GT500

Emsisoft Employee
  • Content Count

    12603
  • Joined

  • Days Won

    380

Everything posted by GT500

  1. If you need instructions for starting your computer in Safe Mode, then please try this link.
  2. Have any of you tried enabling Beta Updates and running an update to see if the latest beta resolves the issue?
  3. We do have a newer beta version of Online Armor, so if you can enable Beta Updates and run an update in Online Armor then you can see if it resolves the issue.
  4. The service can be set to delayed start, however you will see an error message when the Guard loads and the service isn't running.
  5. When a file is locked, and cannot be deleted, EAM automatically schedules a Delete On Reboot, and asks to restart the computer. This is normal regardless of what type of file was locked or in use.
  6. If you can't start your computer, then please try following the instructions at this link to start your computer in Safe Mode, and then uninstall Online Armor. If you can start your computer normally after that, then we can go from there.
  7. Unfortunately the logs weren't Debug Logs. Here are instructions on how to enable Debug Logs and send them to us: Please open Online Armor, go to Options in the menu on the left, click the little check box to enable debug mode, restart your computer, and then try reproducing your problem. After that, please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs), upload it to a website such as RapidShare/DepositFiles/BayFiles/etc (which one you use is up to you), and then copy and paste the link to download the file into a reply (or you can send it to me in a Private Message if you don't want the link posted publicly on the forums). Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to Send To, and clicking on Compressed (zipped) Folder. Note that RapidShare and BayFiles have been having issues lately, and we may not be able to download the files from them. If you have DropBox, Google Cloud Storage, or Microsoft SkyDrive then those services would be more reliable. Also, you can attach files to private messages on these forums, and I would believe the limit is up to 128MB, so if the file is smaller than 128MB then you can just attach it to a private message to me on these forums.
  8. Our developers are working hard on Online Armor, and new beta versions have been released recently. Have you tried enabling Beta Updates and running and update in Online Armor to see if any of these issues have been resolved?
  9. If you have Debug Logs, then you can ZIP the Online Armor Log folder (usually C:\Program Files\Online Armor\Logs) and send them to me in a private message.
  10. Only the last 50 changes to a file in the database are saved, so if a file was older than the last 50 changes then it will have to redownload the entire file again. Do you only update once a day, or do you allow Emsisoft Anti-Malware to download updates hourly?
  11. I'm glad to hear that your issue is now resolved. Please let us know if you have any further trouble.
  12. Do you still have Kaspersky Internet Security installed? If so, then exclusions may be necessary. Here are instructions on creating a process exclusion in Emsisoft Anti-Malware: Open Emsisoft Anti-Malware from the icon on the desktop. Click Guard in the menu on the left. Go to the File Guard tab. In the lower-left corner, just above Alerts, click on the Manage whitelist link. In the box under Type click the little down arrow and change it from File to Process (you may need to click in the box for the arrow appear). Click in the white box below Item to make a button with three dots (...) appear, and then click the ... button. Navigate to the directory where the files you wish to exclude are located, and double-click on one of them to add it. Repeat the last 3 steps as needed to add each file to the exclusions list. Click the OK button at the bottom when done, and close Emsisoft Anti-Malware. I don't know what files you will need to exclude for Kaspersky, so if you need help with finding out then please let me know. I don't know what version of Kaspersky Internet Security you are using, so that makes it difficult to search and see if there are instructions for how to create exclusions in it. Here's a link to instructions for Kaspersky Internet Security 2013, and here's a link to instructions for Kaspersky Internet Security 2014. The files you will need to add to the exclusions are as follows: C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe
  13. Well, we can try Malwarebytes Anti-Malware and see if it finds anything. If you want to try it then please follow the instructions below: Please download and install Malwarebytes' Anti-Malware from one of the three mirrors listed below (beware of excessive advertising on some of the download pages): Download From TechSpot Download From CNet's Download.com Download From MajorGeeks When first running Malwarebytes' Anti-Malware, it will ask you if you want to operate it in a free trial mode. You can say no to this (the trial can be unlocked again at a later time if you want to try it). Make sure to go to the Update tab and click the Check for Updates button to get the latest database. Switch back to the Scanner tab and run a Quick Scan. When it is done, remove anything it finds. Whether or not it finds anything, you should be presented with a log in Notepad, which you should save to your desktop. Attach the log you saved on your desktop to a reply for me to take a look at. You can attach files to a reply by clicking the More Reply Options to the lower-right of where you type in your reply. When the page loads, there will be a button right below the box to type in (on the left side) that says Choose Files... which will allow you to select the log file to attach it.
  14. If you do, then Online Armor will no longer monitor any programs that are running out of those folders. Have you checked through the Programs list in Online Armor to see if any of Internet Explorer's files are not set as Allowed and Trusted?
  15. If the UAC is turned off, then you won't need to right-click and select "Run as administrator". Everything runs as administrator when the UAC is off, as long as the account has administrative rights.
  16. ComboFix probably can't be found because it wasn't able to finish running. It creates a couple of folders in the C: drive on a computer when it is run, one is called "Qoobox" and the other is randomly named (it will be a long string of letters and numbers). If you find those folders, you can delete them, but be certain that they are indeed the folders from ComboFix before you actually permanently remove them. The AdwCleaner and Junkware Removal Tool logs look good. How is everything running now?
  17. We'll probably need a DebugView log to see what is going on. Before we can get that, we'll need to set a registry entry that will tell Emsisoft Anti-Malware to output debug information that DebugView can see and save in its log. The following file eam_debug_output.zip contains two batch files. One of the will enable debug mode, and the other will disable it. Please download this file, extract the batch files from it, and run the batch file named eam_enable_debug_output (if your computer is running Windows Vista or Windows 7 then please make sure to right-click on the batch file and select to Run as administrator): After that, please restart your computer, and then proceed with the instructions below: Download DebugView from this link: When downloading, make sure to save it on your Desktop instead of clicking 'Run' or 'Open'. Right-click on the 'DebugView' file that you just saved on your Desktop, and select "Extract All". Before running DebugView, you will need to add a process exclusion to Emsisoft Anti-Malware to prevent crashing issues. Here are the instructions: Please go ahead and open Emsisoft Anti-Malware from the icon on the desktop. click on Guard in the menu on the left. Go to the File Guard tab. Click on the Manage whitelist link on the left, just above 'Alerts'. On the left, under where it says Type, click on where it says File and change it to Process. Click in the white space to the right of where you just changed 'File' to 'Process', under where it says Item, and a little button with three dots on it will appear to the right. Click on the button with the three dots. Navigate to the folder where DebugView is saved (this should be on your desktop), select the Dbgview file, and click the Open button in the lower-right. Click OK at the bottom to save the settings, and then close Emsisoft Anti-Malware. Open the new DebugView folder that was created on your Desktop after extracting. Windows XP and 2000 users should double-click on the file named 'Dbgview'. Windows 7 and Vista users should right-click and select "Run as Administrator". Click on the 'Capture' menu, and select everything except "Log Boot" (you will have to open the menu again after clicking to select an item). Do whatever it is you need to in order to replicate the issue with HyperSnap. After you have replicated the issue you can switch back to DebugView and click 'File' and "Save As" in order to save the log to a file on your Desktop. Please attach that log file to a reply so that we may analyze it for errors. You will need to use the More Reply Options button to the lower-right of where you type in your reply in order to access the attachment controls. Note: You may need to ZIP the log file in order to attach it. If you do not have a program such as 7-Zip, WinZip, WinRar, etc. then you can right-click on the log file, go to Send to, and click on Compressed (zipped) folder. You will be able to attach the ZIP archive to a reply. After that, you can run the eam_disable_debug_output batch file to disable debug mode. Note that your computer will need to be restarted after running the batch file.
  18. I still can't see anything that would be causing issues, other than perhaps "SpeedUpMyPC". It looks like there are a couple of remnants of what appear to be partially removed toolbars, but they shouldn't cause any serious issues. Lets try the following two things, and then go from there: 1. Uninstall ComboFix Hold down the Windows key on your keyboard (it has the little Windows logo on it, next to the Ctrl key) and press R to open the Run dialog. Type ComboFix /Uninstall in the field (make sure to leave a space just before the /) and then click OK ComboFix should take care of the rest. 2. Run AdwCleaner and Junkware Removal Tool Please download AdwCleaner and save it on your desktop. Close all open programs and internet browsers (you may want to print our or write down these instructions first). Double click on adwcleaner.exe to run the tool. Click on Delete. Confirm each time with Ok. You will be prompted to restart your computer. A text file will open n Notepad after the restart (this is the log of what was removed), which you can save on your desktop. Please attach that log file to a reply by clicking the More Reply Options button to the lower-right of where you type in your reply. If you lose that log file for any reason, you can find it at C:\AdwCleaner[s1] on your computer. Please download Junkware Removal Tool and save it on your desktop. Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator. The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log is saved to your desktop and will automatically open. Please attach the JRT log file to a reply by clicking the More Reply Options button to the lower-right of where you type in your reply.
  19. Lets get an OTL log. Please run OTL by following the instructions below: Click this link to save OTL onto your desktop (please make sure to click 'Save' instead of 'Run'). Double click on the OTL icon on your desktop to run it. Make sure all other windows are closed and to let it run uninterrupted. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan will take a few minutes. When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. The first one (OTL.txt) will be automatically saved on your desktop next to OTL, and the second one will need to be saved manually. Please make sure that both OTL.txt and Extras.txt are saved on your desktop, and then attach both of them to a reply so that we can take a look at them.
  20. There were some bad Windows Updates in August, however I would believe they were pulled from the Windows Update service after a week or two, and they should no longer be available. Microsoft Security Essentials and SUPERAntiSpyware are the only softwares I am seeing in your log that could prevent ComboFix from running, so as long as neither of them have real-time protection enabled then ComboFix should run just fine. Lets try using Rkill before using ComboFix, and see if it allows you to run ComboFix. Please download Rkill from one of the links below: rkill.exe rkill.com rkill.scr eXplorer.exe iExplore.exe WiNlOgOn.exe uSeRiNiT.exe The reason why there are 7 of them, each with a different name (and some of them with very funny names), is because some infections like to block security software from running. Start with the first one, and if it doesn't work then try the next one, and so on until you find one that works. Once you get one of the Rkill downloads to work, please run it a second time to make sure that it is no longer able to find any malicious processes still running. If it finds more, run it again to make sure that Rkill was able to stop any malicious processes still running on your computer. After running Rkill, please proceed with my previous instructions to run ComboFix (making sure to disable anti-virus and anti-spyware software first), and if everything works OK then attach the log to a reply when it is done.
  21. If avast! is using a proxy to filter Internet traffic, then Online Armor will not be able to filter Internet traffic by application, as it will appear to all be coming from avast!'s network filter process.
  22. Something is blocking ComboFix from running, so lets try running it in Safe Mode With Networking instead. Please follow the instructions at this link to start your computer in Safe Mode With Networking, and then try running ComboFix again.
  23. It is probably just a certain program that needs to be excluded from Online Armor so that it doesn't monitor it. Lets get some Debug Logs to see if they show which program needs to be excluded. Please open Online Armor, go to Options in the menu on the left, click the little check box to enable debug mode, restart your computer, and then verify the high CPU usage. After that, please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs), upload it to a website such as RapidShare/DepositFiles/BayFiles/etc (which one you use is up to you), and then copy and paste the link to download the file into a reply (or you can send it to me in a Private Message if you don't want the link posted publicly on the forums). Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to Send To, and clicking on Compressed (zipped) Folder. Note that RapidShare and BayFiles have been having issues lately, and we may not be able to download the files from them. If you have DropBox, Google Cloud Storage, or Microsoft SkyDrive then those services would be more reliable. Also, you can attach files to private messages on these forums, and I would believe the limit is up to 128MB, so if the file is smaller than 128MB then you can just attach it to a private message to me on these forums.