Jump to content

GT500

Member
  • Posts

    14249
  • Joined

  • Days Won

    457

Everything posted by GT500

  1. I can take a look at the issue via TeamViewer if you want. What days and times work for you? I'm on U.S. Eastern Time, so if you're in another Time Zone or do not observe DST then let me know. Also, it's generally best to schedule a remote session at least 1 day in advance.
  2. Emsisoft Anti-Malware does not scan e-mails, but it does scan most files the moment they are created, so the moment you save or open an attachment it would be scanned. Here's how to add process exclusions for Malwarebytes Anti-Malware: Open Emsisoft Anti-Malware from the icon on the desktop. Click Guard in the menu on the left. Go to the File Guard tab. In the lower-left corner, just above Alerts, click on the Manage whitelist link. In the box under Type click the little down arrow and change it from File to Process (you may need to click in the box for the arrow appear). Click in the white box below Item to make a button with three dots (...) appear, and then click the ... button. Navigate to the directory where the files you wish to exclude are located, and double-click on one of them to add it. Repeat the last 3 steps as needed to add each file to the exclusions list. Click the OK button at the bottom when done, and close Emsisoft Anti-Malware. The Malwarebytes Anti-Malware folder should be C:\Program Files (x86)\Malwarebytes Anti-Malware, and these are the files you should add as process exclusions: mbam.exe mbamgui.exe mbamservice.exe After that, open Malwarebytes Anti-Malware and do the following: Click on the Ignore List tab. Click the Add button in the lower-left. Using the little [+] and [-] buttons to open and close folders, go to C:\Program Files (x86) and click on the Emsisoft Anti-Malware folder, then click OK.
  3. Try holding down the Ctrl and Alt keys, and tap N to see if that turns your Internet connection back on.
  4. The cookie scan is being removed from all of our scanners (it's already been removed from Emsisoft Anti-Malware, and I believe from the standalone A2CMD as well).
  5. I have not used Any Video Converter, however I am fairly certain it is safe. What you are seeing is a generic warning about the way it handles keyboard input. I would believe I already replied to you on our helpdesk (so you should have an e-mail from me), but for those who are curious I will post this here as well. For video conversion I generally recommend Avidemux. There is also Handbrake, which may be easier to use for some people but supports less formats. These tools will be free of the junkware that you often get with video and music converters that you find on download sites, and they do a fairly good job. Here's a "Getting Started" guide for Avidemux, and here's a basic guide on using Handbrake.
  6. I've replied to them on our helpdesk, so they should have an e-mail from me.
  7. Are there any other executable files in that folder, or is is just NokiaSuite.exe? Exclusions in Online Armor are easy (you just add the entire folder), but Emsisoft Anti-Malware requires that you exclude each running process, so you'd need to manually exclude any executable file in the folder.
  8. There doesn't seem to be a service for this Nokia software. Does it only run when you launch it from icon somewhere?
  9. Just to let you know, the cookie scan is most likely going to be removed in the future, so I would recommend managing the cookies through the web browser rather than with a scanning utility like Emsisoft Emergency Kit. Also note that extensions such as Ghostery are capable of preventing tracking cookies, which pretty much eliminates the need for retroactive cookie scans like the one that Emsisoft Emergency Kit does.
  10. One of our developers said that updates appear to be working OK in your latest series of logs. Are you still seeing the updates stall?
  11. If you launch the Emsisoft Emergency Kit Scanner and do an update, then it will download the latest version of the program.
  12. OK, exclusions will probably be needed to prevent the issues. Lets start by getting a log from FRST, so that we know where the Nokia software is installed and what startup items and services it installed on your computer. Please download Farbar Recovery Scan Tool (FRST) from one of the following links, and save it to your Desktop (please note that some web browsers will automatically save all downloads in your 'Downloads' folder, so in those cases please move the download to your desktop): For 32-bit (x86) editions of Windows: http://download.bleepingcomputer.com/farbar/FRST.exe For 64-bit (x64) editions of Windows: http://download.bleepingcomputer.com/farbar/FRST64.exe Note: You need to run the version compatible with your computer. If you are not sure which version applies to your computer, then download both of them and try to run them. Only one of them will run on your computer, and that will be the right version. Run the FRST download that works on your computer (for Windows Vista, Windows 7, and Windows 8 please right-click on the file and select "Run as administrator"). When the tool opens click "Yes" for the disclaimer in order to continue using FRST. Press the 'Scan' button. When the scan is done, it will save a log as a Text Document named 'FRST' in the same place the tool was run from (if you had saved FRST on your desktop, then the FRST log will be saved there). Please attach the FRST log file to a reply (it is best if you do not copy and paste it into an e-mail). The first time the FRST tool is run it saves another log (a Text Document named 'Addition' - also located in the same place as the FRST tool was run from). Please also attach that log file along with the FRST log file to your reply. If you are not used to attaching files to e-mails, then just look for a button in the toolbar above where you write your message that has a paperclip icon, and that should be the attachment button.
  13. I haven't heard anything from our developers, but will see if I can follow up with them.
  14. Yes, go ahead and run the batch file to disable debug output. I'll pass this your log on to one of our developers.
  15. You need to exit the Guard by right-clicking on the System Tray icon first, then you can stop the service from the service manager.
  16. My understanding is that our malware analysts are not currently updating the database for HiJackFree, and that we are intending on discontinuing it. We recommend using a tool such as Autoruns instead.
  17. Adding those ports as allowed means they are being allowed through the firewall for httpd despite your rule to block it in the Firewall section.
  18. The kind of rules that are usually sent to the Anti-Malware Network are Application Rules for the Behavior Blocker. You can find these by doing the following: Open Emsisoft Anti-Malware. Go to Guard in the menu on the left. You should be on the Application Rules tab when you do that. These rules are created when you select to Allow or Block something from notifications displayed by Emsisoft Anti-Malware about potentially malicious behavior.
  19. I have attached a ZIP archive to this message named "cleaning_engine_debug_output.zip" which contains two batch files. One is named "cleaning_engine_enable_debug_output" and the other is named "cleaning_engine_disable_debug_output". Please download this ZIP archive, extract the batch files, and run the "cleaning_engine_enable_debug_output" file (if your computer is running Windows Vista or Windows 7 then please make sure to right-click and select to "Run as administrator"). cleaning_engine_debug_output.zip After running the batch file, launch Emsisoft Emergency Kit try your scan again. After Emsisoft Emergency Kit fails to delete the detected items, close the scanner, and then check the Emsisoft Emergency Kit folder (usually C:\eek) and there should be a file named "clean.log" (the files should be listed in alphabetical order). Please ZIP this file (if you do not have a program such as WinZip, 7-Zip, or WinRar then please right-click on the file, go to "Send To", and select "Compressed (zipped) folder") and make sure to save the ZIP archive on your desktop to make it easy to find. After that, please attach the ZIP archive with the clean.log file in it to a reply.
  20. Port 80 is the port that normal HTTP traffic is sent and received on. HTTPS (SSL/TLS encrypted HTTP traffic) should use port 143 if I remember right. If you block Apache in OA's Program settings, then Apache cannot run. Blocking the ports denies it Internet access, however from what you have said it sounds like Apache won't start if it cannot open that port. I don't really know anything about Apache (I use NGINX rather than Apache), so you may want to ask about the proper httpd.conf settings on the Apache IRC channel (see this link for information about getting help with Apache, and please bear in mind that most people using Apache are probably running it on Linux instead of Windows).
×
×
  • Create New...