JeremyNicoll

@StU - good idea, but unfortunately there's no beta available at the moment (nor was there last weekend). The beta & stable feeds are the same thing at the moment. That probably means that in your case restarting the machine fixed it, or the update servers themselves came back online. You can see that therer was no Beta if you read: http://changeblog.emsisoft.com/ On Sept 01, Emsisoft released 2017.8.0.7904 as a Stable update; that (if you look further down the page) was a Beta from 24 Aug.

Well, I'm out of ideas. And of course, whereas Emsisoft can contact the CDN companies (if they have to), I cannot. You might be unlucky here, because (in the UK) it's now between Friday and Saturday - 2am or so - and Emsisoft support can be iffy over a weekend. On the other hand, GT500 is, I think, in a similar timezone to you, and might be along soon. I hope you find a solution.

Yeah, but EAM is trying to fetch updates from commercial CDN servers. Unless any of your other downloads were also coming from the same CDN you wouldn't see that problem. Most users have no idea what sorts of files come from CDNs and what come from ordinary webservers. If you download a file from a normal website, it very likely does not come from a CDN. For example, here in the UK many people download TV programmes "from the BBC". But in fact the files come from CDNs who host the files on behalf of the BBC. For Emsisoft, hosting updates on CDNs mean that other companies are responsible for hosting the files, all over the world. I think you're just unlucky and there's a problem with that in your part of the world at the moment.

I just tried a site that says it tests websites from various locations, using: https://geopeeker.com/fetch/?url=cdn.emsisoft.com and also https://geopeeker.com/fetch/?url=arctic.emsisoft.com Both seemed to work, which isn't helpful. It means that the servers used by the test site could see the two emsisoft servers ok. Does your ISP have any online diagnostic tools if you look on their website? Or, do they have a status page that says whether they think their service is working ok? ISPs do more than just provide connectivity between you and them.

There are websites where you can test if some other site is up or not. When I use those (in the UK) to test if arctic.emsisoft.com is up, they say it is. That means that a test message (a ping) sent to arctic.emsisoft.com gets replied to. It might be useful for you to see if there are any test sites in your country that you could ask if arctic.emsisoft.com is up. If nothing else it might prove to you that the problem is not on your machine.

In your third post you showed an HTTP 504 error. A 504 means some machine (some form of proxy) timed-out. If that proxy isn't in your network, then I suppose it might be a problem in the CDN (Content Delivery Network) where Emsisoft host their updates. The way CDNs work, people in other countries don't see the same machines as - perhaps - you do. This might be something that you'll just have to wait for a fix for, unless Emsisoft support can point you at a different set of servers.

> italian Oops, or maybe not.

Well, do you think the equivalent lines in your log look as if the commands concerned worked? DId they produce sensible answers? Do they show any headers or content for the test pages? And did the traceroute commands produce normal output? (Traceroute on my machine is normally disabled and as I didn't know until I ran it what the diagtool would do, no output from those commands is not a surprise to me.) I presume you're Italian... but are you using the machine in Italy? You're not in China or Egypt or somewhere where the government interfere with internet traffic? Do you have a software firewall on your machine (Windows Firewall, or some other one)? If so have you changed any of its rules lately? I have no idea what your machine's problem is; all I was trying to do was find out what appears to be working and what isn't.

Also, do youknow if your machine is behind a proxy? Are you using at home or somewhere else? If it's on a LAN are other machines working ok?

Thank-you. In the log file you attached for Emsisoft to see, about a couple of hundred lines in (at least in a log I just made on my machine) there's the results of tests of connectivity to update servers. I wonder what you see in the corresponding section? Please do not copy&paste the whole log here - some of it contains private information about your system. Here, what I see in that part of the log is as follows (and note that the 'traceroute' commands here did not work but your ones probably will): --------------------------------- - Test Update Server Connection - --------------------------------- HTTP Headers for arctic.emsisoft.com: -- HTTP/1.1 200 OK Content-Length: 168 Content-Type: text/html Last-Modified: Mon, 18 Sep 2017 13:33:50 GMT Accept-Ranges: bytes ETag: "073ac38230d31:0" Server: Microsoft-IIS/8.5 x-emsisoft: api1 Date: Fri, 22 Sep 2017 23:40:47 GMT -- Page content for arctic.emsisoft.com: -- <!DOCTYPE html> <html> <head> <meta charset="utf-8" /> <meta http-equiv="refresh" content="0;https://www.emsisoft.com"> </head> <body> </body> </html> -- Traceroute to arctic.emsisoft.com: Tracing route to arctic.emsisoft.com [136.243.128.18] over a maximum of 30 hops: 1 General failure. Trace complete. Local DNS information for arctic.emsisoft.com: Non-authoritative answer: DNS request timed out. timeout was 2 seconds. Server: UnKnown Address: 194.168.4.100 Name: arctic.emsisoft.com Address: 136.243.128.18 ______________________________ HTTP Headers for dl.emsisoft.com: -- HTTP/1.1 200 OK Date: Fri, 22 Sep 2017 23:40:50 GMT Keep-Alive: timeout=5 Connection: Keep-Alive Accept-Ranges: bytes ETag: 1503978504 Cache-Control: private, max-age=86400 Content-Length: 142 Content-Type: text/html; charset=utf-8 X-HW: 1506123650.dop001.lo3.t,1506123650.cds016.lo3.shn,1506123650.dop001.lo3.t,1506123650.cds048.lo3.c Last-Modified: Tue, 29 Aug 2017 03:48:24 GMT -- Page content for arctic.emsisoft.com: -- <!DOCTYPE html><html><head><meta charset="utf-8" /><meta http-equiv="refresh" content="0;https://www.emsisoft.com"></head><body></body></html> -- Traceroute to dl.emsisoft.com: Tracing route to cds.z9k5w6b8.hwcdn.net [205.185.216.42] over a maximum of 30 hops: 1 General failure. Trace complete. Local DNS information for dl.emsisoft.com: Non-authoritative answer: Server: cache1.service.virginmedia.net Address: 194.168.4.100 Name: cds.z9k5w6b8.hwcdn.net Addresses: 205.185.216.42 205.185.216.10 Aliases: dl.emsisoft.com

Does the machine with EAM on it have a working internet connection? Are you using it or something else to post here?

@Claudiano - you say you reinstalled. Did you have any difficulty uninstalling the old version? The usual advice to anyone uninstalling is to reboot twice after doing it - did you do that? Also there's a cleanup tool that you can use (if you download it with another PC?) to make sure that the old version is properly uninstalled. See: https://helpdesk.emsisoft.com/Knowledgebase/Article/View/150/45/how-can-i-completely-uninstall-an-emsisoft-product

@Barsuk - your problem has nothing at all to do with the problem that @Claudiano has, so you should have started a thread/discussion of your own instead of hijacking his. Also, although you have described your issue in English, the screenshots are in... Russian? If Russian is your own language it might be more sensible to post in the Russian sub-forum here and get help from others who speak that language. I do not know what the files in C:\WINDOWS\TEMP are. These are NOT the normal user's temporary files which are in places like (on W8.1) C:\Users\userid\AppData\Local\Temp - I would assume they are something placed there by some Windows process. I wouldn't think that any Emsisoft product would place any files in this OS-owned folder.

> I know man, but I'm worry about my IP and other information that these hackers harvested going to do with it IP - do you mean IP address, or intellectual property? Your IP address is known to every website you browse... There's no evidence that anything has been harvested off your machine. > Yet, they still haven't provide these infected users with a removal tool to remove the malware. Whether that's the case or not, if you've not been infected it's irrelevant.

Ah - a log file. Good. (Users like me can't see inside attached files, but when GT500 next looks at this he'll be able to see it and suggest something.)