GT500

Emsisoft Employee
  • Content Count

    13296
  • Joined

  • Days Won

    412

Everything posted by GT500

  1. Could you run another OTL scan on the Windows installation on your F: partition? I want to see if the service and driver entries were not correctly removed.
  2. I don't mind looking at logs. Please be aware though that there are a lot of logs that I don't know how to read, so if it is from an unfamiliar utility then I cannot guarantee that I will be able to make much sense out of it.
  3. MBAM works fine with Emsisoft Anti-Malware on most computers, and should be OK to keep. I actually keep it installed with the real-time protection enabled, since I have a lifetime license for it.
  4. OK, I have sent the link to one of our developers. Hopefully the issue can be easily fixed, however please note that I may need to open a bug report for it so that our development team can take a closer look at the issue and work on a fix.
  5. They won't allow you to upload without my e-mail address? I'll send it to you in a private message.
  6. It's not abnormal to see keylogger notifications when playing games, due to the way they capture keyboard input. It is odd that it took so long for Online Armor to notify you about it. Did you change any settings in the game shortly before the notification appeared?
  7. It's more likely that explorer.exe is loading just a little bit slower than normal. It is possible to create a process exclusion for explorer.exe if you want to see if that resolves the issue. Here's some instructions on how to create a process exclusion: Open Emsisoft Anti-Malware from the icon on the desktop. Click Guard in the menu on the left. Go to the File Guard tab. In the lower-left corner, just above Alerts, click on the Manage whitelist link. In the box under Type click the little down arrow and change it from File to Process (you may need to click in the box for the arrow appear). Click in the white box below Item to make a button with three dots (...) appear, and then click the ... button. Navigate to the directory where the files you wish to exclude are located, and double-click on one of them to add it. Repeat the last 3 steps as needed to add each file to the exclusions list. Click the OK button at the bottom when done, and close Emsisoft Anti-Malware. On most computers explorer.exe would be at this location: C:\Windows\explorer.exe
  8. Try uninstalling Emsisoft Anti-Malware, then restart your computer a couple of times to make sure that everything gets removed, and then try downloading and reinstalling the latest version from this link. Now that the Program Files folder is different, it might install to a different folder. Also, be sure to check your C: drive to see if it removes Emsisoft Anti-Malware from that partition when you uninstall.
  9. Try using this service: https://www.wetransfer.com/ You can post the link to download the logs, or you can send it to me in a private message.
  10. Unless the DNS settings in your router were hijacked, or there is an infected computer on the same network as your computer, then you should not be having issues with that. Have you tried settings the DNS settings in Windows to the addresses of trusted DNS servers, such as the ones for OpenDNS? 208.67.222.222 208.67.220.220 Here's a link to instructions on how to change those settings.
  11. If you mean that you are running them in Online Armor's "RunSafer" mode, then what that does is downgrade the rights of the program to the same as a limited user, which means that programs running in that mode would not be able to save settings and configuration information in their installation directories.
  12. You mean BASH? That software isn't persistent, and shouldn't be hanging around after a reformat. It's a command-line shell designed for use on Unix operating systems (sort of like a DOS prompt, but vastly more advanced).
  13. Well, the AVG driver is gone. If you are still having issues, then lets get some debug logs from Emsisoft Anti-Malware. In order to do this, you will first need to run a batch file to enable debug logging. This batch file is contained in the ZIP archive at the this link (this ZIP archive also contains a batch file to disable debug logging). Please save that ZIP archive on your desktop, extract its contents, and then follow these instructions: Run the enable_debug_output batch file (if your computer has Windows Vista, Windows 7, or Windows 8 then please right-click on the batch file and select Run as administrator). You will see a black window pop up, and then disappear very quickly. After that happens, please restart your computer. Try reproducing your issue with not being able to get the scan to run. Once you have reproduced the issue, hold down the Windows key on the keyboard (the one with the Windows logo on it, usually in between the Ctrl and Alt keys) and tap the R key to open the Run dialog. Type the following into the Run dialog, and then click OK: %ALLUSERSPROFILE%\Emsisoft A window should open and you should see a Logs folder. Right-click on that Logs folder, go to Send to, and select Compressed (zipped) folder. Move the new ZIP archive you created with the logs folder in it to your desktop. Attach the ZIP archive containing the logs to a reply by using the More Reply Options button to the lower-right of where you type in your reply. Note: If you get an error message when trying to send the Logs folder to a Compressed (zipped) folder then you may need to try a utility such as 7-Zip or WinRar to compress the folder. Both 7-Zip and WinRar have options to create an archive and save it in another location (such as on your desktop), which should prevent the error message. Here are links to the download pages for 7-Zip and WinRar. After posting the debug logs, you can run the disable_debug_output batch file (be sure to run it as administrator as well) and restart your computer again to disable debug logging.
  14. That means that Windows considers your Program Files folder to be "C:\Program Files", which does seem a bit odd. You can see information about how to change that at this link (please be aware that there is advertising on that page), and a warning from Microsoft about changing that registry value at this link. I don't think that that would be causing the problems, but it might be worth trying just in case. A lot of programs rely on the setting for where the Program Files folder is rather than hard coding the path to it (which is the proper way to do it, as you should never assume that sort of thing).
  15. Lets also get the scan log, that way I can write a script to remove the file in question. Here are the instructions: Open Emsisoft Anti-Malware. Click on Logs in the menu on the left. Go to the Scan tab (it may take a minute for the list of scan logs to load). Select the scan log from the list. Click on the View details button to open the log. Click on File and then Save As to save it on your desktop. Attach the scan log you saved on your desktop to a reply by using the More Reply Options button to the lower-right of where you type in your reply to access the attachment controls.
  16. If you have a router, then you may want to reset it to its factory default settings (or at least make sure the DNS settings have not been tampered with). Some infections will change settings in routers using UPnP (Universal Plug and Play). Also, some infections are capable of modifying boot sectors on hard drives, so you may need to wipe the boot sectors on your hard drives.
  17. In the main OTL log everything looks OK to me, however in the Extras log I am seeing a lot of errors from the Event Logs in Windows. Here's a few links to information/instructions on using the Event Viewer: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/snap_event_viewer.mspx http://support.microsoft.com/kb/308427 https://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/event_overview_01.mspx If you look at the 'Application' logs, and perhaps the 'System' logs, you should see the errors listed in there. The Extras log from OTL only shows the last 10 errors, so there could be a lot more than that. I did see one related to Emsisoft Anti-Malware, however it was not very helpful in figuring out what happened, so if you can find more logs related to Emsisoft Anti-Malware (program names would be a2service.exe or a2guard.exe) then we might find some more information in those. You should be able to right-click on an event in the Event Viewer to save it so that you can attach it to a reply.
  18. The instructions at this link should work, however please be aware that there is some heavy advertising on that page. The instructions basically just say to hover the mouse over the taskbar icon, then right-click on the thumbnail preview and select 'Move' to move the window back into your active monitor. Unfortunately, when I try this, the 'Move' option doesn't appear in the menu. At the very least, the window position is saved in the a2settings.ini file, which is in the Emsisoft Anti-Malware folder (normally C:\Program Files\Emsisoft Anti-Malware). The part of the a2settings.ini file that defines the window position will look a bit like this: [Position] Revision=1 Length=44 Flags=0 ShowCmd=1 ptMinX=-1 ptMinY=-1 ptMaxX=-1 ptMaxY=-1 rcNormalLeft=560 rcNormalTop=252 rcNormalRight=1360 rcNormalBottom=827 rcNormalTopLeftX=560 rcNormalTopLeftY=252 rcNormalBottomRightX=1360 rcNormalBottomRightY=827I suggest making a backup copy of this file if you do need to edit it, and do not attach a copy of the entire file to a post in a public place on the forums.
  19. I am seeing an AVG driver in the OTL log, but I don't see anything else from AVG installed. If you haven't already, then you might want to try running the AVG Remover utility, which you can find at this link. The only other security software appears to be Emsisoft Anti-Mawlare and Sandboxie, however I'm fairly certain that those should not have issues together, so the cause of the issue is most likely something else.
  20. One of our sales representatives forwarded the e-mail to me early this morning. If you have any further issues, then you can also send support e-mails to [email protected] so that they go directly to our helpdesk system, or you can post on the forums again asking for help. I'll see it either way.
  21. I have attached a ZIP archive to this message named "cleaning_engine_debug_output.zip" which contains two batch files. One is named "cleaning_engine_enable_debug_output" and the other is named "cleaning_engine_disable_debug_output". Please download this ZIP archive, extract the batch files, and run the "cleaning_engine_enable_debug_output" file (if your computer is running Windows Vista or Windows 7 then please make sure to right-click and select to "Run as administrator"). After running the batch file, please restart your computer, and try your scan again. After Emsisoft Anti-Malware fails to delete the detected items, close the scanner, and then check the Emsisoft Anti-Malware folder (usually C:\Program Files\Emsisoft Anti-Malware) and there should be a file named "clean.log" (the files should be listed in alphabetical order). Please ZIP this file (if you do not have a program such as WinZip, 7-Zip, or WinRar then please right-click on the file, go to "Send To", and select "Compressed (zipped) folder") and make sure to save the ZIP archive on your desktop to make it easy to find. After that, please attach the ZIP archive with the clean.log file in it to a reply by using the "More Reply Options" button to access the attachment controls.
  22. Well, if anyone experiences the issue again, we can get a Cleaning Engine Debug Log which I can send to our developers.
  23. Is the network connection always named "Local Area Connection 2" in Windows? I take it from your forum profile that this is happening on Windows XP? Is Service Pack 3 installed?