GT500

Emsisoft Employee
  • Content Count

    10989
  • Joined

  • Days Won

    315

Everything posted by GT500

  1. What kind of Internet connection do you have? DSL? Cable? Is there a modem or a router that you connect to your computer to access the Internet?
  2. Topic reopened per user's request, and user's log (which was sent via PM) is attached:
  3. If you can get the Linux disk to work, then you should be able to download files through it and save them on your hard drive. There should be an Internet browser named Konqueror on the Fedora Linux disk, since it is the KDE version and KDE always comes with Konqueror. It may also come with Firefox, as that at least used to be the default browser on Fedora Linux.
  4. OK, that appears to be an actual Microsoft file, and is probably a false positive. Would it be possible for you to export the log from Emsisoft Anti-Malware that shows the detection, and attach it to a reply? You can access the logs by opening Emsisoft Anti-Malware, and going to Logs in the menu on the left.
  5. I have written a cleanup script for OTL (if you need to, you may download OTL from this link) which will tell it how to get rid of the leftover McAfee stuff (note that some of this appears to be related to McAfee drive encryption, so if you used it to encrypt any data then you will need to decrypt it before running this script). Please download the following OTL_Script file, and save it on your desktop. After saving it, open it, run OTL, and copy and paste the contents of the OTL_Script file into the Custom Scans/Fixes box at the bottom of the OTL window: Then click the Run Fix button at the top. Let the program run unhindered, restart your computer when it is done (it may automatically restart your computer on its own). After your computer has restarted, please open OTL again and click the Quick Scan button. Attach the log it produces in your next reply (just the OTL log, as I don't need to see the Extras log again). You will need to click the button that says More Reply Options to the lower-right of where you type your reply to be presented with the attachment controls.
  6. I've split this into another topic since it appears to be a separate issue. That should make it easier for us to help you troubleshoot it. Is there any possibility of getting logs? You may need to disable Debug Mode, restart your computer, and then delete the contents of the logs folder before you re-enable Debug Mode, restart your computer, and reproduce the problem. That will ensure that the logs are a bit smaller in size when you send them.
  7. Currently, it takes advantage of multiple processors or multiple cores automatically. In version 7, our developers plan to give you more control over that with scan settings for thread count and processors/cores to use.
  8. Currently our developers are planning on adding settings for thread count and core usage restrictions to version 7.
  9. My understanding of the Sandboxie issue is that the Emsisoft Anti-Malware service would need to be run inside of Sandboxie in order for the Outlook plugin to be able to communicate with it while Outlook is running in Sandboxie.
  10. OK, here's an attempt at making instructions for using VirusTotal. 1. Click on this link to go to VirusTotal. 2. Click on the Choose File button as highlighted in the screenshot below, and then use the little window that opens to select your file: 3. After selecting your file, click the Scan it! button to scan the file: 4. If you see the message in the screenshot below, then click the Reanalyze button: 5. As your file is being analyzed, right-click in the address bar and select Copy from the menu: 6. Paste the address of the VirusTotal analysis into a reply so that I can take a look at it.
  11. Don't worry, get me the log when you can. If the topic gets locked, then you can send me a private message asking to have it unlocked.
  12. Please get a fresh OTL log for me: Click this link to save OTL onto your desktop (please make sure to click 'Save' instead of 'Run'). Double click on the OTL icon on your desktop to run it. Make sure all other windows are closed and to let it run uninterrupted. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan will take a few minutes. When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. The first one (OTL.txt) will be automatically saved on your desktop next to OTL, and the second one will need to be saved manually. Please make sure that both OTL.txt and Extras.txt are saved on your desktop, and then attach both of them to a reply so that we can take a look at them.
  13. Could you please upload each of those files to VirusTotal, and then send me the link to the analysis of each file? They could be harmless, but we can check and make sure.
  14. Current version of TDSSKiller appears to be 2.7.34.0 (not sure what it was when I posted my instructions in post #105). It may actually check for updates when it runs, but I cannot guarantee that.
  15. Most of the information relates to things Online Armor is doing. The logs are encrypted for safety, and only Andrey can decrypt them (I don't even have the ability to decrypt and read them). Just an FYI: Andrey did let me know that he has downloaded your logs, and that he's taking a look at them.
  16. OK, we'll probably need some logs to see what the problem is. Open Online Armor, go to 'Options' in the menu on the left, click the little check box to enable debug mode (just above the "Run Safety Check Wizard", restart your computer (Debug Mode will not be enabled until after your computer is restarted), and then try launching a program in "Run Safer" mode. After that, please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs) and attach it to a reply for me. Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to "Send To", and clicking on "Compressed (zipped) Folder". If the file it too large to attach to a reply, then let me know, and I will send you a private message with instructions on how to get it to us. Edit: Scratch that. Our developers just reminded me that RunSafer just executes an application with restricted rights. When running as a "Standard User" your applications are already running with restricted rights, so RunSafer doesn't actually do anything when running applications under a "Standard User" account, which is why no border is displayed around the window of a program that is set to execute in RunSafer mode.
  17. OK, we'll probably need some logs to see what the problem is. Open Online Armor, go to 'Options' in the menu on the left, click the little check box to enable debug mode (just above the "Run Safety Check Wizard", restart your computer (Debug Mode will not be enabled until after your computer is restarted), and then try launching Chrome. After you see the warning from Online Armor, click the button to allow it, and then please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs) and attach it to a reply for me. Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to "Send To", and clicking on "Compressed (zipped) Folder". If the file it too large to attach to a reply, then let me know, and I will send you a private message with instructions on how to get it to us.
  18. Here are some instructions on adding this program's folder to the Exclusions list in Online Armor: Click on the 'Start' button, go to "All Programs", go to "Online Armor", and click on the Online Armor icon to open it. Click on 'Options' in the menu on the left. Go to the 'Exclusions' tab. Click on the 'Add' button. Use the little [+] and [-] icons to the left of folder names to open and close them, find the folder that you wish to add to the exclusions list, click on it to highlight it, and then click 'OK' at the bottom. The folder you are looking for is most likely C:\DatabaseNet4 Close the Online Armor window.
  19. OK, lets get some more information. Our developers want a log from System Information, and I would like to see an OTL log, so here's instructions for getting both: System Information Click on the Start button. Go to All Programs . Go to Accessories . Go to System Tools . Click on System Information . Click on the File menu to open it. Click on Save . Save the System Information on your desktop (this may take a few minutes). Close the System Informaton window and then right-click on the System Information file you saved, go to Send to , and select Compressed (zipped) folder . This will add your System Information file to a ZIP archive that you can attach to a reply in this forum topic. Reply to this topic by using the More Reply Options button to the lower-right of where you type in your reply, and attach the ZIP archive to a reply. OTL Click this link to save OTL onto your desktop (please make sure to click 'Save' instead of 'Run'). Double click on the OTL icon on your desktop to run it. Make sure all other windows are closed and to let it run uninterrupted. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan will take a few minutes. When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt . The first one (OTL.txt) will be automatically saved on your desktop next to OTL, and the second one will need to be saved manually. Please make sure that both OTL.txt and Extras.txt are saved on your desktop, and then attach both of them to a reply.
  20. OK, we'll probably need some logs to see what the problem is. Open Online Armor, go to 'Options' in the menu on the left, click the little check box to enable debug mode (just above the "Run Safety Check Wizard", restart your computer (Debug Mode will not be enabled until after your computer is restarted), and then try a normal shutdown. After that, please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs) and attach it to a reply for me. Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to "Send To", and clicking on "Compressed (zipped) Folder". If the file it too large to attach to a reply, then let me know, and I will send you a private message with instructions on how to get it to us.
  21. You're quite welcome. Since everything seems OK, I am going to go ahead and close this topic. Note: The instructions in this forum topic have been customized based on the logs posted by the person asking for assistance. Please do not attempt to follow any of the instructions in this forum topic, as they could cause damage to your computer. If you require assistance, please start here if you believe your computer is infected, and one of our experts will be happy to assist you by analyzing your logs.
  22. If no threats were found, then I'm fairly certain that it does not give you the option to save a log, so that's OK. ComboFix makes repairs on its own, and you will see some deletions in its initial log. Also, the scripts I asked you to run made some repairs as well (mostly just deleting things that were bad or didn't need to be there, as well as temp files). If you go ahead and run a scan with Emsisoft Anti-Malware, does it detect anything?
  23. If you look in the folder C:\Program Files\Emsisoft Anti-Malware are there any files with names that end in .elf? If so, please zip the, and attach them to a reply. You can zip files by right-clicking on them, going to Send to, and selecting Compressed (zipped) folder.
  24. Brilliant? Or slightly crazy? I'm sure that's open to debate. That ComboFix log looks fine to me. Lets get a second opinion just to make sure we didn't miss anything. Please run an online virus scan through ESET by following the steps below: Turn off your anti-virus software. Click on this link. Click on the ESET Online Scanner button. Put a check in the box that says YES, I accept the Terms of Use. Click the 'Start' button just to the right of the checkbox. Uncheck the box that says Remove found threats (this is very important). Click on Advanced settings. Put a check in the box that says Scan for potentially unsafe applications. Verify that Scan for potentially unwanted applications is also checked. Verify that Enable Anti-Stealth technology is also checked. Click the Start button in the lower-right corner of the page, and it will begin downloading it's database, and then it will start scanning. When the scan is done, if it shows a screen that says Threats found!, then click List of found threats, and then click Export to text file... (if nothing was found, then just let me know that no threats were found). Save that text file on your desktop, and then attach it to a reply (using the More Reply Options button in the lower-right corner of this forum topic) for me. Close the ESET online scan. I will take a look at the log, and let you know if anything needs removed.
  25. OK, go ahead and run a scan with Emsisoft Anti-Malware, and let me know if it detects anything.