Jump to content


Emsisoft Employee
  • Content Count

  • Joined

  • Days Won


Posts posted by GT500

  1. yes...that's exactly what's happening..I usually have that checkbox UNCHECKED for traffic being blocked at startup....but it still comes up as blocked....but I can go onto the internet just fine and go wherever I wish...but when I go to manually update OA, it tells me I am not connected to the internet! O.o

    Would it be possible for us to get some logs to help us determine what is causing the issue? I posted instructions earlier in the topic.

  2. The screenshot of your update proxy shows an IP address of and the screenshot of your proxy configuration in EAM shows an IP address of which is most likely your problem. If the computer that the update proxy is running on has an IP address of then you need to enter that in the proxy configuration of every EAM install that you need to have using the update proxy.

  3. Our research team has informed me that, in the case of these samples (since they are classified as riskware), the behavior is expected. Emsisoft Anti-Malware will ask you to upload the files after the scan, and our research team will take a look at them and determine whether or not the certificate should be blacklisted. If they do blacklist the certificate, then after that update is published Emsisoft Anti-Malware will detect the files as malicious and you will be able to remove them normally.

    Please let me know if you have any further questions. ;)

  4. My last update was 26th Ocotober and it tries and I have tried manually cant update at all.

    That threw me off for a moment, since I live in the USA, and it is still the 26th here. If I am not mistaken, you live in Australia, and it is already the 27th there, correct?

    Are you receiving any error messages when you try to update, or does it just act like there are no updates to download? According to the Online Armor update log the last update (at the time of this post) was October 26th at 12:15 AM. That's either GMT or GMT +1, so I'm fairly certain that they haven't posted an update for Online Armor yet today. ;)

  5. There are times when the HIPS in Online Armor can cause some issues with Emsisoft Anti-Malware (although it is usually just performance issues). Adding Emsisoft Anti-Malware to the Exclusions in Online Armor should fix the issue. Here are some instructions:

    1. Click on the Start button, go to All Programs, go to Online Armor, and click on the Online Armor icon to open it.
    2. Click on Options' in the menu on the left.
    3. Go to the Exclusions tab.
    4. Click on the Add button.
    5. Use the little [+] and [-] icons to the left of folder names to open and close them, find the Emsisoft Anti-Malware folder (usually C:\Program Files\Emsisoft Anti-Malware), click on it to highlight it, and then click OK at the bottom.
    6. Close the Online Armor window.

  6. You're quite welcome. ;)

    Here's some final instructions for after you finish your defrag:

    1. Make Sure Java is Updated:

    1. Click on the

    2. Click on
      Control Panel

    3. Click
      Add or Remove Programs

    4. Look for Java in the list (should be alphabetical), and uninstall all versions of Java that you find listed.

    5. Click on
      this link
      and download and install the latest Java (the
      Windows Online
      download will be faster).

    2. Make Sure Adobe Flash is Updated:

    1. Click on
      this link
      and download the latest version of Adobe Flash Player for your web browser.

    2. You will need to close your web browser when installing Flash.

    3. Make Sure Adobe Acrobat Reader is Updated:

    1. Click on the

    2. Click on
      Control Panel

    3. Click
      Add or Remove Programs

    4. Look for any versions of Adobe Reader or Adobe Acrobat Reader in the list (should be alphabetical), and uninstall all of them (if you have Adobe Acrobat, which is the premium software from Adobe, then you
      do not
      need to uninstall it).

    5. Click on
      this link
      to go to the Adobe Reader download page, make sure to unselect any offers for toolbars or other free software, and download and install the latest version of Adobe Reader.

    (please note that some people do prefer to use third-party PDF viewers such as
    PDF X-Change Viewer
    Foxit Reader
    which are not as commonly exploited as Adobe Reader, so if you would prefer to use one of those then you do not need to download and install Adobe Reader)

    4. Make Sure Your Computer Has The Latest Windows Updates:

    1. Right-click on the little Online Armor icon in the lower-right corner of the screen (to the left of the clock), and select the option to enable
      Learning Mode
      . We recommend that you
      put Online Armor in Learning Mode when installing Windows Updates, even though you shouldn't have any problems with Online Armor and Windows Updates on Windows XP.

    2. Click on the

    3. Go to
      All Programs

    4. Click on
      Windows Update

    5. If you have never run Windows Update, then it will probably need to install an ActiveX control and update the Windows Update software before it can continue, so make sure you keep an eye out for that pale-yellow bar that pops up at the top of the page when Windows Update needs to install a new component, and click on the yellow bar and select to allow it.

    6. Once it is loaded, click on the

    7. It will check for available updates, and once it is done you can click the
      Install Updates

    8. It may ask you to accept a license agreement before it installs, so make sure you say

    9. When it is done installing updates, it may ask you to restart your computer, so close anything you are working on and allow it to restart.

    10. Note that the update process can take a while, and you may need to run it several times before all of the updates get installed.

    11. Make sure to turn Learning Mode off in Online Armor once you are done installing Windows Updates.

    5. Web Of Trust Extension:

    While this is not a requirement, I highly recommend that you click
    this link
    and check out the Web Of Trust extension for your web browser. It will add an extra layer of protection to your web browsing for free, and it is especially helpful when doing searches on Google, Yahoo!, Bing, etc. as it will point out what sites are considered trustworthy and what sites are not by drawing a colored circle to the right of each search result. Green means trusted, red means not trusted, yellow is in between, and white means it is not in Web Of Trust's database.

    6. Empty The System Restore:

    1. Click on the

    2. Right-click on
      My Computer

    3. Select
      from the list.

    4. In the window that pops up, click on the
      System Restore

    5. Click the check box to
      Turn off System Restore

    6. Click the
      button at the bottom-right, and answer
      to the question.

    7. Depending on how much data is saved in the System Restore, it could take more than a few minutes to empty it.

    8. Click the check box to
      Turn off System Restore
      again and click
      to turn the System Restore back on.

    9. Click on the
      button again.

    10. Go to
      All Programs

    11. Go to

    12. Go to
      System Tools

    13. Click on
      System Restore

    14. Select
      Create a restore point
      on the right, and click
      at the bottom.

    15. Enter a description for the restore point, and click

    16. Click
      to finish the process.

  7. 1) When we adjust the EAM for updating from update proxy, it does no connect to server and update via Internet (online).

    Do you have access to the logs from this proxy server?

    2) When we double click on "a2updateproxy.exe", its page open and doesn't close any way. Why???

    The a2updateproxy.exe program is intended for use in a corporate network so that server admins can run what is essentially a cache that keeps copies of updates after one EAM client downloads them. EAM running on other computers on the network will then be able to download that update from the update proxy rather than from the Emsisoft update servers. This reduces the amount of bandwidth needed to support updates for hundreds of workstations that are all running Emsisoft Anti-Malware, but would have to use the same Internet connection to download updates.

    It does not close because it is intended to run as a service, and only close when stopped.

    You can find more information here, including installation instructions.

    • Upvote 1
  8. I have found that if I switch to standard mode I am able to update time manually then I switch back to advanced mode and OA seems then to have no problems with Windows Time updating.

    Andrewf (the OA dev) already has logs about this from me (#3014), but the more logs the merrier :)

    Actually, someone else mentioned that they had reported this as well, and that it was only happening when Online Armor was running in Advanced Mode. Switching to Standard Mode may be a viable workaround until Andrey can nail down the cause. ;)

  9. OK, our developers have checked your log, and they have informed me that they will also need a log from DebugView and they will need to see your settings for the File Guard.

    For the File Guard settings, you can simply ZIP the a2settings.ini file and attach that to a reply (or you can send it to me in a private message if you prefer). You should find the file in the main Emsisoft Anti-Malware folder (which is normally C:\Program Files\Emsisoft Anti-Malware). To ZIP it, you can right-click on the file, go to Send to, and select Compressed (zipped) folder. Windows may give you an error, saying that you do not have permission to write to that location, and ask you if you want to save it on your desktop instead, so say 'Yes' to that if you see it. You should be able to attach this zipped file to a reply.

    For the DebugView log, we'll need to set a registry entry that will tell Emsisoft Anti-Malware to output debug information that DebugView can see and save in its log. The following file eam_enable_debug_output.zip contains a batch file which, when run with administrative rights, will automatically create that registry entry for you. Please download this file, extract the batch file from it (it will also be named eam_enable_debug_output), and run the batch file (if your computer is running Windows Vista or Windows 7 then please make sure to right-click on the batch file and select to Run as administrator):

    After that, please restart your computer, and then proceed with the instructions below:

    1. Download DebugView from this link:
    2. When downloading, make sure to save it on your Desktop instead of clicking 'Run' or 'Open'.
    3. Right-click on the 'DebugView' file that you just saved on your Desktop, and select "Extract All".
    4. Before running DebugView, you will need to add a process exclusion to Emsisoft Anti-Malware to prevent crashing issues. Here are the instructions:

      1. Please go ahead and open Emsisoft Anti-Malware from the icon on the desktop.
      2. click on Guard in the menu on the left.
      3. Go to the File Guard tab.
      4. Click on the Manage whitelist link on the left, just above 'Alerts'.
      5. On the left, under where it says Type, click on where it says File and change it to Process.
      6. Click in the white space to the right of where you just changed 'File' to 'Process', under where it says Item, and a little button with three dots on it will appear to the right.
      7. Click on the button with the three dots.
      8. Navigate to the folder where DebugView is saved (this should be on your desktop), select the Dbgview file, and click the Open button in the lower-right.
      9. Click OK at the bottom to save the settings, and then close Emsisoft Anti-Malware.
      10. [*] Open the new DebugView folder that was created on your Desktop after extracting.

        [*] Windows XP and 2000 users should double-click on the file named 'Dbgview'. Windows 7 and Vista users should right-click and select "Run as Administrator".

        [*] Click on the 'Capture' menu, and select everything except "Log Boot" (you will have to open the menu again after clicking to select an item).

        [*] After selecting the options in the 'Capture' menu, click on the 'File' menu and select "Log to File As" and create a file on your desktop for it to save the log to.

        [*] Do whatever it is you need to in order to replicate the issue.

        [*] After the system freezes, restart your computer (you may need to hold down the power button for about 4 or 5 seconds to shut it down first), and make sure that the log was saved on your desktop.

        [*] Please attach that log file to a reply so that we may analyze it for errors. You will need to use the More Reply Options button to the lower-right of where you type in your reply in order to access the attachment controls.

        Note: You may need to ZIP the log file in order to attach it. If you do not have a program such as 7-Zip, WinZip, WinRar, etc. then you can right-click on the log file, go to Send to, and click on Compressed (zipped) folder. You will be able to attach the ZIP archive to a reply.

  10. We'll probably need some logs to see what the problem is. Please open Online Armor, go to Options in the menu on the left, click the little check box to enable debug mode, restart your computer, and then try updating your computer's time from one of these non-Microsoft sources again. After that, please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs), upload it to a website such as RapidShare/DepositFiles/BayFiles/etc (which one you use is up to you), and then copy and paste the link to download the file into a reply (or you can send it to me in a Private Message if you don't want the link posted publicly on the forums). Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to Send To, and clicking on Compressed (zipped) Folder.

    Edit: Scratch that. Andrey says he doesn't need any more logs for this issue. ;)

  11. Please download Emsiclean from this link (be sure to save it on your desktop), and follow the instructions below to get me a log:

    1. Run the Emsiclean download that you saved on your desktop.
    2. Read the disclaimer. Note that you must agree to it in order to proceed.
    3. Once the scan is finished, simply exit Emsiclean, and do not remove anything.
    4. A new file will be saved on your desktop with a log of what was detected. Please attach that to a reply by using the More Reply Options button to the lower-right of where you type in your reply.

  • Create New...