V22621.3880.66.2 Pre-release explorer crashes

[MickeyM007]

FYI, for me V22621.3880.66.2 Pre-release explorer crashes when installing EP. I'm on Win 11 23H2, Build 22631.3880. It doesn't load explorer (the screen stays black/gray). Explorer.exe is in task manager, but I can't end task. status is 'suspended'. So I went back to v22621.3810.66.1. So you know. Thanks for your good work! I'm very very happy with EP!

[plofhaan]

Same.

[pyrates999]

Please post windows version and build. You can find this by running winver.

[PC-Shark966]

Zu Ihrer Information, für mich V22621.3880.66.2 Pre-Release Explorer stürzt bei der Installation von EP ab. Ich bin auf Build 22631. Der Explorer wird nicht geladen (der Bildschirm bleibt schwarz/grau). Explorer.exe befindet sich im Task-Manager, aber ich kann die Aufgabe nicht beenden. Status ist "Suspended". Also ging ich zurück zu v22621.3810.66.1. Sie wissen es also. Vielen Dank für Ihre gute Arbeit! Ich bin sehr, sehr glücklich mit EP!

Bei mir auch: V22621.3880.66.2 Defender meldet: Trojan:Win32/Wacatac.H!ml file: E:\Download\ep_setup.exe

EP startet mit Schwarzen Bildschirm Wurde Deinstalliert Windows 11 geht wieder ohne EP

Win:11 23H2 Build 22631.3880

[Amrsatrio]

Really sorry for this, I was trying to reduce antivirus detections by reworking my change that started them all again. Pulled 66.2 back and a new build will be made soon.

[MickeyM007]

Really sorry for this, I was trying to reduce antivirus detections by reworking my change that started them all again. Pulled 66.2 back and a new build will be made soon.

Thank you! I'm not sure it's the antivirus for me, I didn't see anything in the AV logs. Don't worry, it wasn't a big problem to revert.

[plofhaan]

Really sorry for this, I was trying to reduce antivirus detections by reworking my change that started them all again. Pulled 66.2 back and a new build will be made soon.

To add all the necessary file/folder exclusions to Windows Security (Defender), I just run this oneliner: powershell -ep bypass -c if([Security.Principal.WindowsIdentity]::GetCurrent().Groups -contains 'S-1-5-32-544'){Add-MpPreference -ExclusionPath @('%AppData%\ExplorerPatcher','%ProgramFiles%\ExplorerPatcher\ep_setup.exe','%LocalAppData%\Temp\ep_setup.exe','%UserProfile%\Downloads\ep_setup.exe','%WinDir%\dxgi.dll') -force}else{'Please run with Administrator privileges.'} 😉

[Amrsatrio]

@plofhaan Yeah that works but I often share my own private builds through Discord and if antivirus detections continue my Discord may get banned.

[plofhaan]

@plofhaan Yeah that works but I often share my own private builds through Discord and if antivirus detections continue my Discord may get banned.

That would suck IMO. lol

[Amrsatrio]

Fixed.

[pyrates999]

Really sorry for this, I was trying to reduce antivirus detections by reworking my change that started them all again. Pulled 66.2 back and a new build will be made soon.

To add all the necessary file/folder exclusions to Windows Security (Defender), I just run this oneliner: powershell -ep bypass -c if([Security.Principal.WindowsIdentity]::GetCurrent().Groups -contains 'S-1-5-32-544'){Add-MpPreference -ExclusionPath @('%AppData%\ExplorerPatcher','%ProgramFiles%\ExplorerPatcher\ep_setup.exe','%LocalAppData%\Temp\ep_setup.exe','%UserProfile%\Downloads\ep_setup.exe','%WinDir%\dxgi.dll') -force}else{'Please run with Administrator privileges.'} 😉

One directory you're including is: %UserProfile%\Downloads

That is your main downloads directory. I would create a directory inside that for downloading EP to instead and include that instead.

[plofhaan]

To add all the necessary file/folder exclusions to Windows Security (Defender), I just run this oneliner: powershell -ep bypass -c if([Security.Principal.WindowsIdentity]::GetCurrent().Groups -contains 'S-1-5-32-544'){Add-MpPreference -ExclusionPath @('%AppData%\ExplorerPatcher','%ProgramFiles%\ExplorerPatcher\ep_setup.exe','%LocalAppData%\Temp\ep_setup.exe','%UserProfile%\Downloads\ep_setup.exe','%WinDir%\dxgi.dll') -force}else{'Please run with Administrator privileges.'} 😉

One directory you're including is: %UserProfile%\Downloads

That is your main downloads directory. I would create a directory inside that for downloading EP to instead and include that instead.

No, the folderpath %UserProfile%\Downloads is not included in the array sub-expression operator. The filepath _%UserProfile%\Downloads\epsetup.exe is. Granted, there's still always the potential risk of downloading a malafide ep_setup.exe file from an untrusted source into the Downloads folder.

To mitigate this type of added risk, besides knowing what it is that I download and knowing where I download it from, I always make sure that my Firefox Portable browser is running under the supervision of Sandboxie-Plus in a clean sandbox. In my case that would be the DefaultBox, as the Forced Folders feature of Sandboxie-Plus is what I use to achieve this. To clean this sandbox, I wrote a separate script that I can run via a shortcut on my Windows 10 Taskbar Toolbar on Windows 11. So, thanks to EP, it takes only a single mouseclick to clean the sandbox on Windows 11.

In short, on those rare occasions when I need to download ep_setup.exe through my browser again, it actually gets downloaded to a path that is inside my sandbox, and, I didn't include that one in the code I posted above, as I wanted to avoid confusing those who might be unfamiliar with Sandboxie-Plus and its Quick Recovery feature. So, here's my other filepath: %SystemDrive%\Sandbox\%UserName%\DefaultBox\user\current\Downloads\ep_setup.exe

[pyrates999]

Thank you for the explanation.

I would explain exactly what your powershell script does and list all the directories and direct paths to files that are being excluded from windows defender.

[plofhaan]

@pyrates999 It's pretty self-explanatory IMO. It checks for Admin priviliges first, then runs the Add-MpPreference Cmdlet with the -ExclusionPath option to add the path exclusions to Windows Security by defining them in a string array with the array sub-expression operator, @( ... ). As it is a Powershell oneliner that needs to be run from the command line or within a batch script, the command line or batch interpreter expands the environment variables. So, in a command window, you can simply verify it like this: echo.&echo '%AppData%\ExplorerPatcher','%ProgramFiles%\ExplorerPatcher\ep_setup.exe','%LocalAppData%\Temp\ep_setup.exe','%UserProfile%\Downloads\ep_setup.exe','%WinDir%\dxgi.dll' Or, alternatively, powershell -ep bypass -c @('%AppData%\ExplorerPatcher','%ProgramFiles%\ExplorerPatcher\ep_setup.exe','%LocalAppData%\Temp\ep_setup.exe','%UserProfile%\Downloads\ep_setup.exe','%WinDir%\dxgi.dll')

To get a list of all path exclusions you currently have in Windows Security: powershell -ep bypass -c if([Security.Principal.WindowsIdentity]::GetCurrent().Groups -contains 'S-1-5-32-544'){(Get-MpPreference).ExclusionPath}else{'Please run with Administrator privileges.'}

To get a list of those specific path exclusions that you have specified in the array, but are currently not present in Windows Security: powershell -ep bypass -c if([Security.Principal.WindowsIdentity]::GetCurrent().Groups -contains 'S-1-5-32-544'){$a=@('%AppData%\ExplorerPatcher','%ProgramFiles%\ExplorerPatcher\ep_setup.exe','%LocalAppData%\Temp\ep_setup.exe','%UserProfile%\Downloads\ep_setup.exe','%WinDir%\dxgi.dll');$b=(Get-MpPreference).ExclusionPath;$c=($a^|Where-Object{$b -notcontains $_ });if($c.Length -eq 0){'All these path exclusions are present in Windows Security.'}else{'The following path exclusions are absent from Windows Security:';$c}}else{'Please run with Administrator privileges.'}

[pyrates999]

For those of us not as familiar with powershell as you are, thank you for the explanation. Not everyone on here knows powershell like you do.