GT500

Emsisoft Employee
  • Content Count

    12835
  • Joined

  • Days Won

    386

Everything posted by GT500

  1. Please follow the instructions at this link to post an OTL and Emsisoft Emergency Kit log. Also, please note that we cannot help you 'hack' into your Facebook account. If you can no longer access your Facebook account, then you will need to contact Facebook and see if they can help you recover your account.
  2. Lets get an OTL log to see if this is more than just a file that doesn't appear to be there. Please run OTL by following the instructions below: Click this link to save OTL onto your desktop (please make sure to click 'Save' instead of 'Run'). Double click on the OTL icon on your desktop to run it. Make sure all other windows are closed and to let it run uninterrupted. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan will take a few minutes. When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. The first one (OTL.txt) will be automatically saved on your desktop next to OTL, and the second one will need to be saved manually. Please make sure that both OTL.txt and Extras.txt are saved on your desktop, and then attach both of them to a reply so that we can take a look at them.
  3. A quick search of the SHA1 hash for that file shows that no anti-virus software is detecting it as malicious. The file is listed on one of our websites, and everything points to it being a legitimate file from HP. SystemLookup also lists the file as safe. From a preliminary check, I'd say the file is safe.
  4. Is there any other security software (anti-virus/firewall/etc) on the effected workstations?
  5. Could you please attach the scan log to a reply for me to review? Here are instructions for doing so: Open Emsisoft Anti-Malware. Click on Logs in the menu on the left. Go to the Scan tab (it may take a minute for the list of scan logs to load). Select the scan log from the list. Click on the View details button to open the log. Click on File and then Save As to save it on your desktop. Attach the scan log you saved on your desktop to a reply by using the More Reply Options button to the lower-right of where you type in your reply to access the attachment controls.
  6. Agreed. G-hot, please allow Kevin to finish assisting you with cleaning up your computer, and then if there are any more performance issues we can deal with those afterwards.
  7. This is basically just a 64-bit registry path issue, and it is an issue that our developers are aware of and are already working to fix. Fortunately, we can just use OTL to delete the registry key, and then the scans should come up clean after that. I've written a script for OTL that will delete those registry entries (if you need to, you may download OTL from this link). Please download the following OTL_Script file, and save it on your desktop. After saving it, open it, run OTL, and copy and paste the contents of the OTL_Script file into the Custom Scans/Fixes box at the bottom of the OTL window: Then click the Run Fix button at the top. Let the program run unhindered, restart your computer when it is done (it may automatically restart your computer on its own). After your computer has restarted, please open OTL again and click the Quick Scan button. Attach the log it produces in your next reply (just the OTL log, as I don't need to see the Extras log again). You will need to click the button that says More Reply Options to the lower-right of where you type your reply to be presented with the attachment controls.
  8. a2service.exe handles all of the work in the background (real-time monitoring of other processes, scanning files, blocking malicious websites, etc). Performance issues with Emsisoft Anti-Malware can be caused by certain programs that will perform an action too frequently that Emsisoft Anti-Malware's Behavior Blocker will monitor, and in a case like that DebugView (from Microsoft) can tell us what is causing it. I'll put instructions below my answer for your last question. The Surfing Protection is intended to block malicious websites, and not advertising websites. That being said, you can create custom rules for the Surf Protection or even import rules from a HOSTS file, and thus block ads that way. A more effective solution, however, might be to use an extension/add-in for your web browser that blocks ads. AdBlock Plus is a very popular extension for Firefox, Google Chrome, Google Android, and Opera. Note that they are currently testing a version for Internet Explorer, although I am not seeing information about what versions of Internet Explorer it is intended for. Now here are instructions for using DebugView to find out what is causing the high CPU usage. Download DebugView from this link: When downloading, make sure to save it on your Desktop instead of clicking 'Run' or 'Open'. Right-click on the 'DebugView' file that you just saved on your Desktop, and select "Extract All". Before running DebugView, you will need to add a process exclusion to Emsisoft Anti-Malware to prevent crashing issues. Here are the instructions: Please go ahead and open Emsisoft Anti-Malware from the icon on the desktop. click on Guard in the menu on the left. Go to the File Guard tab. Click on the Manage whitelist link on the left, just above 'Alerts'. On the left, under where it says Type, click on where it says File and change it to Process. Click in the white space to the right of where you just changed 'File' to 'Process', under where it says Item, and a little button with three dots on it will appear to the right. Click on the button with the three dots. Navigate to the folder where DebugView is saved (this should be on your desktop), select the Dbgview file, and click the Open button in the lower-right. Click OK at the bottom to save the settings, and then close Emsisoft Anti-Malware. Open the new DebugView folder that was created on your Desktop after extracting. Windows XP and 2000 users should double-click on the file named 'Dbgview'. Windows 7 and Vista users should right-click and select "Run as Administrator". Click on the 'Capture' menu, and select everything except "Log Boot" (you will have to open the menu again after clicking to select an item). Once Emsisoft Anti-Malware's CPU usage is clearly too high, switch back to DebugView and click 'File' and "Save As" in order to save the log to a file on your Desktop. Please attach that log file to a reply so that we may analyze it for errors. You will need to use the More Reply Options button to the lower-right of where you type in your reply in order to access the attachment controls. Note: You may need to ZIP the log file in order to attach it. If you do not have a program such as 7-Zip, WinZip, WinRar, etc. then you can right-click on the log file, go to Send to, and click on Compressed (zipped) folder. You will be able to attach the ZIP archive to a reply.
  9. If you were referring to the topic at this link, then please note that Kevin Zoll has already replied to it.
  10. May I ask if any of the workstations are running EAM 8.0.0.10? Currently 8.0.0.10 is the latest stable version.
  11. I have forwarded your link to our developers, and I will let you know once they have had a chance to look at the logs.
  12. Please let me know if the instructions at this link help with your performance issues.
  13. Then it's probably just a kernel memory dump, as that's the default setting. Here's a link to instructions on how to set Windows to create full memory dumps when there is a BSoD. Please note that the memory dump will be huge, so you will need to be able to compress it in some manner (ZIP, RAR, 7z, etc. will all work). Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to Send To, and clicking on Compressed (zipped) Folder. Also note that this process will most likely change the default location of memory dumps to the root of your C: drive.
  14. Could you please attach the logs directly to your forum post rather than using Google? You can access the attachment controls by clicking on the More Reply Options button to the lower-right of where you type in your reply. You can also do this when editing your original post by clicking on the Use Full Editor button below where you edit your post.
  15. Lets get debug logs from Online Armor, and see if they show what's going on. Before doing that, make sure to open the Connection Settings in Emsisoft Anti-Malware and disable the proxy settings. Please open Online Armor, go to Options in the menu on the left, click the little check box to enable debug mode, restart your computer, and then try running the update in Emsisoft Anti-Malware again. After it fails, please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs), upload it to a website such as RapidShare/DepositFiles/BayFiles/etc (which one you use is up to you), and then copy and paste the link to download the file into a reply (or you can send it to me in a Private Message if you don't want the link posted publicly on the forums). Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to Send To, and clicking on Compressed (zipped) Folder. Note that RapidShare and BayFiles have been having issues lately, and we may not be able to download the files from them. If you have DropBox, Google Cloud Storage, or Microsoft SkyDrive then those services would be more reliable. Also, you can attach files to private messages on these forums, and I would believe the limit is up to 128MB, so if the file is smaller than 128MB then you can just attach it to a private message to me on these forums.
  16. Lets try this: Open Emsisoft Anti-Malware. Go to Configuration in the menu on the left. Go to the Update Settings tab. Change the number of "Maximum simultaneous update connections" to 1 instead of 5. Retry the update and let me know if that resolves the issue.
  17. Actually, Andrey just sent me a message to let me know that he was able to reproduce the issue and is fairly confident that he knows what is causing it. I can't make any guesses as far as when it might be fixed, however I hope it won't take too long.
  18. We'll probably need some logs to see what the problem is. Please open Online Armor, go to Options in the menu on the left, click the little check box to enable debug mode, restart your computer, and then try reproducing your problem. After that, please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs), upload it to a website such as RapidShare/DepositFiles/BayFiles/etc (which one you use is up to you), and then copy and paste the link to download the file into a reply (or you can send it to me in a Private Message if you don't want the link posted publicly on the forums). Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to Send To, and clicking on Compressed (zipped) Folder. Note that RapidShare and BayFiles have been having issues lately, and we may not be able to download the files from them. If you have DropBox, Google Cloud Storage, or Microsoft SkyDrive then those services would be more reliable. Also, you can attach files to private messages on these forums, and I would believe the limit is up to 128MB, so if the file is smaller than 128MB then you can just attach it to a private message to me on these forums.
  19. May I ask what version of Online Armor you were trying to install?
  20. Was this a kernel memory dump, or a full memory dump?
  21. VMware has a free virtualization solution known as VMware Player, which contains the basic features necessary to create a use virtual machines. It does not have a snapshot feature, which is a bit unfortunate, however it does provide a nice and stable VM environment to work with and it does allow for dragging and dropping files from the host to the guest, and vice versa.
  22. We recommend putting Online Armor into Learning Mode before installing any updates to Microsoft products, as this will prevent popups during the installation process.
  23. HiJackFree should show you the full path to the program that it highlighted in red if you click on it. The information will be displayed below the list. If you can let me know the File name and the File path then I should be able to let you know if it's OK or not.