GT500

Emsisoft Employee
  • Content Count

    12842
  • Joined

  • Days Won

    387

Everything posted by GT500

  1. I know for a fact that the first three are. You can see a basic list of the various features at this link.
  2. With the Guard and Service shut down, there shouldn't be any way for Emsisoft Anti-Malware to cause issues. Lets get an OTL log, and see what it shows us. Please run OTL by following the instructions below: Click this link to save OTL onto your desktop (please make sure to click 'Save' instead of 'Run'). Double click on the OTL icon on your desktop to run it. Make sure all other windows are closed and to let it run uninterrupted. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan will take a few minutes. When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. The first one (OTL.txt) will be automatically saved on your desktop next to OTL, and the second one will need to be saved manually. Please make sure that both OTL.txt and Extras.txt are saved on your desktop, and then attach both of them to a reply so that we can take a look at them.
  3. The issue stems from the fact that Emsisoft Anti-Malware is a 32-bit application, and on 64-bit Windows there are certain things that are hidden from 32-bit applications. It is possible to bypass these limitations, however doing so when using a file selection dialog causes some major issues, and there is currently no known workaround for that. The Emsisoft Anti-Malware Service does not suffer from this limitation, and thus adding the path to the file manually as you did will work.
  4. It looks like there may be an issue on the server that HiJackFree contacts when it does its Online Analysis, so I have sent a report to our server administrators so that they can take a look at it.
  5. I can confirm this on my Windows 7 x64 system. I will investigate to see if I can find out why this is happening.
  6. OK, I have been talking to Fabian about this, and he has told me that the service (even though it is 32-bit) will handle the file path correctly when you enter it into the whitelist manually, but the GUI (a2start.exe) cannot handle viewing the real contents of System32 because bypassing the filesystem redirection of WoW64 means that it will cause a2start.exe to load the 64-bit shell32.dll instead of the 32-bit shell32.dll, and this it would horribly break things.
  7. May I ask what happens if you right-click on the Online Armor icon in the lower-right corner of the screen (to the left of the clock) and select to close and shut down Online Armor? If that does work, you can also try following the instructions in post #4 in this topic for shutting down Emsisoft Anti-Malware. Let me know if shutting down both helps.
  8. Then please allow me to illustrate with a screenshot: Basically, what the screenshot is showing is that when you browse to C:\WINDOWS\System32 when selecting a process to add to the whitelist in EAM on Windows 7 x64, it sees the contents of C:\WINDOWS\SysWOW64 instead of the contents of C:\WINDOWS\System32 which is why I reported a bug. It may be possible that this is intended (this is how WoW64 works), however I felt that it was best to report this so that the developers can take a look at it since there are ways to bypass this restriction of WoW64 and have access to the 64-bit files in a 32-bit application. Edit: If you don't see it right away, then look at the file size and date modified for MRINFO.exe in EAM's file selection dialog, and compare it to the ones shown in C:\WINDOWS\System32 and C:\WINDOWS\SysWOW64 to verify which one it is.
  9. Thank you for reporting this. I have confirmed it, and reported a bug.
  10. A quick check of your account shows that you have licenses for Emsisoft Anti-Malware an Online Armor. If you do not have an icon for Emsisoft Anti-Malware on your desktop, then you can download and install it from one of the links below: http://download1.emsisoft.com/EmsisoftAntiMalwareSetup.exe (Europe) http://download2.emsisoft.com/EmsisoftAntiMalwareSetup.exe (Europe) http://download3.emsisoft.com/EmsisoftAntiMalwareSetup.exe (Europe) http://download4.emsisoft.com/EmsisoftAntiMalwareSetup.exe (North America)
  11. Please try the following temporary troubleshooting steps: Open Online Armor. Under where it says System Status click on the link that says Standard Mode and change it to Advanced Mode. Select Options from the menu on the left. Go to the Firewall tab. Click the Uninstall Firewall button. That will remove the "OA Helper Driver" from each of your network connections that allows Online Armor to monitor network traffic. If the issue persists after doing that, then Online Armor is most likely not the cause, and you will probably need to use a program such as WinMTR to check to see if there is an issue somewhere between your computer and the address that your VPN software is trying to connect to.
  12. We'll need to know what folder it is getting stuck on, and if it is getting stuck on a particular file.
  13. You're quite welcome. Please let us know if you have any further issues.
  14. Please follow the instructions at this link and attach the logs to a reply by using the More Reply Options button to the lower-right of where you type in your reply.
  15. It could be having an issue with the filesystem. Since the directory it is scanning in is in the System Restore, them you may need to empty the System Restore and create a new restore point. Here's some instructions on how to empty the System Restore: Click on the Start button. Right-click on Computer Select Properties from the list. In the window that pops up, click on the System protection link in the menu on the left. The buttons may not be clickable for a few moments, but once you can click on them select the drive in the list near the bottom that shows protection is on (this will usually be you C: drive) and click the Configure... button. Click the button near the bottom-right that says Delete to clear all System Restore data. Once finished, click OK to close that window. Now you will want to make sure that the correct drive is selected again (usually your C: drive) and click on the Create button to create a new restore point. Fill in a name for the restore point, and click the Create button. Once it is done, you can close the windows that were opened to get to the System Restore settings.
  16. I don't think the ports 49152 through 65535 are worth worrying about, unless an unknown application is trying to use them. Some Microsoft documentation says that some of these ports can be used by Remote Desktop, however these ports are the dynamic and/or private ports that can be used for pretty much anything, so it is impossible to say exactly what they are being used for without using a utility to analyze the network traffic. Since they are being used by the system, they are probably OK. As for the two processes that have port 1900 open, they can't both listen to that port at the same time. If one is listening on that port, and one is sending on that port, then it will work OK. HiJackFree doesn't show either of them listening. If they do try to listen on that port, then the first one to open it will probably be the only one that will be able to listen on it.
  17. Just to let you know, RapidShare has not been working here lately, so you may want to use one of the other services (or if the ZIP archive containing the logs is small enough, you could attach it to a Private Message to me on these forums).
  18. My apologies for the misunderstanding. Did disabling Emsisoft Anti-Malware not make any difference?
  19. To be fair, had you given me 20 more minutes, I would have replied to it first. This is technically not true. The 64-bit binaries are bundled in the same installer as the 32-bit binaries, so while we do not have a separate 64-bit download, our product has 64-bit binaries and drivers that will be installed on a 64-bit edition of Windows. It is true the user interface components are 32-bit even on 64-bit systems. These do not actually need to be 64-bit applications, as all of the actual work is done by the service which is a native 64-bit application when installed on 64-bit editions of Windows.
  20. Is Emsisoft Anti-Malware the only security software that you are using?
  21. If you really need the computer to be shut down at night, then I recommend avoiding going to these measures, and just run a faster type of scan during the day when you will have time to deal with the scan results.
  22. May I ask what processes are using port 1900? In my example screenshot below (you can click on it to make it bigger), you can see that svchost.exe has port 1900 open. As for the other ports, do they show a process that has them open? The PID isn't as important as the process name.
  23. OK. Please let us know if you have any further issues.
  24. We'll probably need some logs to see what the problem is. Please open Online Armor, go to Options in the menu on the left, click the little check box to enable debug mode, restart your computer, and then try reproducing your problem. After that, please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs), upload it to a website such as RapidShare/DepositFiles/BayFiles/etc (which one you use is up to you), and then copy and paste the link to download the file into a reply (or you can send it to me in a Private Message if you don't want the link posted publicly on the forums). Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to Send To, and clicking on Compressed (zipped) Folder.