Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Lynx

  1. Johnny, As I pointed before and what was confirmed by ctrlaltdelete: … and not only with XP' date=' as far as I know...Again , despite I personally never encountered such issue with security packages I did what Jim and ctrlaltdelete suggested in the past concerning different system problem(s) Therefore, please try step-by-step instruction posted by ctrlaltdelete It must not harm your system, but you may consider creating System Restore Point prior to the procedure Cheers!
  2. Thanks for the reply, JohnnySokko Don't worry, as I can see from your latest 2 posts you did follow No, regarding “considerable differences”As I mentioned not having the system details – folder & Reg. Entries names can vary Then the instruction posted was based on old one that was offered by the developers & experienced users here long ago, so to speak - “before the Win7 era” The new one was never published ...But! I did performed few successful Clean Uninstalls on Win 7 as well, using the same steps described (considering the differences mentioned) Now, if that is XP below is what to check in the 1st place: Folder: C:\Program Files\Emsisoft Anti-Malware Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Emsi Software GmbH Devices: Those were shown specifically for XP, and intentionally since you've mentioned AVG, which is in place here on XP - Please check the above - question: have you been successful with temporarily removing AVG with the respective Utility referred and then reinstalling AVG? (see below about the reply by JWC here) - As for Windows Security Center – again as I mentioned before - that one is disabled & I cannot care less about it, since it provides false & confusing information. You may have all Security there stated as recognized & valid but they may not work at all ... and you never know (useless stuff!) ======= Finally, if you've checked and cleaned all and still suspecting that there are EAM leftovers I may ask JWC to interfere. He posed the reply regarding WMI/WBEM and we had a discussion re: the matter I personally used the technique in the past few times, but honestly, that never involved any security I've tested. At the same time, I do not have any doubts about his experience, therefore his input will be highly appreciated Cheers!
  3. Indeedand sure , which was suggested in previous reply answering to the original posterCheers!
  4. Hi again ,WayAce I personally don't have any issues with disabling EAM's Guard with any options available Can you please clarify the matter and provide some additional info? My regards
  5. Hi WayAce, welcome to the forum Your message is not very clear. As I can see you are not using EAM or I could be wrong , therefore: Please follow the Rules requested If you are not sure what "Bullguard" detected on a Right-Click - please send the detected items to Bullguard's developers. At the same time, if you are saying that Bullguard detected something, but EAM did not - then use Submit new Malware Sure you can scan sub-folders using EAM and send flagged items from the Detection List Archives will be scanned by EAM/ or EEK unless you are using Custom Scan, where archives option is unchecked My regards
  6. Unfortunately you did not follow the instruction here & did not post any info about your system as required … but we may try... Please ask if any questions ======= EAM clean uninstall ======= Usually it works fine using just Add/Remove from Control Panel It may fail though if EAM is active (say performing an update) Read the following, but keep in mind that the folder name for EAM (disk or Registry) can be different - that's all you have to change - like “ a-squared [Free]” or “Emsisoft Anti-Malware” whatever you have there In addition if it's win7 x64 the software is installed into : C:\Program Files (x86)\a-squared Anti-Malware and respectively the Registry you have to search for in win7 x64 is: [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\emsi software gmbh] Considering all the above... 1) go Start > Run > type: “services.msc” (no quotes) 2) Find “Emsisoft Anti-Malware 5.0 – Service” 3) Stop it if it's running 4) Reset it to “Disabled” 5) Reboot Open a DOS box and navigate to the program folder, e.g: > CD c:\program files\a-squared\ - Uninstall the service: a2service.exe /uninstall a2antimalware (note: parameter "a2antimalware" has to be confirmed by the developers) - Unregister the context menu if it is present: Regsvr32 a2contmenu.dll -u (or a2contmenu64.dll) - Reboot - Delete the program folder: c:\program files\a-squared\ - Open "Regedt32" and delete the key: HKLM\Software\Emsi Software GmbH\a-squared\ ======= AVG clean uninstall ======= As above, it should be fine using Add/Remove, but you may consider invoking special Remover by AVG. Basically, you need to know the latest version of AVG & have the latest installer in place and use the respective Tool as in http://www.avg.com/us-en/utilities When all that was done - Reboot -fire up Start > My Computer -> Right-Click -> Properties -> Device Manager > check “Show Hidden Devices” you must not see any of those now If so, you can start from scratch with your security setups … whatever you prefer My regards
  7. Hi JohnnySokko, welcome to the forum I am a long term user of AVG & EAM/Mamutu There were never conflicts whatsoever I'm always using only "onExecute" by EAM and if I need (sometimes) "onAccess" by additional AV" It is a matter of managing 2 AV solutions. Not sure what could go wrong in your case Anyway, both can be cleanly uninstalled I can post some links & instructions if you want My regards p.s. Do not pay any attention ever to what Windows Security center tells you - that is useless unneeded service that has to be disabled amongst of many other default useless MS Windows services
  8. Thanks for the reply, sly That (the update) is always necessary step prior to scanning, so you are doing correct thing That is highly advisable having only one AV with real-time resident, but if you have some additional/on-demand scanners/AV solutions - you indeed must disable others during the scan by any given AV Thanks, if that helped & yes, I think you did get my points right Disconnecting from Internet is not always necessary … unless you are advised by an expert in some circumstances when investigating pretty special cases of suspected infectionMy regards
  9. Thanks for the reply, sly As I said MalAware is a "cloud" one. EAM does not use "cloud" As for EAM free (or full edition) sure you can scan being off-line, but you most likely will miss the latest updates. Moreover the on-line updates will deliver not only signatures but new executable modules ("program updates" in your terms) when necessary When downloading EEK you will definitely get the latest executables available. The signatures are the "latest" as well, but still you have to update being on-line, since the Additional Signatures (Ikarus) are coming quite frequently. In both cases whether it's EAM or EEK if you miss 50 subsequent updates you will get full t3sigs.vdb (Additional Ikarus signatures), which is ~ 70-80MB alone not speaking of much rare event as an updates of the executable modules My regards p.s. re: quotes - just use "Add Reply" when you don't need quote
  10. Hi sly, welcome to the forum There is a mix of questions here (don't get me wrong, please) When you are talking about a “cloud” scan – that is MalAware MalAware will scan only currently active processes. Sure it is using the very recent Signatures If the version and or signatures are not up-t0 date you will be prompted to download new Malaware & signatures As for the free edition of EAM (Emsisoft Anti-Malware) and /or EEK(Emsisoft Emergency Kit) you have to manage updates manually as frequent as you can ... only EAM full edition has auto-update feature EAM has to be installed ; EEK can be downloaded and used without installation (whether unsziped and being run from USB flash Stick or installed into separate folder on your hard drive) So basically , when you are using cloud - MalAware it is similar to running Quick type of Scan included in EAM/EEK ... but in all cases described you have to be on-line in order to update I hope the above makes it more clear, but definitely do not hesitate and ask if any further questions My regards
  11. Hi roynals, welcome to the forum This issue was discussed dozens of times in our old forum and lately in this new one Since Ikarus engine was introduced there were some improvements made already. For example in the past you can miss just 15 subsequent updated and you'd need to download whole Ikarus (Additional Signatures) database ~70MB Now it's a lot better - the same will happen if 50 subsequent updates were missed. At the same time, as Emsisoft developers stated several times they are working on it, but Ikarus developers are those who are responsible. Whether they (Ikarus) are going to make respective chages in the nearest future is currently unknown My regards
  12. Hi crisulici, Please read previous posts here in this thread It is better to create new request than reviving old threads Then, you did not supply info about the initial blocking of PDF Software site that you are using Anyway, if it's blocked by internal list/hpHosts – you can do: a) simple thing – edit the rule and "allow" if you trust the site and the Software; b ) apply to the owner(s)/ management of hpHosts providing info, which has a prove that the site is reliable and does not expose users to alleged dangers Instead, you posted some links (spigot.com), which are again under suspicion by EAM Built in List / hpHosts and WOT Furthermore, see http://www.urlvoid.com/scan/spigot.com as well My regards
  13. Thanks for the reply, huskersbig10 1) Problems with uninstalling/installing Java and the detections of “3 trojans from Java ” as in your initial post are separate issues; As a matter of fact uninstalling was not mentioned at all We cannot see from here what Java(s) are present there. Cleaning Java cache before rescanning – that's what was written above; 2) descriptions provided by you and the statement that “... trojans did something with my system...” leading us to nowhere, since we don't have any info about your system. Therefore I'm strongly suggesting following the advice above and post into “Malware Removal” section; 3) reports from EEK and OTL are needed in order to provide an expert with some preliminary information about your system. Then, further steps will be advised accordingly ... including proper installation of Java; 4) Both mentioned Utilities can be run from USB stick (as per instruction); 5) Update EEK (important) , disable all real-times of additional security and run the scan; 6) Attach all required log files there; 7) Finally, you may not have any “conflict window” displayed.When the security is overdone,the system may misbehave so badly that the symptom can be similar to having malware (or hardware issues). That's not a matter to discus this at the moment though My regards
  14. Thanks for the reply, Drake Please try to set output for the log file explicitly as in my example (/log=F:\Log.txt) It seems like I was able to reproduce the crash now when using "!!Log.txt" as you stated getting the same 2.6 Message : Unable to create directory. Most likely that's a problem When running my test I copied the parameters string as in your post,... but then edited the last bit automatically My regards
  15. Hi Drake, welcome to the forum I ran the latest CLS v after reading your post using the set of parameters as in your example There were no crashes. See images below. I had to post the screen output in 2 parts The log file created attached as well. All test suspects were perfectly deleted (scanned using full EAM afterwards) The only small question is the strange output as highlighted in the “_part_#2” image … I've never seen that before. At the same time the log file does not contain such “mysterious” output string I hope that developers can explain the meaning My regards p.s. Did you have a prompt for sending crash report to the developers with your e-mail & comments? Usually you should have the said option. If so, it is better to send the report straight to Emsisoft team
  16. Hi huskersbig10, welcome to the forum 1st, from you description it is not clear whether the the security stated at the right like Avira, Bitdefender, Spybot etc. have their real-time resident turned on If so definitely the scan will run at least 2-3 times longer than necessary You have to disable any other residents, basically having only one AV solution with the resident guard. In addition to long scans where “on-Access” of other AV solutions are active you may face different conflicts and clashes Then, without providing (attaching) saved scan report it's not possible to tell what was flagged and respectively give any advice. You can submit flagged entries to the developers If it is Java cache that was flagged – pleas clean it prior to scanning – there is a bug, where EAM False Positively flagging Java cache In order to clean Java cache please use steps described here Finally, if you are not sure and you are prompted to consult the experts then visit “Malware Removal” section of the forum Create new case and follow this instruction My regards
  17. Hi XcntrK , welcome to the forum I'm sure the developers will reply ASAP Meanwhile please send e-mail (Sales/Licensing:) as in Contact Us and or use Life Support (see the bottom of the referred page; choose "sale" from the drop-down list and leave a message. It may happen that in order to solve the problem you'll need to provide some info, which cannot be posted here into the open forum anyway My regards
  18. Hi Catherine, As ctrlaltdelete stated the licenses have to be in the list I've never seen 30 days trial and the full license in the list at the same time, meaning if you purchased the Software and entered the respective key (coupon number) there should not be 30 trial anymore As an example: That's what is present here currently here In order to clarify the situation - you may post the similar image Note: please hide personal info (e-mail) as in the the image above My regards
  19. Hi AXE, You should not expect any problems running EAM on Win7 x64 (I'm talking about current v5 stable or beta). Moreover , as far as I know and tried - it is allowed to use the same account on 2 computers. The only thing to consider – you should not use account on both PCs simultaneously So, - switch off the old PC that will be "junked" in the nearest future (if I got you correctly); or - disable the Guard and service; or - you can temporarily uninstall EAM from your old PC ... whatever you choose Then, install EAM on Win7 using your current account details Sure, in case you encounter any issues just ask and the developers and users will help Cheers!
  20. Hi laneon, Few things to consider – please do never ever set any security to automatically quarantine and/or remove suspects – those could be False Positives (FPs), therefore set it to “Alert” only as H_D correctly suggested – and that's the only option I am using with any security. So, if you are confident that the flagged items are malware you can quarantine. If not, you have at least 3 ways to submit the flagged items Unfortunately the [sticky] about that was removed from this forum Then, I may say, that the link, H_D provided is for “New Malware”, which is “... a file or files not recognized by Emsisoft Anti-Malware...”, ... but was flagged by different security As far as I got from your post EAM flagged the items - that is different to “New Malware” mentioned You case is definitely unusual and very interesting, because I personally never encountered anything like that, meaning.... if items were flagged by EAM (again – important) and were placed into Quarantine - EAM never failed to recover those from quarantine after discovering that it was an FP after the subsequent update (tested many times by me) It would be nice and appreciated if you submit to the developers what was(is) quarantined or detected. - Use Right-click from the Detection List when items are flagged; - You can Submit from Quarantine; - or you can send items by e-mail to the developers My regards p.s. {added} You can attach saved quarantine list here The only thin I can think about currently (speculation ) ... it could be Java Cache - There is a bug in EAM where it will flagged Java Cache (which are FPs). The only way is to clean Java cache before any type of scanning, but anyway, before you provide info it is hard to give you a certain answer. Cheers!
  21. Hi AXE, If you tried all suggestions discussed in replies #2-#12 re: shutdown issue and that didn't work, then please follow the advice by H_D in his last reply #17 In addition, see “Please read before posting!» at the top of the section and provide all info requested by the developers as in Announcement: Information to include in your support requests My regards
  22. Hi Guys, Sure it may be a difference between separate & bundle license From the initial post it's not clear what was (or intended to be) purchased Definitely, what you said is correct, speaking about: - “license would start it's own countdown when first used...” - “the countdown for the bundle” - and “clock starts ticking” if separate licenses were purchased, where you have those 10 months mentioned As a suggestion: it would be nice if the developers will include such info (unless I missed it) & whatever was changed, since the similar questions were asked dozens of times already Cheers!
  23. Hi Noobie, Here is one of the answers by the developers that I found using Search That answer was given quite a while ago, but as far as I know the policy haven't changed since My regards
  24. Greetings all, Recently (I think starting with EAM v5.xxx.14 or 15 ) I found this misleading message EAM always was and is set to “onExecution” only (& paranoid mode, if that matters) Usually, when scanning, I'm disabling additional AV resident if any, and respectively its “onAccess” feature At the same time if I leave the latter active (as is) the above message is displayed, which I never encountered before I do understand that the file in question is scanned by both AV's, but what does it mean that an additional AV (AVG in this case) is trying “to start” potential suspect ? It would definitely will not start / execute(?) it... My regards
  • Create New...