GT500

Looking at this documentation, the examples all have quotes around the paths, and it is specifically mentioned that "Multiple paths have to be delimited by commas". If a comma is being used as a delimiter then it is implied that paths with commas will have issues, and if the examples all show quotes around the paths then that implies that quotes should be used for all paths. Admittedly it isn't plainly stated that you should use quotes for paths, and so I did forward your request on to our management.

Did you also mark it as Allowed?

When an item in the whitelist is checked, it is ignored by the scanner. I do not recall seeing that in any of the changelogs, so it should not have changed since the previous version. If you don't want a drive scanned, then do a Custom Scan and select which drives to scan. As for excluding a folder, anything in that folder would be excluded.

I would believe that this is the way the command-prompt works, and is not due to a2cmd itself. There are a lot of paths that do not require quotes. Knowing which do and which do not is a matter of knowing the Windows command-prompt. That being said, I can pass on your request for these changes to the documentation, however please note that I cannot make any guarantees that they will be implemented.

Try the copy that's in SysWOW64. I think that's what OA is seeing as being in System32, as that's how WoW64 works.

I just asked Andrey about this, and from what he told me the bandwidth meter is just too complicated for him to explain quickly. I'll try to remember to get you an answer for that question as soon as we can, however it will take a little bit longer than normal, so please try to bear with us.

Lets start with DebugView logs. Obviously we'll need to start by setting a registry entry that will tell Emsisoft Anti-Malware to output debug information that DebugView can see and save in its log. The following file eam_debug_output.zip contains two batch files. One of the will enable debug mode, and the other will disable it. Please download this file, extract the batch files from it, and run the batch file named eam_enable_debug_output (if your computer is running Windows Vista or Windows 7 then please make sure to right-click on the batch file and select to Run as administrator): After that, please restart your computer, and then proceed with the instructions below: Download DebugView from this link: When downloading, make sure to save it on your Desktop instead of clicking 'Run' or 'Open'. Right-click on the 'DebugView' file that you just saved on your Desktop, and select "Extract All". Before running DebugView, you will need to add a process exclusion to Emsisoft Anti-Malware to prevent crashing issues. Here are the instructions: Please go ahead and open Emsisoft Anti-Malware from the icon on the desktop. click on Guard in the menu on the left. Go to the File Guard tab. Click on the Manage whitelist link on the left, just above 'Alerts'. On the left, under where it says Type, click on where it says File and change it to Process. Click in the white space to the right of where you just changed 'File' to 'Process', under where it says Item, and a little button with three dots on it will appear to the right. Click on the button with the three dots. Navigate to the folder where DebugView is saved (this should be on your desktop), select the Dbgview file, and click the Open button in the lower-right. Click OK at the bottom to save the settings, and then close Emsisoft Anti-Malware. Open the new DebugView folder that was created on your Desktop after extracting. Windows XP and 2000 users should double-click on the file named 'Dbgview'. Windows 7 and Vista users should right-click and select "Run as Administrator". Click on the 'Capture' menu, and select everything except "Log Boot" (you will have to open the menu again after clicking to select an item). After selecting the options in the 'Capture' menu, click on the 'File' menu and select "Log to File As" and create a file on your desktop for it to save the log to. Do whatever it is you need to in order to replicate the issue. After the system freezes, restart your computer (you may need to hold down the power button for about 4 or 5 seconds to shut it down first), and make sure that the log was saved on your desktop. Please attach that log file to a reply so that we may analyze it for errors. You will need to use the More Reply Options button to the lower-right of where you type in your reply in order to access the attachment controls. Note: You may need to ZIP the log file in order to attach it. If you do not have a program such as 7-Zip, WinZip, WinRar, etc. then you can right-click on the log file, go to Send to, and click on Compressed (zipped) folder. You will be able to attach the ZIP archive to a reply. After that, you can run the eam_disable_debug_output batch file to disable debug mode. Note that your computer will need to be restarted after running the batch file.

Well, uninstalling Online Armor should wipe out all of the information it has stored about EXE's and DLL's, and allow it to rebuild it from scratch after a reinstall. When I said "no way", I meant within Online Armor's UI. One of our employees had noticed some issues with OA displaying incorrect signatures, and was investigating it. I don't have any information beyond that at the moment, however I will let him know that you are having this issue.

Online Armor doesn't support Unicode yet, so this could be why the network connection name looks like that. Can you try renaming it in English (or another language that uses standard Latin characters), and see if the network connection's name appears properly in Online Armor after that?

Unfortunately it is not currently possible to update that information in Online Armor.

In Online Armor Premium there's a button to uninstall the firewall (and a button to install the firewall after it has been uninstalled), however it doesn't not uninstall/reinstall the entire Online Armor program, just the OA Helper Driver that allows for monitoring your network connections.

Technically SetWakeup.bat isn't a program, it's a batch file. Unfortunately, you'll have to manually tell Online Armor that it is safe, since it doesn't really have any way of verifying that a batch file is safe (no digital signature). As for the last screenshot, the 'Status' says 'Allowed'. Try going to 'Programs' and looking for it in the list, click on it to select it, and then click the button to Trust it. Also, I recommend turning off Debug Mode for using Online Armor normally.

If the threat exhibits a behavior that both Emsisoft Anti-Malware and Online Armor monitor, then they should both try to display a notification.

Is your application digitally signed?

Technically, both are applicable. To say that Andrey is already looking into it means that he was looking into the issue before you had opened this topic. If I had meant it in passed tense, I would have said "Andrey has already looked into this". A minor change to the sentence, but a completely different meaning. May I ask where an Emsisoft representative has told you these things?

I assume that Service Pack 3 was installed on this computer? Is the computer you were running the scan on infected? Also, is there any other security software installed on the computer? May I also ask when exactly the error message is displayed? Does it display after the scan starts, just before it starts, or right after you click the button to start the scan?

OK, I'll pass that along to our developers.

Would it be possible for you to upload that copy of explorer.exe to VirusTotal, and post the link to the analysis?

32-bit applications can't see the contents of C:\Windows\System32, and are instead shown the contents of C:\Windows\SysWOW64.

Is there an explorer.exe in C:\Windows\SysWOW64?

If you look at the third link, Andrey (our primary Online Armor developer) is already looking into the issue.

Were the logs you posted Debug Logs, or were they just firewall logs?

When an entry is highlighted in green that means it is good, and when an entry is highlighted in red that means it is bad.

You need to close Emsisoft Anti-Malware's Guard by right-clicking on the System Tray icon and selecting Shut down Guard. After that, you need to stop the Emsisoft Anti-Malware Service. Click on the Start button, click Run, type in services.msc, and scroll down until you find the service. Just right-click on it and select Stop. This process can be automated with a batch file, however you will need to disable Self protection in Emsisoft Anti-Malware and use a utility such as PsKill to terminate a2guard.exe before using the net command to stop the service. The proper syntax for using the net command to stop the service is as follows: net stop a2AntiMalware

Have you tried installing the beta of Online Armor through Beta Updates? You can enable Beta Updates by opening Online Armor, going to Options in the menu on the left, and the option for Beta Updates is on the right side (make sure you run an update after enabling Beta Updates).