Jump to content

Cannot change Windows themes


JoeBlack40
 Share

Recommended Posts

Hello,

As the titles says,I installed 2 days ago last version of ESET AV and i found out that i cannot longer change Windows themes with TuneUp Utilities 2013,it remains always the native one.I have snapshots with both Avast free and AVG Pro and this issue doesn't occur.Any idea what's going on? (already tried to disable NOD32 protection and its HIPS).

When TuneUp tries to change the theme,ESET's icon is changing for a second or so in a yellow triangle.

Windows 7 Ultimate x86,i have installed Sandboxie and Privatefirewall on my laptop.(ESET has all the green light it needs from Privatefirewall btw).

Link to comment
Share on other sites

I didn't try it yet,but i just wanted to try again with the HIPS disabled.And guess what,after restart this time it worked.Just wondering with the HIPS disabled the protection of NOD is not affected overall...?(i have Privatefirewall's HIPS anyway...).I just re-enabled Self Defence...don't know why it's disabled automatically with the HIPS,and then must be re-enabled.

Thank you Marcos for the help.

Link to comment
Share on other sites

The best thing you can do with fallible placebo junkware like PC TuneUp Utilities is uninstall it, and never look back. Software such as this designed to prey on the naivity of Windows users. Such tools are highly frowned upon in the IT industry.

Anything that claims to boost, tune, optimize, clean or fix your computer is at best, making false claims, at worst damaging your system.

Link to comment
Share on other sites

The best thing you can do with fallible placebo junkware like PC TuneUp Utilities is uninstall it, and never look back. Software such as this designed to prey on the naivity of Windows users. Such tools are highly frowned upon in the IT industry.

Anything that claims to boost, tune, optimize, clean or fix your computer is at best, making false claims, at worst damaging your system.

I'm using TuneUp since 2007 and never faced a problem.It's your opinion,i respect it,but don't make the assumption that who is using this software is naive.Cause you are wrong.Very wrong.

Link to comment
Share on other sites

Hi JoeBlack40,

 

Right so it works while the HIPS is disabled.

 

If you haven't tried already then maybe you could try to put the HIPS into the Learning Mode, and while in Learning Mode use your tuneup program and maybe change some themes to see if the HIPS will create all necessary rules automatically.

 

After that, turn off Learning mode, and put the HIPS back into the automatic mode and once again try to use tuneup to see if it works properly this time with HIPS enabled.

Link to comment
Share on other sites

We don't want to discuss here how useful or useless such software. The user has a problem and we are here to help him.

 

@JoeBlack40

The triangle you saw is surely from the Gamer Mode. It's nothing bad and in your case it has to say quite nothing.

If you want to know more about this look at this knowledge base articles:

Link to comment
Share on other sites

@JoeBlack40

No HIPS doesn't disable all the protection. It's only one protection module - however it's an important one.

 

@all

So, I was able to reproduce the issue. TuneUp 2013 and Windows 7 too, but ESS 8.0.304.

 

The theme is just not changing (correctly). In the example I tried it changed a few things, e.g. the color of the text in the title, but the main things weren't changed and TuneUp Styler (that's the "module" with which you do this) keeps telling that the default is active.

Before each try I reset the theme to Windows default with the normal Windows function to change the design.

 

Now to troubleshooting.

I tried it with HIPS completely disabled and it worked.

I tried it with learning mode and it doesn't worked.

So I tried to narrow it down. I disabled the HIPS modules, one at a time, and I found the "bad guy". The self-protection is blocking the process.

 

Later I tried Marcos instructions too and they seem to confirm it.

Does renaming C:\Windows\System32\drivers\eamonm.sys and ehdrv.sys in safe mode, one at a time, make a difference?

Here are the results:

Both renamed: OK
Only eamonm.sys renamed (so that realtime protection won't work): NO
Only ehdrv.sys renamed (so that HIPS won't work): OK

 

BTW I noticed some other strange things too:

  • When HIPS is disabled or it can't work (because of renamed ehdrv.sys) the tray icon isn't warning.
  • When HIPS is disabled (but not if it can't work) there is even not showed a red dot in the GUI, but just a white (empty) one (like the dot when Gamer Mode is deactivated).
  • When I disable HIPS, and click OK to confirm I know I have to restart (I can only click OK), the self-protection will be greyed out, but all the other things (Advanced Memory Scanner and Exploit Blocker) still seems to be activated.
  • After a restart after disabling HIPS or when HIPS can't work, some of the above mentioned "modules" of HIPS were just gone (There were only 2 checkboxes anymore I think).
    When I re-enabled HIPS the checkboxes only appeared after a restart.

Edit: Now I enabled "log all blocked events" in the HIPS setup, tried to change the theme and checked the HIPS log after this. But there were no entries.

Edited by rugk
Link to comment
Share on other sites

Thank you SweX and rugk,very helpful guys .As i already said,i leave the HIPS disabled as i have Privatefirewall which is more suited for this job.As far as i'm concerned,the issue is solved for me. 

Link to comment
Share on other sites

No it isn't solved at all. And you even can't say that a firewall makes HIPS useless.

And as I wrote you don't have to disable the complete HIPS - just enable all modules except of the self-protection.

Edited by rugk
Link to comment
Share on other sites

  • Administrators

The tool likely uses some aggressive techniques that are blocked by Self-defense which is aimed to protect crucial system processes as well. Not sure if it'd be safe to make an exception for this particular software but we can investigate the possibilities.

Link to comment
Share on other sites

I can't image what changes it could make to ESET. Normally it should just make changes to the Windows system, but the self-protection is only protection changes to ESET.

 

Maybe we would have to test it with ESS or NO32 7 to look whether it will blocked there too.

Edited by rugk
Link to comment
Share on other sites

  • Administrators

I can't image what changes it could make to ESET. Normally it should just make changes to the Windows system, but the self-protection is only protection changes to ESET.

 

This is not true. Self-defense also protects crucial system processes.

Link to comment
Share on other sites

No it isn't solved at all. And you even can't say that a firewall makes HIPS useless.

And as I wrote you don't have to disable the complete HIPS - just enable all modules except of the self-protection.

I really don't care about ESET's HIPS.Really.Because I'm using Privatefirewall for this and that's all.

Link to comment
Share on other sites

The tool likely uses some aggressive techniques that are blocked by Self-defense which is aimed to protect crucial system processes as well. ...

And why the other AV doesn't block this "aggressive techniques"???

Link to comment
Share on other sites

  • Administrators

And why the other AV doesn't block this "aggressive techniques"???

Probably because they don't prevent malware from performing these critical operations over system processes or they have already added an exception for that particular application.
Link to comment
Share on other sites

  • Administrators

I really don't care about ESET's HIPS.Really.Because I'm using Privatefirewall for this and that's all.

By disabling HIPS you don't only disable Self-defense but Advanced memory scanner as well. Advanced memory scanner is another protection layer that scans memory when a suspicious file is executed and terminates suspicious processes. I strongly doubt that this is something that Privatefirewall does as well :)
Link to comment
Share on other sites

I can't image what changes it could make to ESET. Normally it should just make changes to the Windows system, but the self-protection is only protection changes to ESET.

This is not true. Self-defense also protects crucial system processes.

Okay, I didn't knew this. I though this would do the "normal" HIPS.

Edited by rugk
Link to comment
Share on other sites

But why don't there are log files about this?

 

Edit: Now I enabled "log all blocked events" in the HIPS setup, tried to change the theme and checked the HIPS log after this. But there were no entries.

Link to comment
Share on other sites

Hello

 

My suggestion, which is usually taken highly, would be not to disable self-defense, but create exceptions for Tuneup. Create firewall exceptions, and/or HIPS exceptions which will tell "ESET" to allow the Tuneup to make changes it needs to make to the system.

 

As far as my opinion on system utilities is concerned, if you are an IT Tech, you don't require these utilities due to the fact we already know how to do all of it without the tool. Also there are a plethora of fake tune utils.

However , i can speak highly for Tuneup Utilities as a very good program for system maintenance outside of the normal windows operations, but it may be the only one i recommend aside from CCleaner which is still a preference.

 

Good luck, glad your issue is "explained and understood as not a problem".

:)

Edited by Arakasi
Link to comment
Share on other sites

  • Administrators

I was unable to reproduce it on Windows XP. Downloading and applying a theme worked alright. If HIPS (Self-defense) has actually blocked something, it should have been logged in the HIPS log as long as logging blocked operations is enabled.

Link to comment
Share on other sites

I think the break is when you utilize another 3rd party app to change the theme.

@Marcus : Were you unable to reproduce using Tuneup Utilities to change the theme, or did you go through control panel ?

Link to comment
Share on other sites

@Arakasi

  • You don't need a firewall exception. (I see no reason why you should need this. Especially not for changing the Windows style.)
  • Marcos. ;)

The thing with the HIPS exception I will try later.
 
@Marcos
I think this could be a kind of incompatibility of the programs.
So you surely have to use the same program (TuneUp Styler), possibly the same ESET version (8) and maybe even the same OS (Windows 7).
 

If HIPS (Self-defense) has actually blocked something, it should have been logged in the HIPS log as long as logging blocked operations is enabled.

Yeah, that's the reason why I'm asked.
And that's also the reason why I'm assuming it's not wanted/expected behaviour of HIPS.

Edited by rugk
Link to comment
Share on other sites

@Arakasi

  • You don't need a firewall exception. (I see no reason why you should need this. Especially not for changing the Windows style.)
  • Marcos. ;)

 

1. Read quote carefully, i was speaking in general: "Create firewall exceptions, and/or HIPS exceptions"

2. Thanks.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...