GT500

Emsisoft Employee
  • Content Count

    13465
  • Joined

  • Days Won

    420

Everything posted by GT500

  1. Thank you. I'll pass those on to our developers. Lets also get some regular debug logs from Emsisoft Anti-Malware. In order to do this, you will first need to run a batch file to enable debug logging. This batch file is contained in the ZIP archive at the this link (this ZIP archive also contains a batch file to disable debug logging). Please save that ZIP archive on your desktop, extract its contents, and then follow these instructions: Run the enable_debug_output batch file (if your computer has Windows Vista, Windows 7, or Windows 8 then please right-click on the batch file and select Run as administrator). You will see a black window pop up, and then disappear very quickly. After that happens, please restart your computer. Reproduce the issue you are having. Once you have reproduced the issue, hold down the Windows key on the keyboard (the one with the Windows logo on it, usually in between the Ctrl and Alt keys) and tap the R key to open the Run dialog. Type the following into the Run dialog, and then click OK: %ALLUSERSPROFILE%\Emsisoft A window should open and you should see a Logs folder. Right-click on that Logs folder, go to Send to, and select Compressed (zipped) folder. Move the new ZIP archive you created with the logs folder in it to your desktop. Attach the ZIP archive containing the logs to a reply by using the More Reply Options button to the lower-right of where you type in your reply. Note: If you get an error message when trying to send the Logs folder to a Compressed (zipped) folder then you may need to try a utility such as 7-Zip or WinRar to compress the folder. Both 7-Zip and WinRar have options to create an archive and save it in another location (such as on your desktop), which should prevent the error message. Here are links to the download pages for 7-Zip and WinRar. After posting the debug logs, you can run the disable_debug_output batch file (be sure to run it as administrator as well) and restart your computer again to disable debug logging.
  2. GT500

    EEK

    Click Emergency Kit Scanner to open the GUI scanner, and then go to run a scan from there.
  3. Since there has been no reply for several days, I'm going to go ahead and close this forum topic. If you need me to reopen this topic for you, then please send me a private message. Please note, the instructions in this forum topic were intended specifically for the creator of this forum topic, and should not be tried by anyone else. If you need assistance, please start by following the instructions at this link.
  4. According to your forum profile, you use avast! Anti-Virus? If this is correct, then you will need to add exclusions for them to work OK together. Here are some instructions for adding a folder to the Exclusions list in Online Armor: Click on the Start button, go to All Programs, go to Online Armor, and click on the Online Armor icon to open it. Click on Options in the menu on the left. Go to the Exclusions tab. Click on the Add button. Use the little [+] and [-] icons to the left of folder names to open and close them, find the folder you want to add, click on it to highlight it, and then click OK at the bottom. Close the Online Armor window. The folder for avast! should be something like C:\Program Files\Avast, and you may want to add the folder that's inside of that rather than adding that folder itself. I don't know exactly where the settings for exclusions are in avast!, however this forum post may be helpful in finding it.
  5. Try the following: Click on the Start button. Go to All Programs. Go to Accessories. Right-click on Command Prompt and select Run as administrator. Assuming the Emsisoft Anti-Malware installer is saved on your desktop, type in the following command to navigate to your desktop (followed by pressing the Enter key on your keyboard): cd %USERPROFILE%\Desktop Now run the installer by typing in the following command (once again followed by pressing Enter): EmsisoftAntiMalwareSetup.exe /DIR="D:\Emsisoft Anti-Malware" Of course, the path D:\Emsisoft Anti-Malware is just an example, and you can use whatever you want.
  6. Emsisoft Anti-Malware has two engines, one that we make ourselves, and one made by BitDefender. The BitDefender engine is the one that can unpack archives and scan the contents, and the Emsisoft engine does not yet have this feature. Our PUP detection is part of the Emsisoft engine, when dealing with archives and installers that need to be unpacked for the contents to be scanned, since the BitDefender engine does not have the PUP detection, it wouldn't detect stuff like that. Also, when you want PUP detection enabled for a scan, you should run a Custom Scan and select the option to detect PUPs. You should be able to remove all of the drives from the list, and add a folder that you want scanned to narrow down the scan and make it faster.
  7. If you would like to see the article, then you can read it at this link.
  8. GT500

    EEK

    You mean the Smart Scan highlighted in red in the following screenshot?
  9. EAM doesn't ask you were to install, so to change where it installs to you have to launch it from the Command Prompt (used to be referred to as the "DOS Prompt") with a parameter that tells it where you want it to install to. If you already installed it, then you would have to uninstall it and possibly run Emsiclean to completely remove it before installing it to another location. It should run in startup regardless of where you install it, unless you put it on some sort of external hard drive that isn't connected while Windows is starting. I haven't personally tested running it from a drive other than the one Windows is installed on, however I see no reason why it shouldn't work fine.
  10. It's possible that it was a glitch. Perhaps an issue with the Windows taskbar, or perhaps the last time Emsisoft Anti-Malware was open the taskbar button didn't go away when it was closed.
  11. With the frequent updates, it might not be best to put them on the SSD. They would certainly load faster, but anything that writes to the disk frequently reduces the lifespan of the SSD. Most SSD's these days automatically try to compensate for that by spreading data out across the disk to reduce the number of writes to each cell, but it doesn't completely eliminate the issue of each cell only having a limited number of writes that it can handle. Theoretically the SSD will still last for several years, so if you haven't already lost it due to something else, then you could end up replacing it by then anyway just to upgrade. Of course, Emsisoft Anti-Malware requires a command line parameter to tell it to install somewhere other than on the same hard drive Windows is installed on, so unless you want to launch it from the Command Prompt then you won't be presented with an option to change where it installs.
  12. I have written a cleanup script for OTL (if you need to, you may download OTL from this link). Please download the following OTL_Script file, and save it on your desktop. After saving it, open it, run OTL, and copy and paste the contents of the OTL_Script file into the Custom Scans/Fixes box at the bottom of the OTL window: Then click the Run Fix button at the top. Let the program run unhindered, restart your computer when it is done (it may automatically restart your computer on its own). After your computer has restarted, please open OTL again and click the Quick Scan button. Attach the log it produces in your next reply (just the OTL log, as I don't need to see the Extras log again). You will need to click the button that says More Reply Options to the lower-right of where you type your reply to be presented with the attachment controls.
  13. The OTL log shows that none of Emsisoft Anti-Malware's drivers are running, and one of them appears to be missing as well. You also appear to have an infection that needs taken care of, so I am moving this topic to the malware removal section.
  14. Our main Online Armor developer confirmed that Online Armor should draw the notifications on the monitor that the taskbar is on. Try closing and shutting down Online Armor, and then launch it again from the Start Menu to see if it will recognize the change in taskbar location.
  15. It's possible that Online Armor needs to be restarted to draw its notifications in a different place. I'll send an e-mail to one of our developers and see what he has to say about this.
  16. You can right-click on the Online Armor System Tray icon and select to close and shutdown Online Armor, which will prevent it from blocking anything.
  17. I have attached a ZIP archive to this message named "cleaning_engine_debug_output.zip" which contains two batch files. One is named "cleaning_engine_enable_debug_output" and the other is named "cleaning_engine_disable_debug_output". Please download this ZIP archive, extract the batch files, and run the "cleaning_engine_enable_debug_output" file (if your computer is running Windows Vista or Windows 7 then please make sure to right-click and select to "Run as administrator"). cleaning_engine_debug_output.zip After running the batch file, please restart your computer, and try your scan again. After Emsisoft Anti-Malware fails to delete the detected items, close the scanner, and then check the Emsisoft Anti-Malware folder (usually C:\Program Files\Emsisoft Anti-Malware) and there should be a file named "clean.log" (the files should be listed in alphabetical order). Please ZIP this file (if you do not have a program such as WinZip, 7-Zip, or WinRar then please right-click on the file, go to "Send To", and select "Compressed (zipped) folder") and make sure to save the ZIP archive on your desktop to make it easy to find. After that, please attach the ZIP archive with the clean.log file in it to a reply by using the "More Reply Options" button.
  18. This could be caused by an issue with loading Emsisoft Anti-Malware's drivers. Lets get an OTL log, and see if it shows the cause of the problem. Please run OTL by following the instructions below: Click this link to save OTL onto your desktop (please make sure to click 'Save' instead of 'Run'). Double click on the OTL icon on your desktop to run it. Make sure all other windows are closed and to let it run uninterrupted. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan will take a few minutes. When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. The first one (OTL.txt) will be automatically saved on your desktop next to OTL, and the second one will need to be saved manually. Please make sure that both OTL.txt and Extras.txt are saved on your desktop, and then attach both of them to a reply so that we can take a look at them.
  19. Thank you for the logs. We did release a beta update about a week ago that includes a fix for this issue. Hopefully we will be able to release it as a stable update soon.
  20. The notifications appear above the "Notification Area" (aka "System Tray"), so at least in theory you would need to move the Notification Area to the second monitor to get the notifications to appear on it. I should stress that I have never tested this, so I cannot guarantee that it will work. Now the only way I know of to get the Notification Area onto the second monitor without using third-party software is to right-click on the taskbar and unlock it, then click and drag the taskbar where you want it.
  21. There are a lot of things that use svchost, and some infections have abused it in the past because most tools will not actually tell you what file is loaded by svchost (they just show svchost.exe running). Process Explorer should have ways of finding out, and a logging tool known as DDS will show you what files are loaded by the various instances of svchost. As for the issue you had, are you using the free Online Armor, or Online Armor Premium? If you are using Online Armor Premium, did you have it in Standard Mode or Advanced Mode?