GT500

Emsisoft Employee
  • Content Count

    12848
  • Joined

  • Days Won

    387

Everything posted by GT500

  1. If they are on different partitions, then the filesystems will be isolated, and there shouldn't be any problems due to that setup. I assume that your Windows XP and Windows 7 installations both connect to the Internet through the same networking device? Is it wireless, hardwired, or a cellular broadband card? Have you checked to verify that the name of the connection does not keep changing in Windows 7?
  2. Open Online Armor, go to Programs, right-click in the list and add Opera to it (you'll find it in this folder: C:\Program Files\Opera Next\15.0.1147.100). Note that you can add the launcher in the Opera Next to the Programs list as well. Make sure to add them as both Trusted and [/b]Allowed[/b]. You can also uncheck the box at the bottom to Hide trusted and look through the list for every instance of opera.exe to verify that they are Trusted and [/b]Allowed[/b] before trying to add them manually, as they may already be in the list.
  3. I have written a cleanup script for OTL (if you need to, you may download OTL from this link). Please download the following OTL_Script file, and save it on your desktop. After saving it, open it, run OTL, and copy and paste the contents of the OTL_Script file into the Custom Scans/Fixes box at the bottom of the OTL window: Then click the Run Fix button at the top. Let the program run unhindered, restart your computer when it is done (it may automatically restart your computer on its own). After your computer has restarted, please open OTL again and click the Quick Scan button. Attach the log it produces in your next reply (just the OTL log, as I don't need to see the Extras log again). You will need to click the button that says More Reply Options to the lower-right of where you type your reply to be presented with the attachment controls.
  4. Would it be possible for you to attach the log from the scan to a reply? You can access the attachment controls by clicking on the More Reply Options button.
  5. May I ask if you have Online Armor installed on the same hard drive in Windows 7 that you do with Windows XP?
  6. Online Armor isn't supposed to open the main program window on startup. I just wanted to see the loadpoints on your computer to see if there was a startup item that was causing this. The only other course of action to debug this issue would be to get Debug Logs from Online Armor, however if the issue is just a loadpoint on your system them Online Armor's Debug Logs would most likely not contain information about it.
  7. To prevent Online Armor from monitoring a program, you can add the folder it is in to the Exclusions list. Here are instructions: Click on the Start button, go to All Programs, go to Online Armor, and click on the Online Armor icon to open it. Click on Options in the menu on the left. Go to the Exclusions tab. Click on the Add button. Use the little [+] and [-] icons to the left of folder names to open and close them, find the folder you want to add, click on it to highlight it, and then click OK at the bottom. Close the Online Armor window.
  8. I've created a new bug report in our system on this. Hopefully it will get some more attention now.
  9. There have been a number of beta updates to Emsisoft Anti-Malware, and the current beta version is 8.0.0.7. Does the issue still happen with the latest beta installed?
  10. I was also unable to reproduce it with Emsisoft Anti-Malware installed. Do you have beta versions of either Emsisoft Anti-Malware or Online Armor installed?
  11. I haven't been able to replicate any issues with Kedit. Here's what I did to test: I downloaded the Kedit 1.6.1 demo from the following website: http://www.kedit.com/ I installed Kedit on Windows XP Service Pack 3 (nothing except Windows updates and drivers were installed prior to installing Kedit). I set Windows to always open Text Documents with KEDITW32.exe by right-clicking on a Text Document, selecting Properties, and clicking the button to change what program to open Text Documents with. I double-clicked on a Text Document to verify that it opened it Kedit. I installed Online Armor Premium with default settings, and allowed to to restart the computer when done. I allowed the Learning Mode to finish before I tried to launch any programs. Once Learning Mode was done, I double-clicked on a Text Document to open it in Kedit, and when Online Armor notified me about it I selected to trust KEDITW32.exe and clicked OK. I tried double-clicking on a couple of Text Documents after that, and there were no notifications and no more entries in Online Armor's History regarding Kedit. Please let me know if you had done anything differently. I'm going to restore to my Base snapshot, reinstall Kedit, then install Emsisoft Anti-Malware before installing Online Armor to see if that makes any difference.
  12. No, Online Armor isn't supposed to display its main window on startup. Lets get a log from OTL, and see if it can explain why this is happening. Please run OTL by following the instructions below: Click this link to save OTL onto your desktop (please make sure to click 'Save' instead of 'Run'). Double click on the OTL icon on your desktop to run it. Make sure all other windows are closed and to let it run uninterrupted. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan will take a few minutes. When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. The first one (OTL.txt) will be automatically saved on your desktop next to OTL, and the second one will need to be saved manually. Please make sure that both OTL.txt and Extras.txt are saved on your desktop, and then attach both of them to a reply so that we can take a look at them.
  13. Can you send me a private message with the link to the webpage where you experienced this?
  14. All customers who have paid Mamutu licenses should have received an e-mail about this on Monday. If you have not received that e-mail, then please let me know, and I will send you a private message with the information.
  15. It looks like Andrey hasn't been able to get a new beta of Online Armor ready yet. Unfortunately we don't have any ETA's (mostly because, in the software industry, you can never meet an ETA and still produce a quality product).
  16. Andrey wants me to do some testing of this, and see if we can determine what's going on. I'll let you know if we find anything.
  17. Open Emsisoft Anti-Malware, go to Guard in the menu on the left, and you can create rules for individual programs on the Application Rules tab. You can also create an exclusion in the Whitelist if you don't want Emsisoft Anti-Malware to monitor a process at all, however please note that the process must be an EXE file in order to be added as a process exclusion. Here's instructions on how to create a process exclusion: Open Emsisoft Anti-Malware from the icon on the desktop. Click Guard in the menu on the left. Go to the File Guard tab. In the lower-left corner, just above Alerts, click on the Manage whitelist link. In the box under Type click the little down arrow and change it from File to Process (you may need to click in the box for the arrow appear). Click in the white box below Item to make a button with three dots (...) appear, and then click the ... button. Navigate to the directory where the files you wish to exclude are located, and double-click on one of them to add it. Repeat the last 3 steps as needed to add each file to the exclusions list. Click the OK button at the bottom when done, and close Emsisoft Anti-Malware.
  18. The ZIP extension is already in the list. The issue is not that the File Guard is incapable of scanning them (it already does this), but rather that unpacking archives in real-time as they are created or modified in order to scan their contents would be a massive drain on system performance. You can also right-click on the file and select to scan it with Emsisoft Anti-Malware, and archives will be unpacked by the on-demand scanner in order to scan the contents, so you can still determine if there are malicious files in a ZIP archive before you open it. I'm sorry, I had thought you were wanting to do a Deep Scan. To scan a single file, that command will work, however note that the /r switch is not needed as it tells the scanner to check the registry and certain places on the hard drive for riskware, and it would not have any effect on what is detected in the file or folder that is being scanned.
  19. The Emergency Kit doesn't really have a scheduler, so if you want to run a weekly scan with it then the easiest way is just to run it manually. The only other way would be to use the Windows Task Scheduler to set up a weekly schedule to run a2cmd.exe, however please note that it would not be able to automatically send the log via e-mail when done, so you would need to use some other software to do that.
  20. Threats are not detected within the page. Blocking occurs when a file is downloaded (such as when it is saved in the browser cache) or when you visit a website that is blocked by our Host Rules. When a website is blocked, you will see a small notification in the lower-right corner of the screen. When a file is blocked, Emsisoft Anti-Malware will open a pop-up and ask you what to do with the file (unless you have altered the settings for the Guard). You would have only received a notification if you had downloaded the eicar.com or eicar.com.txt files. While Emsisoft Anti-Malware does scan ZIP archives automatically, it does not unpack them and scan their contents automatically, so if you had downloaded eicar_com.zip or eicarcom2.zip then you would not have seen a notification. To ensure that files are detected when they are created, please make sure that the File Guard settings look like the screenshot below: I am not aware of any compatibility issues with Kerio's software. Actually, to run a Deep Scan, all you have to do it this: a2cmd.exe /deepA Deep Scan automatically scans all files on all hard drives, so there's no need to specify files or hard drives to scan. Just make sure to run the scan from a Command Prompt that had Administrator rights.
  21. Could you please take a screenshot of what is appearing on startup, and attach that to a reply by using the More Reply Options button to the lower-right of where you type in your reply? Here's a link to instructions on taking a scrrenshot if you need them. Please note that we prefer that you save the screenshot in the PNG (Portable Network Graphics) format.
  22. That folder is not supposed to be there, and could indicate an infection on your computer. Go ahead and follow the instructions at this link as best you can, and then create a new topic in our Help, my PC is infected! section and attach the logs so that one of our malware removal experts can take a look at them. Also, if you are unable to perform any of the steps in the instructions, then please mention that in the new topic you create so that our malware removal experts know that you were not able to get all of the logs that they will want to see.
  23. We'll need a log from the scan to know what file you are having issues with. Here's how you find the scan logs in Emsisoft Anti-Malware 7: Open your My Documents folder. Double-click on the Anti-Malware folder. Double-click on the Reports folder. The scan logs will be in alphabetical order, and the names contain the date and time that the scan was run.
  24. The explanation at that link says "Win32 libraries (kernel32.dll, user32.dll, gdi32.dll) send an inter-process call to the CSRSS", but I don't see any mention in the article of non-Microsoft applications directly accessing CSRSS. I'll see if Andrey has some more input on this, and we'll go from there.
  25. I've sent an e-mail to our research team asking for information on this.