Jump to content


Emsisoft Employee
  • Content Count

  • Joined

  • Days Won


Everything posted by GT500

  1. Technically, the answer to this question is "no". In the past, we've found that Emsisoft Emergency Kit (at least older versions of it) runs from a UBCD4Win disk, and thus it can be used to scan a system from a bootable CD. This, unfortunately, causes a number of complications. There are some things that cannot be scanned properly (no registry hives from the system will be loaded into memory), and I doubt that our ways of preventing Windows System Files from being removed will function, so not only is the scanner essentially crippled you could also potentially ruin the system by removing thin
  2. It's a folder related to something that is classified as a PUP (Potentially Unwanted Program). It is safe to remove, but it is also not a threat to your computer (thus it is considered "No risk").
  3. The option to use SSL encryption for communication with our update/license servers may be have something to do with the update problem you are experiencing. Please try the following, and let me know if it helps: Open Emsisoft Internet Security. Click on Settings in the menu at the top. Click on Privacy in the menu at the top. Turn off the option that says Use SSL encryption for all server communication. Click on Overview in the menu at the top. Move your mouse in the gray box in the lower-left, and click on Update now.
  4. Yes, it does mention it is for "Pro" licensing. It probably wouldn't make a big difference if you wait more than 18 hours between updates. Technically 18 hours is a rough estimate, because it can vary from day to day, but we only keep the last 50 changes to a file on our update servers and with some of those signature files 50 changes can go by pretty fast. Once a file is older than the last 50 changes that have been made to it by our malware analysts, the entire file needs to be redownloaded, which causes updates to take longer.
  5. Have you contacted their support yet? If the issue is reproducible, then they will probably want debug information to help them fix the issue. You can contact their support about Malwarebytes Anti-Malware issues at this link, or on their forums in their Malwarebytes Anti-Malware Help section.
  6. If you didn't run the hotfix download as administrator, then extracting it to C:\ failed (and unfortunately it shows no error message when that happens). I recommend changing the folder it extracts to, that way it doesn't need administrator rights to save the actual hotfix installer. To make it easy to find, extracting it to some place such as your desktop might be a good idea, that way you can easily install the hotfix once it is extracted.
  7. How long do you wait in between downloading updates?
  8. Issues with slow update downloads in Emsisoft Emergency Kit should be resolved in the this beta update. Please feel free to enable Beta Updates in Emsisoft Emergency Kit, and then run an update to install the latest beta.
  9. Have you checked to make sure that the exclusions you had added previously to Emsisoft Internet Security and Malwarebytes Anti-Malware are still in place?
  10. The decision was made by company management. They didn't explain the reasoning behind it, just that the licenses will be handled that way.
  11. Have you tried installing Beta Updates for Emsisoft Emergency Kit? This issue should be resolved in the latest beta update. All you have to do is enable Beta Updates from the settings, and then run an update.
  12. "ids attacks"? Are you referring to attacks that an Intrusion Detection System (IDS) would normally be used to protect against? Or something else? This isn't really a question that can be answered without spending time installing every other security solution that employs behavioral detection/blocking. I can explains the basics of how out Behavior Blocker works, however I don't know how it compares with technology from other companies.
  13. Some infections will inject code into other executables. The notification to inform you that a file has changed gives you the opportunity to make sure it was a legitimate update before you choose to trust any changes to an executable. It certainly can, and I imagine that most people just click whatever button works best for them (probably the "Update rule" button). It's possible that most people may not see it, but when the Behavior Blocker displays an alert for a potentially malicious behavior, there is actually an option to not notify you if the file is modified. This option is also
  14. Minidumps probably aren't going to contain enough information to properly debug the issue. It looks like the minidump says the reason for the dump being written was "DRIVER_POWER_STATE_FAILURE" and it looks like it is pointing to ntoskrnl.exe as the source, however there is no guarantee that this information is correct. Is the system actually crashing (as in a blue screen), or is something else happening?
  15. I have been told that after the end of May this year (2015), it will no longer be possible to activate an Online Armor license key at all. This included not only newer licenses keys, but also old ones that have already been used in the past.
  16. The blog post about end of support for Online Armor mentions that new activations will only be possible until May 31st, 2015. The way our system works, this more than likely means that license keys that have already been used to activate Online Armor at least once by May 31st, 2015 will continue to work until the end of support date of March 31st, 2016. I'm going to verify that with our management just to be absolutely certain.
  17. Lets get a log from FRST, and see if it shows the cause of the issue. Please download Farbar Recovery Scan Tool (FRST) from one of the following links, and save it to your Desktop (please note that some web browsers will automatically save all downloads in your Downloads folder, so in those cases please move the download to your desktop): For 32-bit (x86) editions of Windows: http://download.bleepingcomputer.com/farbar/FRST.exeFor 64-bit (x64) editions of Windows:http://download.bleepingcomputer.com/farbar/FRST64.exe Note: You need to run the version compatible with your computer. If you ar
  18. Updating the existing rule should be fine. It essentially just updates the rule with the new hashes of the file in question.
  19. May I ask what it's is a dump of? A specific process's memory dump? A kernel memory dump?
  20. We're aware of some performance issues related to the firewall. Hopefully we will be able to address some of them soon.
  21. Lets try getting a log from Fiddler, and see if it shows the cause of the issue. Please download and install Fiddler 2 from this link (this is the version that requires the Microsoft .NET Framework 2.0), and then follow the instructions below: After installing Fiddler, please open it from the Start Menu. Launch Emsisoft Anti-Malware. Click on Settings in the menu at the top. Click on Privacy in the menu at the top. Turn off the option that says Use SSL encryption for all server communication (this is necessary for Fiddler to be able to record the update process). Click on Updates in the menu
  • Create New...