JeremyNicoll

Member
  • Content Count

    1772
  • Joined

  • Last visited

  • Days Won

    26

Everything posted by JeremyNicoll

  1. Just for info... at about 10pm tonight I woke up my sleeping laptop to find a message telling me that EIS needed to restart - should it? I said YES. I'm not sure whether it did or not - normally I get warning panes from Windows telling me that there's no active a/v or a/malware app while a restart is happening, and I didn't see any. It was soon obvious that there was a problem because double-clicking on application icons didn't start anything. I asked Windows to do a restart. After about 2 minute of watching a screen saying "Restarting..." I used the long-press-on-the-power button method to kill the machine. After that I rebooted as far as the user login screen, and from there asked Windows to do a restart. After that, I logged-in when the login screen next appeared. My first priority was a scan of the C-drive - fortunately Windows reported that clean. There's nothing useful (in the time span between waking the machine and forcing it off) in Event Viewer, perhaps not too surprisingly.
  2. Most times when I open a new tab in Firefox, a2service's commit size goes up. The commit size never comes down. If I shut & reopen Firefox, commit size goes up - sometimes by as little as a few tens of MB, sometimes by several hundred MB. If I shut & reopen FF several times it gets worse and worse. In these experiments I've typically only got a maximum of 6 tabs open. When I open a new tab, I almost always do so pointing at a simple page - Google's advanced search, namely: https://www.google.co.uk/advanced_search?hl=en - the most recent open of that increased a2service's commit size by 60 MB. Any time I open a tab for a website that's even moderately complex, commit size goes up a lot more... and continues to go up as I explore that website. And, closing tabs doesn't bring it down again. I don't run any non-standard extensions in FF. Flash is set so FF will always ask me if it should be activated... and usually I'm not browsing pages that use Flash anyway.
  3. Unlike the previous problem, this one doesn't seem to implicate the paged or non-paged pool. Nor is a2service's working set ever large. It's simply that the commit size grows rapidly, always eventually causong Windows to tell me to shut programmes immediately - which is when I reboot. Starting Firefox (which was at v49.0.1 yesterday but is now v49.0.2) immediately increases commit size markedly. Using SysInternals' VMmap suggests the committed VS is all in a2service's use of 'private data' (ie not stack or mapped files, or heap storage etc) and that same classification of storage use (private data) has only a WS or about 70 MB. This looks to me like a virtual storage memory leak.
  4. ... machine has had a full shutdown and cold reboot since my first posts... and Commit Size - which was briefly around 500-600 MB has climbed steadily since then; it shot way up during that signatures update and did not come down again.
  5. And see what happened to memory use when EIS did an update
  6. I meant to say: this machine has barely been on in the last few days so hasn't had an earlier opportunity to show EIS 12 problems. Some of tonight's reboots have been prompted by Windows' error box saying machine is about to run out of memory. I've also had Firefox (about the only program of note that is running) crash at times that Task Manager shows memory use is more than 90% of the available VS total. In last few mins a2service.exe just did an update, I think, and its Commit Size is now 9,849,820 K ... it's ridiculous.
  7. This looks just like the issue discussed at length in problem http://support.emsisoft.com/topic/20057-possible-virtual-memory-problem-with-a2serviceexe/ - which did more or less clear up at some point in the last months, though sometimes seemed to come back for a few days. Right now, I've had to reboot my W8.1 machine twice in the last two hours or so, because each time Windows' Task Manager has shown a2service.exe having Commit Size values which climb and climb. Right now, on this machine with 8 GB of real RAM, plus some paging space, that Commit Size is > 9.5 GB. It's only taken about 30-40 minutes to climb that high. IIRC when things are working 'normally' the value is somewhere between 0.5 and 1 GB and is stable.
  8. I don't know; I've hit another bad patch health-wise and been using the machine much less in the last few weeks. I've also pre-emptively restarted it a lot more. I have the impression that the problem is still with me. It was always clear that memory use could be stable for hours then shoot up then be stable-ish again, ie it must have depended a bit on what I was using the machine for. Maybe whatever activity that was hasn't been so prevalent? Also, I seem to remember that I got bogged down in other problems when I did the reinstall you'd asked for - not being able to persuade EIS that I was running in a private network. I do not expect to have time to think about either of these issues until next week at the earliest.
  9. Well, shouldn't it still give some sort of clue as to what/where the error was? Actually I had another instance of that error message last night, about ten seconds before the machine froze, out of memory. But that's a matter for the memory-use discussion, when I next update it.
  10. So what would the "ethernet" in the OP's list of adapters be?
  11. Having logged out of the busy userid and in as the admin one, nothing (that I'd choose to start) was running. Is there any chance of you guys changing the (basically useless) error message so that it gives some sort of clue to what went wrong - a resolver problem, a funny status code from your server, or whatever? Anyway... isn't the only thing on the machine that should be capable of interfering with connectivity... EIS?
  12. > Are you telling about this ? No. "a2start.exe" in Details. How did you bring up the GUI screen, shown in your screenshot, if clicking the tray icon did not work?
  13. EIS 11.8.0.6465, W8.1 64bit I've been browsing a lot today and memory use had got very high, so it was time for a restart. Just before doing that I logged out of my normal userid and in as my Admin one (to do something I need to do for each userid every so often). While there, EIS popped-up an alert saying "An unexpected internal processing error occurred. Please contact the support team." The Security Overview screen showed no errors. I did the restart I was planning to do; now I'm logged back in as the day-to-day user. The update log's most recent entry has an entry saying "connection error" which when expanded says: General Information: Update started: 04/06/2016 17:59:54 Update ended: 04/06/2016 17:59:55 Time elapsed: 0:00:01 Connection error Detailed Information: 0 modules, 0 bytes I've triggered a manual update which worked fine.
  14. Marko, when you originally uninstalled EIS, you say you ran Emsiclean. Did that notice that epp was present? If so, what happened when it tried to remove it? I'm wondering how you ended up with another(?) instance of epp needing deleted later on.
  15. > I received your logs, and I don't see any problems in them... OK; I think it's interesting that when the GUI fails to contact the servers it decides very quickly that such contact is impossible. IIRC each time I clicked on the retry button, it was only a second or so later that it said it couldn't make contact. Maybe there's just a far-too-short timeout somewhere? > I assume you're still having the issue with the firewall and changing between public/private? Yes. EIS here updated to v11.8.0.6465 about 25 hours ago, and the PC has been switched off between then and earlier today, so has had a reboot and (presumably) a 'new connection', but still shows me as being on a Public network despite the settings saying: "Category for new connections" Private, and "Use Windows settings" not being selected. I did, just now, try changing the "Category" value to Public, then clicking OK, then exiting the GUI, unplugging & replugging the LAN cable & going back to that dialog - to see it said Public (which of course proves nothing), then changing "Category" back to Private. clicking OK, exiting the GUI, unplug/replug... etc... but after that it still says Public.
  16. Thank-you. The memory thing I'll pursue on the other thread, but wait until this oddity is fixed in case it's somehow related or you want me again to uninstall and re-install. Do you have any thoughts about the installer/EIS being unable to contact update servers during the install, even though the tracert's in the diagnostic .bat that I ran while in th emiddle of the install, before trying again and finally continuing past that stage, worked just fine. (See screenshot for "can't connect".) Output from them was: ----------------------------- - Traceroute Update Servers - ----------------------------- Checking update.emsisoft.com: Tracing route to update.emsisoft.com [136.243.128.18] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms 192.168.1.1 2 23 ms 22 ms 21 ms cpc9-sgyl32-2-0-gw.18-2.cable.virginm.net [82.44.24.1] 3 6 ms 7 ms 7 ms sgyl-core-2a-xe-212-0.network.virginmedia.net [82.13.247.21] 4 * * * Request timed out. 5 * * * Request timed out. 6 * * * Request timed out. 7 14 ms 28 ms 15 ms nrth-bb-1c-ae0-0.network.virginmedia.net [62.254.42.134] 8 32 ms 32 ms 34 ms fran-ic-2-ae0-0.network.virginmedia.net [62.254.42.178] 9 37 ms 35 ms 36 ms decix-gw.hetzner.de [80.81.192.164] 10 39 ms 40 ms 39 ms core23.hetzner.de [213.239.203.154] 11 44 ms 41 ms 42 ms ex9k2.rz21.hetzner.de [213.239.203.190] 12 42 ms 40 ms 42 ms api1.emsisoft.com [136.243.128.18] Trace complete. Server: cache1.service.virginmedia.net Address: 194.168.4.100 Name: update.emsisoft.com Address: 136.243.128.18 Checking dl.emsisoft.com: Tracing route to gs1.wpc.v2cdn.net [93.184.221.133] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms 192.168.1.1 2 8 ms 8 ms 15 ms cpc9-sgyl32-2-0-gw.18-2.cable.virginm.net [82.44.24.1] 3 5 ms 7 ms 7 ms sgyl-core-2b-xe-212-0.network.virginmedia.net [82.13.247.57] 4 * * * Request timed out. 5 * * * Request timed out. 6 * * * Request timed out. 7 21 ms 22 ms 22 ms tcl5-ic-5-ae0-0.network.virginmedia.net [62.254.84.66] 8 18 ms 19 ms 28 ms 195.66.236.62 9 20 ms 20 ms 19 ms 93.184.221.133 Trace complete. Server: cache1.service.virginmedia.net Address: 194.168.4.100 Name: gs1.wpc.v2cdn.net Address: 93.184.221.133 Aliases: dl.emsisoft.com wpc.AC4D.edgecastcdn.net Checking cdn.emsisoft.com: Tracing route to cds.z9k5w6b8.hwcdn.net [205.185.216.42] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms 192.168.1.1 2 23 ms 9 ms 7 ms cpc9-sgyl32-2-0-gw.18-2.cable.virginm.net [82.44.24.1] 3 7 ms 7 ms 8 ms sgyl-core-2a-xe-212-0.network.virginmedia.net [82.13.247.21] 4 * * * Request timed out. 5 * * * Request timed out. 6 * * * Request timed out. 7 * * * Request timed out. 8 19 ms 22 ms 17 ms tele-ic-8-ae5-0.network.virginmedia.net [62.252.224.94] 9 24 ms 24 ms 24 ms m398-mp2.cvx3-a.ltn.dial.ntli.net [213.104.85.142] 10 20 ms 19 ms 19 ms ae0.r3.lo.hwng.net [209.197.0.229] 11 16 ms 19 ms 19 ms 209.197.10.122 12 19 ms 19 ms 19 ms map2.hwcdn.net [205.185.216.42] Trace complete. Server: cache1.service.virginmedia.net Address: 194.168.4.100 Name: cds.z9k5w6b8.hwcdn.net Addresses: 205.185.216.10 205.185.216.42 Aliases: cdn.emsisoft.com
  17. I noticed last night that the EIS shield had suddenly turned green, having been amber for a couple of days. Logs - Update shows 'Connection error' many times from around 10am on 23rd, to early afternoon on the 24th, then starts working & has worked since then. Protection - Firewall - Manage Networks STILL shows that I'm on a Public Network even though I wanted 'new connections' to be Private & Windows isn't supposed to be making that decision. And, kernel non-paged pool memory use for the first day or so (while EIS was not uptodate) did grow, but only very slowly, staying around 720 KB for five hours then over 6 hours increasing to 2 MB. But later yesterday it went up to 350 MB and now it's up to just over one GB. Interestingly, for the first day or so of the newly-installed EIS, I was logged-in as my admin id, which I don't normally use for day-to-day stuff, but do use when I'm uninstalling & installing things. I stayed logged in as that for a day or so after I hit the problem bringing signatures uptodate, and classifying the network properly, hoping there would be a quick fix. It wasn't until 1311 on 24th that I logged-out & then in as my ordinary user... and it looks as if the next update attempt after that was the first of the ones that worked. I have made no manual changes to any rules or settings, so far, except for trying to get the network type to accept Private, and having debug logs on for a while.
  18. You could send them as a PM (private message) to GT500; to do that hover the mouse over his name (at the top lefthand part of one of his posts) and choose 'Send Message'. When the simple editor opens up a window for you to write that message, click on 'Use full editor' at the bottom of that pane. The editor that opens up has options for attaching files just to that private message.
  19. Do you know which version you uninstalled, and made the backups from? And which version did you (re)install? If you look at the .ini files in the installation folder, probably C:\Program Files\Emsisoft Internet Security\, by right-clicking them and opening them in Notepad, do they look similar to the backed-up settings files - that is, plain text? In my a2rules.ini, for example, there's a pair of entries (one is the 'application rule', the other a firewall rule) for Firefox, looking like: [C:\Program Files (x86)\~M-folder\Mozilla\Firefox\firefox.exe] Revision=4 SectionType=1 SHA1=BFD15925DCD4376358009266DD389FE595C74591 GUID={8B015EBF-C72F-499C-8BBA-C9DA2D01E889} Action=1 Worm=0 Dialer=0 Backdoor=0 Hijacker=0 Inject=0 Downloader=0 Spyware=0 Service=0 KeyLogger=0 Startup=0 HiddenInstall=0 Virus=0 Hosts=0 Rootkit=0 BrowserSettings=0 Debugger=0 RemoteControl=0 DirectDiskAccess=0 SystemPolicies=0 Exploit=0 CryptoMalware=0 Updated=1 [FirewallRules_8B015EBFC72F499C8BBAC9DA2D01E889_D114142AE71E414AB74AA81FCC436D97] Revision=1 SectionType=2 Name=Autorule Index=0 Type=APP Protocol=TCP Resolution=ALLOW Direction=OUT NetworkType=ANY ObjectName=C:\Program Files (x86)\~M-folder\Mozilla\Firefox\firefox.exe Enabled=0 Never mind the actual values listed there... do your backed-up files have entries that look somewhat like that?
  20. W8.1, 64-bit, reinstalling EIS v11.7.0.6394, as advised in: http://support.emsisoft.com/topic/20057-possible-virtual-memory-problem-with-a2serviceexe/ I did a very thorough uninstall of EIS, several restarts, ran the Emsi diagnostic .bat file several times - before uninstall, during and after, and also made full registry backups before, during and after. I used Emsiclean to get rid of registry entries not removed by the ordinary installer. During the following install (using an installer I downloaded at 1356 on 20160519, it all went well until it tried to contact your servers to get uptodate signatures, when it said it couldn't connect. I ran your diagnostic .bat file at that point and all three of its traceroutes worked fine, and with similar routes & timings to the tracerts done before I started the uninstall. I continued on past this stage. When EIS started at the end of the install, the GUI showed up in orange saying the product was out of date. I noted at that point that ping/tracert issued from a command window failed (as I'd found several months ago, discussed at: http://support.emsisoft.com/topic/19819-new-to-eis-and-dont-understand-why-an-app-is-being-blocked/ ). As was true then, I have Windows set up thinking that I'm always (even at home) using a public network. Previously I'd eventually told EIS to set itself up as a Priivate network, so that ping etc issued from a command window would work. So I tried to do that again. I didn't work. Even with a reboot, and despite the 'Manage Networks' option "Use Windows settings for new connections" being unset, and "Category for new connections" being set to: Private network, the top part of the display still says that EIS thinks I'm on a Public Network. Before I tried the reboot with those settings, I also tried a slightly less drastic option: I unplugged the LAN cable, turned on debug logging, closed the GUI, reconnected the cable, re-opened the GUI, checked debugging was still on (yes), and went to Manage Networks... and observed the incorrect setting. Then I turned off that debug logging. Do you want those logs? Clicking on 'update now' in the GUI simply produces a message saying it can't connect to the servers.
  21. Are Sandboxie and ShadowDefender compatible with each other, and EIS?
  22. > .... ShadowDefender ... Is that like eg Sandboxie? (Which is something I have on my list fo things to investigate, but never seem to get around to...)