GT500

Emsisoft Employee
  • Content Count

    13296
  • Joined

  • Days Won

    412

Everything posted by GT500

  1. If the threat exhibits a behavior that both Emsisoft Anti-Malware and Online Armor monitor, then they should both try to display a notification.
  2. Technically, both are applicable. To say that Andrey is already looking into it means that he was looking into the issue before you had opened this topic. If I had meant it in passed tense, I would have said "Andrey has already looked into this". A minor change to the sentence, but a completely different meaning. May I ask where an Emsisoft representative has told you these things?
  3. I assume that Service Pack 3 was installed on this computer? Is the computer you were running the scan on infected? Also, is there any other security software installed on the computer? May I also ask when exactly the error message is displayed? Does it display after the scan starts, just before it starts, or right after you click the button to start the scan?
  4. Would it be possible for you to upload that copy of explorer.exe to VirusTotal, and post the link to the analysis?
  5. 32-bit applications can't see the contents of C:\Windows\System32, and are instead shown the contents of C:\Windows\SysWOW64.
  6. If you look at the third link, Andrey (our primary Online Armor developer) is already looking into the issue.
  7. Were the logs you posted Debug Logs, or were they just firewall logs?
  8. When an entry is highlighted in green that means it is good, and when an entry is highlighted in red that means it is bad.
  9. You need to close Emsisoft Anti-Malware's Guard by right-clicking on the System Tray icon and selecting Shut down Guard. After that, you need to stop the Emsisoft Anti-Malware Service. Click on the Start button, click Run, type in services.msc, and scroll down until you find the service. Just right-click on it and select Stop. This process can be automated with a batch file, however you will need to disable Self protection in Emsisoft Anti-Malware and use a utility such as PsKill to terminate a2guard.exe before using the net command to stop the service. The proper syntax for using the net command to stop the service is as follows: net stop a2AntiMalware
  10. Have you tried installing the beta of Online Armor through Beta Updates? You can enable Beta Updates by opening Online Armor, going to Options in the menu on the left, and the option for Beta Updates is on the right side (make sure you run an update after enabling Beta Updates).
  11. OK, I'll have to do some more testing to see if I can reproduce this.
  12. You can download it directly using this link.
  13. One of our developers just let me know that they had already fixed this, and they are not able to reproduce the issue in the latest version of Emsisoft Anti-Malware. If you are still having issues, then follow the instructions I posted earlier to get us a fresh DebugView log so that I can send it to our developers.
  14. SeaMonkey installed to a folder named "MSM130111"? Or is that just a development version, or a version compiled by a 3rd party?
  15. Do you still have these errors if you close and shutdown Online Armor?
  16. We're going to need a Fidder log to know what is going on. Please download and install Fiddler 2 from this link (this is the version that requires the Microsoft .NET Framework 2.0), and then follow the instructions below: After installing Fiddler, please open it from the Start Menu. Launch Online Armor. Go to Options in the menu on the left. Click on the Internet Settings button. Check the box that says Use a proxy server. Enter localhost in the Address field, and then enter 8888 in the Port field. Click 'OK'. Go back to the Menu on the left, and select Status. Click on the Update now link to start the update (Fiddler must be running when you do this). After the update fails, go back to Fiddler, and to File, then Save, and select All Sessions (please save it on your desktop). Please send the file you saved in Fiddler to me in a private message (don't post it here in this forum topic).
  17. There have been issues with newer versions of Firefox and RunSafer, and there are certain issues with Sandboxie and RunSafer. My recommendation is to try to save a file in a restricted location from Firefox, and see if it is able to do so. If you can't save a file in the root of your C: drive or in the Program Files folder, then RunSafer is working regardless of the green border not being there. You do this by doing what you already did. Going through Online Armor's Programs list and changing whether or not an EXE/DLL/etc. is Blocked, Allowed, Trusted, etc.
  18. The cleaning process is longer due to the new cleaning engine, which is far more advanced than the old one. I do not believe that the scanning process should be longer, however there have been a lot of changes in EAM 8 and it is possible that scan speed was effected as well. May I ask just how much longer the scan time is?
  19. That ESET scan log doesn't look bad. One of the detections was in OTL's quarantine, so it was already deleted. The other detection was related to your Firefox preferences, which you may want to reset to their defaults. As for the Kaspersky Internet Security, it would be best to uninstall that if you do not have a current license for it. It's basically just wasting system resources and not providing any protection. Here's a link to a Kaspersky kowledgebase article about their removal tool for their software, which should allow you to uninstall any of their software that is on your computer. Once you have Kaspersky uninstalled, please download ComboFix from this link and follow the instructions below to run it. Note that some infections will block it from running if you save it as ComboFix so you may wish to rename it in order to prevent this. Make sure you remember what you changed the name to. * IMPORTANT !!! Save ComboFix to your Desktop Disable your AntiVirus, AntiSpyware, and Firewall applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools See HERE for help Double click on the ComboFix icon on your desktop (it has a red and white icon that looks like a white cat's head in a red circle) and follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. **Please note: (This applies to Windows XP systems only) If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, ComboFix will produce a log. Note: 1. Do not click in ComboFix's window while it's running. That may cause it to stall! 2. Remember to re-enable your anti-virus and anti-spyware before reconnecting to the Internet. Attach logs for: (USE THE "MORE REPLY OPTIONS" BUTTON TO BE ABLE TO DO THIS) ComboFix (C:\combofix.txt)Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!
  20. Currently our software only works on Windows platforms. We do not make software for other operating systems, which includes mobile platforms such as Android.
  21. Were you using Sandboxie when you were not able to use your keyboard shortcuts, or were you only using RunSafer?