Emsisoft Employee
  • Content Count

  • Joined

  • Days Won


Everything posted by GT500

  1. Please download Emsiclean from this link (be sure to save it on your desktop), and follow the instructions below to get me a log: Run the Emsiclean download that you saved on your desktop. Read the disclaimer. Note that you must agree to it in order to proceed. Once the scan is finished, simply exit Emsiclean, and do not remove anything. A new file will be saved on your desktop with a log of what was detected. Please attach that to a reply by using the More Reply Options button to the lower-right of where you type in your reply.
  2. The fix was not ready for the release. Hopefully it will be ready for a beta in the near future.
  3. BleepingComputer has some information on regserv.exe (assuming that that truly is the same infection that was on your computer), so I will ask our research if they know why this particular threat may not have been removable.
  4. Any program that you trust can be added to Online Armor as Trusted, or added to the exclusions in Online Armor to be ignored completely by the HIPS and the firewall. Please note that you will probably need to disable Online Armor when running any of the utilities that I post instructions for, as most of these utilities check things or do things that Online Armor can interfere with. How long it takes can depend on the computer and whether or not the security software is running at the time. I think I forgot to add that to the instructions I posted for you, so that's probably why it took so long. If you disable Online Armor and Emsisoft Anti-Malware then it should run faster.
  5. Our developers will need a copy of your firewall logs in order to see what might be wrong. Could you please ZIP the logs folder (usually C:\Program Files\Online Armor\Logs) and send it to me in a Private Message?
  6. I don't recall any discussion about options on the history page being redundant. May I ask what options have been made redundant?
  7. Is it working OK for everyone else?
  8. Thank you. I have passed your remarks on to our management, and we will consider these issues in future versions of Emsisoft Anti-Malware.
  9. I see an "extended trial" license associated with your Customer Center account. Has someone already assisted you with this, or do you still need some help with your license?
  10. No, the list contains only certain infections classified as 'spyware'. There are a lot more types of malware detected by Emsisoft Anti-Malkware than what are on that list.
  11. Please send me a private message with your license key (don't post it in a reply to this topic), and I will check and see if there is anything wrong with it.
  12. I merged both of these together because the first step in debugging the issues you reported is to disabled EAM completely and see if that makes a difference, and since your other topic was about how to do that it made sense to merge the two together. The first step is to right-click on the System Tray/Notification Area icon for Emsisoft Anti-Malware (should be somewhere in the lower-right corner of the screen to the left of the clock), and select to Shut down Guard. After that, please hold down the Windows key on your keyboard (normally in between the Ctrl and Alt keys, with the little Windows logo on it) and tap the R key to open the Run dialog. Type services.msc into the field, and then click OK. This will open a list of services that are installed on your computer. Please scroll down until you find the Emsisoft Anti-Malware Service, right click on it, and select Stop. This will completely turn off Emsisoft Anti-Malware, allowing you to check and see if it was the cause of the issues. To turn Emsisoft Anti-Malware back on, right click on Emsisoft Anti-Malware Service again and select Start, then click on the Start button, go to Programs, go to Emsisoft Anti-Malware, and click on Emsisoft Anti-Malware Guard.
  13. You can uninstall and then reinstall from the CD if you want, however it will still need to be updated to the latest version in order to provide you with the best protection, so we usually recommend that you download the latest version of Emsisoft Anti-Malware from this link. As for the license key, it should be OK, however if it is not then please let me know.
  14. Do you know where the file came from? Was it something that you downloaded, or does it appear to have been created by another program? Also note that, if you cannot access the file normally in Windows to copy it or upload it, then you should be able to do so from a bootable disk (UBCD4Win, BartPE, Windows PE, Linux, etc). UBCD4Win and certain Linux Live CD's (such as Kubuntu and the KDE edition of Fedora) will be the easiest to use, and the Linux downloads are the easiest because the bootable disks based on Windows (such as UBCD4Win) require that you have a Windows XP disk in order to build the boot disk from the files on the Windows CD, whereas the Linux Live CD's you simply download and burn to a CD. You can also try starting the computer in Safe Mode With Networking, and see if you can access the file that way. Here's a link to instructions on how to do that.
  15. I would need to see error logs to know more about what is going on. Reinstalling tends to be the quicker solution to this issue, although sometimes Emsiclean needs to be run after uninstalling to remove leftovers before a successful reinstall (depending on what actually caused the issue). If you don't want to reinstall, then first I will need to see any errors in the Windows Event Logs pertaining to the Emsisoft Anti-Malware Service (a2service.exe) or any other components from Emsisoft Anti-Malware. To open the Event Viewer on Windows 7, simply click on the Start button and type event viewer in the search field, then click on Event Viewer in the list of search results. You will need to double-click on Windows Logs in the list on the left to expand it (see the screenshot below), and then look under the Application and System for errors related to a2service.exe or a2guard.exe (errors will be easy to distinguish from other log entries as you scroll through the event logs, and everything is sorted by date and time by default). When you find an error related to an Emsisoft Anti-Malware component, then right-click on it and click Save Selected Events (please change the Save as type to Text (Tab delimited)). You can attach these individual events from the Event Logs to a reply by going to More Reply Options to access the attachment controls.
  16. Aside from a lot of custom group policy settings, I am not seeing anything odd in that log. I'll assume that you changed those group policy settings yourself, and will ignore them for now. We will probably need a scan engine debug log to see what is going on. I have attached a ZIP archive to the message which contains two batch files. One is named engine_enable_debug_output and the other is named engine_disable_debug_output. Please download this ZIP archive, extract the batch files, and run the engine_enable_debug_output file (if your computer is running Windows Vista or Windows 7 then please make sure to right-click and select to Run as administrator): After running the batch file, please restart your computer, and try to reproduce the performance issue when opening programs. After that, please check the Emsisoft Anti-Malware folder (usually C:\Program Files\Emsisoft Anti-Malware) and there should be a file named ScanEngineDebug.log (the files should be listed in alphabetical order). Please ZIP this file (if you do not have a program such as WinZip, 7-Zip, or WinRar then please right-click on the file, go to Send To, and select Compressed (zipped) folder) and make sure to save the ZIP archive on your desktop to make it easy to find. After that, please attach the ZIP archive with the ScanEngineDebug.log file in it to a reply by using the More Reply Options button to the lower-right of where you type in your reply to access the attachment controls.
  17. Unfortunately I am not able to speculate on why a particular file was or was not removed unless I can take a look at the file, and perhaps forward it on to our researchers and dev team for analysis. Would it be possible for you to upload the file to VirusTotal and send me the link to the analysis, or perhaps ZIP the file and send it to me in a private message?
  18. I just got a little more information about the Yahoo! issue, and it may just be a false positive. If this was just an accident on the part of one of our researchers, then they should have it fixed soon.
  19. That seems a bit odd, however I'd need to see the line from the log to know more. Since you are experiencing some odd issues, lets try a more generic system repair tool, and see if it helps: Please download Windows Repair (all in one) from this link. Install the program then run it. (note that it will occasionally need to restart your computer as you run through the steps below) Go to Step 2 and allow it to run CheckDisk by clicking on Do It button: Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button: (for Windows XP, if you do not have your Windows XP CD, then you will need to skip this step) Go to Step 4 and under "System Restore" click on Create button: Go to Start Repairs tab and click Start button. You don't want it to run through every fix in the list, so please ensure that ONLY items seen in the screenshot below are selected as seen in the screenshot (they're all checked by default, so uncheck the ones that are not checked in the screenshot below): If there are any fixes in the list that are not in the screenshot above, then please uncheck them as well. Click on box next to the Restart/Shutdown System When Finished (leave it set to Restart System just below that). Then click on Start to begin the repair process.
  20. Our developers are looking into this. Thank you for reporting it.
  21. Microsoft's EMET sounds like it was designed for use in corporate networks, however it also sounds like it would be usable by the average person (this is just an assumption based on the description on Microsoft's website, however, as I have not used it). As for whether or not it is needed, if it truly does what it claims, then it sounds like it would be useful at helping prevent infections. However, please note that this will not prevent infections that spread by "social engineering" (making you think the infection is something that you actually want to run on your computer).
  22. Were any of you able to get logs?
  23. I wasn't able to reproduce this on my computer (the tooltip looks normal to me). May I ask what version of Windows your computer is running?