GT500

Emsisoft Employee
  • Content Count

    11469
  • Joined

  • Days Won

    330

Everything posted by GT500

  1. We'll need a copy of the memory dump to be able to analyze it and determine what happened. Normally the file would be C:\WINDOWS\Memory.dmp however it will most likely be rather large in size, so you might need to use a service such as RapidShare, DepositFiles, BayFiles, or another similar website if your prefer, and then send me the link in a private message so that I can pass it along to our developers.
  2. I am not having this issue on Windows 7 x64, however I didn't update from version 6.6 to version 7, so I will start testing in virtual machines to see if I can replicate it. If anyone else is having this issue, please be sure to tell us what version of Windows you are experiencing it on.
  3. We'll need a copy of the memory dump to be able to analyze it and determine what happened. Normally the file would be C:\WINDOWS\Memory.dmp however it will most likely be rather large in size, so you might need to use a service such as RapidShare, DepositFiles, BayFiles, or another similar website if your prefer, and then send me the link in a private message so that I can pass it along to our developers.
  4. In the case of a non-bootable computer, an anti-virus scan will not give you any guarantees of resolving the problem. There could be damaged registry entries or damaged/missing system files, or there could be a rootkit causing the problem, and it would most likely take someone with a bootable disk such as BartPE or UBCD4Win to repair the computer. Even then, no repair can be guaranteed, and a reinstall of Windows may be necessary to fix the damage.
  5. I know, it seems a bit complicated, but it is the easiest way to figure out what is happening during the update process for the Emsisoft Emergency Kit. Actually, since you appear to have a topic open in our malware removal forum (which I apologize for not noticing earlier), and someone else appears to be assisting you there, it would be best if you could ignore my instructions above and simply stick with what Kevin (ShadowPuterDude) asks you to do. It will be far less confusing if only one person is attempting to assist you.
  6. You can find the version numbers at http://www.online-armor.com/downloads.php
  7. Here's some screenshots showing a2service.exe memory usage from EAM 7 in Windows 7 x64. From Task Manager: From Windows 7 Resource Monitor: From Microsoft's Process Explorer: The memory usage is looking much lower, although as Fabian mentioned it does "page out signatures that haven't been used in a while to reduce memory consumption", so the entire database is not loaded into physical memory.
  8. Please download and install Fiddler 2 from this link (this is the version that requires the Microsoft .NET Framework 2.0), and then follow the instructions below: After installing Fiddler, please open it from the Start Menu. Launch the Emsisoft Emergency Kit via the EmergencyKitScanner batch file. Go to Configuration in the menu on the left. Select the Update tab. Click on the Connection settings link in the lower-right corner. Check the box that says Use proxy server. Enter localhost in the Proxy server field, and then enter 8888 in the port field. Click 'OK'. Go back to the Menu on the left, and select Security Status. Click on the Update Now button to start the update (Fiddler must be running when you do this). After receiving the error message, go back to Fiddler, and to File, then Save, and select All Sessions (please save it on your desktop). Attach the file you saved from Fiddler to a reply for us to review by using the More Reply Options button to the lower-right of where you type in your reply.
  9. Do you know how to use Fiddler? It will allow you to create a log of network communication between the Emsisoft Emergency Kit and the update servers by setting the EEK to use Fiddler as a proxy while Fiddler is running. I'm going to write some instructions for this, in case you don't know how to use Fiddler. I'll post them as soon as I have them done.
  10. Yes, you should be able to use the new EAM 7 with BitDefender. We only use their engine, and we use our own technology for monitoring applications and such, so it should still be compatible. Admittedly it does seem a bit redundant to use both of them together, however, since EAM 7 should be capable of detecting anything that BitDefender can.
  11. The engine is a lot lighter than the finished BitDefender products. We're using their detection engine, and tying it in to our existing technology, so it shouldn't have any real performance impact.
  12. ICMP (Internet Control Message Protocol) is related to pings and traceroutes, and blocking it shouldn't cause a problem with using OpenDNS. If you want to change how Online Armor treats ICMP packets, then you will need to put Online Armor into Advanced Mode.
  13. Our developers want to see some logs. Please open Online Armor, go to Options in the menu on the left, click the little check box to enable debug mode, restart your computer, and then try reproducing your problem (whatever causes this notification to appear). After that, please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs), upload it to a website such as RapidShare/DepositFiles/BayFiles/etc (which one you use is up to you), and then copy and paste the link to download the file into a reply (or you can send it to me in a Private Message if you don't want the link posted publicly on the forums). Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to Send To, and clicking on Compressed (zipped) Folder.
  14. I have asked our developers for some input on this. If this ShimCacheMutex thing is a file, then I will need a full path and file name to look it up. Would it be possible for you to get a screenshot of this message, and attach it to a reply? Just in case you need them, here's a link to some instructions on copying and pasting, and you can access the attachment controls by clicking the More Reply Options button to the lower-right of where you type your reply. Edit: Also, please let us know what version of Windows your computer is running, and what Service Pack is installed, as well as what other security software is running on this computer.
  15. I've been running EAM 7 alongside MBAM, and there are no issues. I also installed the 1.65.0.1000 beta of MBAM last night, and updated EAM 7 to the latest beta version today. So far everything is working just like it did in EAM 6.x with previous versions of MBAM. As far as I can tell, the switch from the Ikarus engine to BitDefender's engine has not caused any changes in compatibility with other AV software (or at least it hasn't impaired it any). No actual installer has been created for EAM 7 yet (at least not that I am aware of). Right now the easiest way to get EAM 7 beta is to install EAM 6.6 and enable beta updates.
  16. We'll probably need some logs to see what the problem is. Please open Online Armor, go to Options in the menu on the left, click the little check box to enable debug mode, restart your computer, and then try reproducing your problem. After that, please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs), upload it to a website such as RapidShare/DepositFiles/BayFiles/etc (which one you use is up to you), and then copy and paste the link to download the file into a reply (or you can send it to me in a Private Message if you don't want the link posted publicly on the forums). Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to Send To, and clicking on Compressed (zipped) Folder.
  17. Here are some instructions on adding Avira to the Exclusions list in Online Armor: Click on the Start button, go to All Programs, go to Online Armor, and click on the Online Armor icon to open it. Click on Options' in the menu on the left. Go to the Exclusions tab. Click on the Add button. Use the little [+] and [-] icons to the left of folder names to open and close them, find the Avira Desktop folder (usually C:\Program Files\Avira\AntiVir Desktop), click on it to highlight it, and then click OK at the bottom. Close the Online Armor window.
  18. I would believe that version 4.0 would need to be removed in order to install 5.5, and your settings would not be retained.
  19. OK, our developers have taken a look at the message you posted for them, and they will look into a fix as soon as possible.
  20. Elise mentioned that SUPERAntiSpyware has been known to recreate some registry entries after they have been deleted, so it might be possible that one of your security softwares could be automatically restoring the entries after they are deleted. I know that Spybot Search & Destroy's TeaTimer used to do that as well.
  21. This user has opened a ticket on our helpdesk, so I will assist them there. Since I will be assisting them via the helpdesk, and since this user did not request malware removal assistance, I am closing this topic. Moose, please note that Arief, ShadowPuterDude, stapp, and myself can all reopen this topic if you need us to. If you want it reopened, then just let us know via a private message, or let me know via the helpdesk and I'll take care of it.
  22. It is not abnormal for popular e-mail providers to be difficult to get support from, and Microsoft is no exception. As for a key logger, it is a malicious program that logs every key you press on your keyboard, and reports it all back to whoever created it. On the subject of talking to Bill Gates, I am fairly certain that he retired a few year ago, although even if he did still work there it is doubtful that a company that large would allow the average customer to talk to their CEO.
  23. I've informed our developers of this, and they will take a look as soon as they are able to.
  24. GMER does not appear to be showing anything malicious or strange. I do not think there is an infection. I have a feeling that the behavior you are experiencing is most likely due to your security software. You can test this by disabling them one at a time to see if that resolves the issues you are experiencing.