GT500

Emsisoft Employee
  • Content Count

    12848
  • Joined

  • Days Won

    387

Everything posted by GT500

  1. Online Armor, in Advanced More, has a feature that allows for creating rules to monitor files and registry entries. I don't think I've ever heard of anyone using it to monitor how much cache data is being saved by their browser, and I'm not even sure if it can be used for that purpose, however that it probably the closest feature to what you are asking for that Online Armor has. That being said, if what you are describing is being done by a program other than your web browser, then Online Armor's HIPS will obviously warn about it attempting to run (unless it has a valid digital signature). Also, just to let you know, browsers have limits on the amount of cache data that can be saved, and they automatically delete old cache data in order to prevent the cache from exceeding those limits. That's not to say that a security vulnerability would not allow for such a thing in a browser, or even in the Java or Flash plugins (both of which have their own caches).
  2. Our cleanup tool is meant to remove leftovers when there are issues reinstalling our software, and is meant to be used by the request of an Emsisoft support representative. It isn't intended to be used as an uninstall utility for normal everyday use. I'm sure Kaspersky's uninstall utility is just great, however I don't think it's designed for the same purpose as ours.
  3. You're quite welcome. Please let us know if you have any further issues.
  4. Please post the log from Emsisoft Anti-Malware's scan showing these detections that could not be removed by following the instructions below: Open Emsisoft Anti-Malware. Click on Logs in the menu on the left. Go to the Scan tab (it may take a minute for the list of scan logs to load). Select the scan log from the list. Click on the View details button to open the log. Click on File and then Save As to save it on your desktop. Attach the scan log you saved on your desktop to a reply by using the More Reply Options button to the lower-right of where you type in your reply to access the attachment controls.
  5. Everything in the Fiddler log looks good to me. Does the update complete properly if you turn the proxy settings back off in EEK?
  6. OK, apparently Emsiclean will look for a driver that both Emsisoft Anti-Malware and Emsisoft Emergency Kit use. If it finds that driver, it lists any other files in that folder under the assumption that it is an installation of Emsisoft Anti-Malware. In your case it is detecting the Emergency Kit because that's where the driver is.
  7. Our management let me know that we do have plans to be added to the URL scanner on VirusTotal, however we do not have an ETA on when we might be ready to do it.
  8. Are you referring to ARP spoofing, or something else?
  9. I'm fairly certain that 115MB is too large for the forums. That being said, have you configured Windows for Full Memory Dumps on BSoD errors, or is it still configured for Kernel Memory Dumps?
  10. Lets try creating an exclusion for the VPN software in Online Armor, so that it doesn't monitor it. Here are some instructions for adding a folder to the Exclusions list in Online Armor: Click on the Start button, go to All Programs, go to Online Armor, and click on the Online Armor icon to open it. Click on Options in the menu on the left. Go to the Exclusions tab. Click on the Add button. Use the little [+] and [-] icons to the left of folder names to open and close them, find the folder you want to add, click on it to highlight it, and then click OK at the bottom. Close the Online Armor window. If you add the folder that the VPN software is installed in to the Exclusions list, then it should resolve the issue.
  11. For the most part the default options are all OK. If you want to, you can follow the instructions at this link, which are intended to aid in any performance issues. Please note that we do recommend putting Online Armor in Learning Mode before installing Windows Updates. We do have information on how to install and use Emsisoft Anti-Malware at this link, and we have similar information for Online Armor at this link.
  12. Please download and install the latest version of Emsisoft Anti-Malware 8 from this link (make sure to uninstall any old version before installing the new version). Please note that you will not need to purchase a new license to use the latest version.
  13. Lets get an OTL log and see if it shows us what is happening. Please run OTL by following the instructions below: Click this link to save OTL onto your desktop (please make sure to click 'Save' instead of 'Run'). Make sure to try to launch the Emsisoft Anti-Malware Guard before running OTL. Double click on the OTL icon on your desktop to run it. Make sure all other windows are closed and to let it run uninterrupted. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan will take a few minutes. When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. The first one (OTL.txt) will be automatically saved on your desktop next to OTL, and the second one will need to be saved manually. Please make sure that both OTL.txt and Extras.txt are saved on your desktop, and then attach both of them to a reply so that we can take a look at them.
  14. I have sent the link to the logs to our developers so that they can take a look at them.
  15. I'll send a message to our management and see if they want to comment on this.
  16. That log is showing Emsisoft Emergency Kit files. I'll have to check with Fabian to see if it is supposed to detect the EEK.
  17. I'm sorry, I though that's what I was explaining. The answer is 'yes'.
  18. Settings are supposed to be created automatically in Standard Mode, and in Advanced Mode you need to create them manually. If you switch back to Standard Mode, does it still have issues?
  19. Follow these instructions to post the log: Run the Emsiclean download that you saved on your desktop. Read the disclaimer. Note that you must agree to it in order to proceed. Once the scan is finished, simply exit Emsiclean, and do not remove anything. A new file will be saved on your desktop with a log of what was detected. Please attach that to a reply by using the More Reply Options button to the lower-right of where you type in your reply.
  20. You're right, we haven't added that feature to the Emergency Kit Scanner yet. I hadn't realized that at the time. Since we don't have the simultaneous downloads setting, we'll have to get Fiddler logs to see what is going on. Please download and install Fiddler 2 from this link (this is the version that requires the Microsoft .NET Framework 2.0), and then follow the instructions below: After installing Fiddler, please open it from the Start Menu. Launch the Emsisoft Emergency Kit via the EmergencyKitScanner batch file. Go to Configuration in the menu on the left. Select the Update tab. Click on the Connection settings link in the lower-right corner. Check the box that says Use proxy server. Enter localhost in the Proxy server field, and then enter 8888 in the port field. Click 'OK'. Go back to the Menu on the left, and select Security Status. Click on the Update Now button to start the update (Fiddler must be running when you do this). After receiving the error message, go back to Fiddler, and to File, then Save, and select All Sessions (please save it on your desktop). ZIP the Fiddler log and send it to me in a Private Message. Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to "Send To", and clicking on "Compressed (zipped) Folder".
  21. Do you have Online Armor running in Advanced Mode or in Standard Mode?
  22. You're quite welcome. Please let me know if you have any further issues.
  23. This is a known bug on 64-bit editions of Windows, and it should be fixed in the latest beta version. We can delete the files using OTL if you want to post a copy of the scan log for me. Here are instructions on how to do that: Open Emsisoft Anti-Malware. Click on Logs in the menu on the left. Go to the Scan tab (it may take a minute for the list of scan logs to load). Select the scan log from the list. Click on the View details button to open the log. Click on File and then Save As to save it on your desktop. Attach the scan log you saved on your desktop to a reply by using the More Reply Options button to the lower-right of where you type in your reply to access the attachment controls.
  24. We'll probably need a DebugView log to see what is going on. Before we can get that, we'll need to set a registry entry that will tell Emsisoft Anti-Malware to output debug information that DebugView can see and save in its log. The following file eam_debug_output.zip contains two batch files. One of the will enable debug mode, and the other will disable it. Please download this file, extract the batch files from it, and run the batch file named eam_enable_debug_output (if your computer is running Windows Vista or Windows 7 then please make sure to right-click on the batch file and select to Run as administrator): After that, please restart your computer, and then proceed with the instructions below: Download DebugView from this link: When downloading, make sure to save it on your Desktop instead of clicking 'Run' or 'Open'. Right-click on the 'DebugView' file that you just saved on your Desktop, and select "Extract All". Before running DebugView, you will need to add a process exclusion to Emsisoft Anti-Malware to prevent crashing issues. Here are the instructions: Please go ahead and open Emsisoft Anti-Malware from the icon on the desktop. click on Guard in the menu on the left. Go to the File Guard tab. Click on the Manage whitelist link on the left, just above 'Alerts'. On the left, under where it says Type, click on where it says File and change it to Process. Click in the white space to the right of where you just changed 'File' to 'Process', under where it says Item, and a little button with three dots on it will appear to the right. Click on the button with the three dots. Navigate to the folder where DebugView is saved (this should be on your desktop), select the Dbgview file, and click the Open button in the lower-right. Click OK at the bottom to save the settings, and then close Emsisoft Anti-Malware. Open the new DebugView folder that was created on your Desktop after extracting. Windows XP and 2000 users should double-click on the file named 'Dbgview'. Windows 7 and Vista users should right-click and select "Run as Administrator". Click on the 'Capture' menu, and select everything except "Log Boot" (you will have to open the menu again after clicking to select an item). Do whatever it is you need to in order to replicate the issue. After you have replicated the issue you can switch back to DebugView and click 'File' and "Save As" in order to save the log to a file on your Desktop. Please attach that log file to a reply so that we may analyze it for errors. You will need to use the More Reply Options button to the lower-right of where you type in your reply in order to access the attachment controls. Note: You may need to ZIP the log file in order to attach it. If you do not have a program such as 7-Zip, WinZip, WinRar, etc. then you can right-click on the log file, go to Send to, and click on Compressed (zipped) folder. You will be able to attach the ZIP archive to a reply. After that, you can run the eam_disable_debug_output batch file to disable debug mode. Note that your computer will need to be restarted after running the batch file.
  25. You're quite welcome. Since everything seems OK, I am going to go ahead and close this topic. Note: The instructions in this forum topic have been customized based on the logs posted by the person asking for assistance. Please do not attempt to follow any of the instructions in this forum topic, as they could cause damage to your computer. If you require assistance, please start here if you believe your computer is infected, and one of our experts will be happy to assist you by analyzing your logs.