email from her Eset AV. Unfortunately she is halfway around the world from me (hence the time discrepancy between the pasted notification text and my posting time) and not computer savvy, so I have no way of attempting to diagnose or obtain any logs from her machine, but I thought it worth mentioning in any case.

I reported the same to you here on 19th March after uninstalling Eset AV 11.1.42.0 at your suggestion. I had to reinstall my system from a backup image.

I have nothing to check one way or another Marcos, as I've copied over the entire system from a backup. All I did though was uninstall EAV, which appeared to finish successfully, and reboot into the BSOD. The screen said that a system component was missing or unavailable, and googling 0xc0000225 seems to suggest registry corruption.

Apparently an update should now be available to fix this. Bit late for me, as I took Marcos' advice to uninstall and re-install EAV, rebooted into a BSOD and ended up re-imaging the whole system partition from a backup

Just back from uninstalling Eset AV, rebooting into BSOD 0xc0000225 and reimaging my entire partition from a backup!!! Not the happiest I've ever been

It looks like that will mean I will lose all my settings and I can't export them first because of the password issue!

So I've just tried to do an in place install of v11.1.42.0 full download, but it won't let me run it because it already sees the same version installed. I can't enable pre-release updates because it doesn't recognise my settings password and I can't enable LiveGrid. I've applied for an unlock code through support but not yet had a reply and not sure if it will work given that you are saying that the configuration engine is the problem. Please advise

Marcos, as per my other thread, I had a settings password enabled and since this update I am also locked out of product settings because Eset is telling me that my password is incorrect, so I cannot enable pre-release updates or make any other changes whatsoever.

If I hold down Alt+Shift the password box doesn't accept typed characters. Tried Alt+Shift and release before typing password, also first typing password, then holding down Alt+Shift whilst clicking Enter in the dialogue box. Both methods still tell me that my password is incorrect. I've found the Eset unlock utility via product help and am going to try that.

Eset AV has just updated to version 11.1.42.0 - Following a reboot it is prompting me to enable LiveGrid but won't accept my settings password. It tells me that my password is wrong, so I can't accept the prompt or enter any of the AV settings to change anything

If you do a google search for disabling Win10 update on Win 7 or similar there are numerous articles describing how to prevent Win 10 from downloading and disabling the tray notification. It involves removing three MS updates from your PC and hiding them in MS Update so that they don't download again. Unfortunately MS are getting quite persistent in trying to force Win 10 and telemetry on users of older systems. I'm in that habit now of reading the published information on every update that's offered now, before deciding whether to install it. One of the reasons I'm not "upgrading" to Win 10 is the lack of transparency over what updates contain and the inability of the end user to decide whether to accept them.