JeremyNicoll

Member
  • Content Count

    1818
  • Joined

  • Last visited

  • Days Won

    28

Posts posted by JeremyNicoll


  1. Unlike the previous problem, this one doesn't seem to implicate the paged or non-paged pool.   Nor is a2service's working set ever large.    It's simply that the commit size grows rapidly, always eventually causong Windows to tell me to shut programmes immediately - which is when I reboot.   Starting Firefox (which was at v49.0.1 yesterday but is now v49.0.2) immediately increases commit size markedly.  

     

    Using SysInternals' VMmap suggests the committed VS is all in a2service's use of 'private data' (ie not stack or mapped files, or heap storage etc) and that same classification of storage use (private data) has only a WS or about 70 MB.  This looks to me like a virtual storage memory leak. 


  2. I meant to say: this machine has barely been on in the last few days so hasn't had an earlier opportunity to show EIS 12 problems.  Some of tonight's reboots have been prompted by Windows' error box saying machine is about to run out of memory.  I've also had Firefox (about the only program of note that is running) crash at times that Task Manager shows memory use is more than 90% of the available VS total.   In last few mins a2service.exe just did an update, I think, and its Commit Size is now 9,849,820 K ... it's ridiculous.


  3. This looks just like the issue discussed at length in problem  http://support.emsisoft.com/topic/20057-possible-virtual-memory-problem-with-a2serviceexe/  - which did more or less clear up at some point in the last months, though sometimes seemed to come back for a few days.

     

    Right now, I've had to reboot my W8.1 machine twice in the last two hours or so, because each time  Windows'  Task Manager has shown   a2service.exe  having  Commit Size values which climb and climb.   Right now, on this  machine with 8 GB of real RAM, plus some paging space,  that Commit Size is > 9.5 GB.  It's only taken about 30-40 minutes to climb that high.   IIRC when things are working 'normally' the value is somewhere between 0.5 and 1 GB and is stable.


  4. I don't know; I've hit another bad patch health-wise and been using the machine much less in the

    last few weeks.  I've also pre-emptively restarted it a lot more.  I have the impression that the

    problem is still with me.  It was always clear that memory use could be stable for hours then shoot

    up then be stable-ish again, ie it must have depended a bit on what I was using the machine for. 

    Maybe whatever activity that was hasn't been so prevalent? 

     

    Also, I seem to remember that I got bogged down in other problems when I did the reinstall you'd

    asked for - not being able to persuade EIS that I was running in a private network.

     

    I do not expect to have time to think about either of these issues until next week at the earliest.


  5. Having logged out of the busy userid and in as the admin one, nothing (that I'd choose to start) was running.  Is there any chance of you guys changing the (basically useless)

    error message so that it gives some sort of clue to what went wrong - a resolver problem, a funny status code from your server, or whatever?

     

    Anyway... isn't the only thing on the machine that should be capable of interfering with connectivity... EIS?


  6. EIS 11.8.0.6465, W8.1 64bit

     

    I've been browsing a lot today and memory use had got very high, so it was time for a restart.  Just before doing that I

    logged out of my normal userid and in as my Admin one (to do something I need to do for each userid every so often).

    While there, EIS popped-up an alert saying

       "An unexpected internal processing error occurred. Please contact the support team."

    The Security Overview screen showed no errors.

     

    I did the restart I was planning to do; now I'm logged back in as the day-to-day user.   The update log's most recent

    entry has an entry saying "connection error" which when expanded says:

     

      General Information:

    Update started: 04/06/2016 17:59:54
    Update ended: 04/06/2016 17:59:55
    Time elapsed: 0:00:01

    Connection error

    Detailed Information:

    0 modules, 0 bytes

     

    I've triggered a manual update which worked fine.
     

     


  7. > I received your logs, and I don't see any problems in them...

     

    OK; I think it's interesting that when the GUI fails to contact the servers it decides very quickly that such contact 

    is impossible.  IIRC each time I clicked on the retry button, it was only a second or so later that it said it couldn't

    make contact.  Maybe there's just a far-too-short timeout somewhere?

     

    > I assume you're still having the issue with the firewall and changing between public/private?

     

    Yes.  EIS here updated to v11.8.0.6465 about 25 hours ago, and the PC has been switched off between then and

    earlier today, so has had a reboot and (presumably) a 'new connection', but still shows me as being on a Public

    network despite the settings saying: "Category for new connections" Private, and "Use Windows settings" not

    being selected.  

     

    I did, just now, try changing the "Category" value to Public, then clicking OK, then exiting the GUI, unplugging &

    replugging the LAN cable & going back to that dialog - to see it said Public (which of course proves nothing), then

    changing "Category" back to Private. clicking OK, exiting the GUI, unplug/replug... etc... but after that it still says Public.


  8. Thank-you.  The memory thing I'll pursue on the other thread, but wait until this oddity is fixed in case it's somehow related or you want me again to uninstall and re-install.

     

    Do you have any thoughts about the installer/EIS being unable to contact update servers during the install, even though the tracert's in the diagnostic .bat that I ran while

    in th emiddle of the install, before trying again and finally continuing past that stage, worked just fine.  (See screenshot for "can't connect".)  Output from them was:

     

    -----------------------------
    - Traceroute Update Servers -
    -----------------------------

    Checking update.emsisoft.com:

    Tracing route to update.emsisoft.com [136.243.128.18]
    over a maximum of 30 hops:

      1    <1 ms    <1 ms    <1 ms  192.168.1.1
      2    23 ms    22 ms    21 ms  cpc9-sgyl32-2-0-gw.18-2.cable.virginm.net [82.44.24.1]
      3     6 ms     7 ms     7 ms  sgyl-core-2a-xe-212-0.network.virginmedia.net [82.13.247.21]
      4     *        *        *     Request timed out.
      5     *        *        *     Request timed out.
      6     *        *        *     Request timed out.
      7    14 ms    28 ms    15 ms  nrth-bb-1c-ae0-0.network.virginmedia.net [62.254.42.134]
      8    32 ms    32 ms    34 ms  fran-ic-2-ae0-0.network.virginmedia.net [62.254.42.178]
      9    37 ms    35 ms    36 ms  decix-gw.hetzner.de [80.81.192.164]
     10    39 ms    40 ms    39 ms  core23.hetzner.de [213.239.203.154]
     11    44 ms    41 ms    42 ms  ex9k2.rz21.hetzner.de [213.239.203.190]
     12    42 ms    40 ms    42 ms  api1.emsisoft.com [136.243.128.18]

    Trace complete.

    Server:  cache1.service.virginmedia.net
    Address:  194.168.4.100

    Name:    update.emsisoft.com
    Address:  136.243.128.18



    Checking dl.emsisoft.com:

    Tracing route to gs1.wpc.v2cdn.net [93.184.221.133]
    over a maximum of 30 hops:

      1    <1 ms    <1 ms    <1 ms  192.168.1.1
      2     8 ms     8 ms    15 ms  cpc9-sgyl32-2-0-gw.18-2.cable.virginm.net [82.44.24.1]
      3     5 ms     7 ms     7 ms  sgyl-core-2b-xe-212-0.network.virginmedia.net [82.13.247.57]
      4     *        *        *     Request timed out.
      5     *        *        *     Request timed out.
      6     *        *        *     Request timed out.
      7    21 ms    22 ms    22 ms  tcl5-ic-5-ae0-0.network.virginmedia.net [62.254.84.66]
      8    18 ms    19 ms    28 ms  195.66.236.62
      9    20 ms    20 ms    19 ms  93.184.221.133

    Trace complete.

    Server:  cache1.service.virginmedia.net
    Address:  194.168.4.100

    Name:    gs1.wpc.v2cdn.net
    Address:  93.184.221.133
    Aliases:  dl.emsisoft.com
          wpc.AC4D.edgecastcdn.net



    Checking cdn.emsisoft.com:

    Tracing route to cds.z9k5w6b8.hwcdn.net [205.185.216.42]
    over a maximum of 30 hops:

      1    <1 ms    <1 ms    <1 ms  192.168.1.1
      2    23 ms     9 ms     7 ms  cpc9-sgyl32-2-0-gw.18-2.cable.virginm.net [82.44.24.1]
      3     7 ms     7 ms     8 ms  sgyl-core-2a-xe-212-0.network.virginmedia.net [82.13.247.21]
      4     *        *        *     Request timed out.
      5     *        *        *     Request timed out.
      6     *        *        *     Request timed out.
      7     *        *        *     Request timed out.
      8    19 ms    22 ms    17 ms  tele-ic-8-ae5-0.network.virginmedia.net [62.252.224.94]
      9    24 ms    24 ms    24 ms  m398-mp2.cvx3-a.ltn.dial.ntli.net [213.104.85.142]
     10    20 ms    19 ms    19 ms  ae0.r3.lo.hwng.net [209.197.0.229]
     11    16 ms    19 ms    19 ms  209.197.10.122
     12    19 ms    19 ms    19 ms  map2.hwcdn.net [205.185.216.42]

    Trace complete.

    Server:  cache1.service.virginmedia.net
    Address:  194.168.4.100

    Name:    cds.z9k5w6b8.hwcdn.net
    Addresses:  205.185.216.10
          205.185.216.42
    Aliases:  cdn.emsisoft.com
     

    post-25439-0-25946800-1464187232_thumb.jpg
    Download Image


  9. I noticed last night that the EIS shield had suddenly turned green, having been
    amber for a couple of days.  Logs - Update shows 'Connection error' many times
    from around 10am on 23rd, to early afternoon on the 24th, then starts working &
    has worked since then.

    Protection - Firewall - Manage Networks STILL shows that I'm on a Public Network
    even though I wanted 'new connections' to be Private & Windows isn't supposed to
    be making that decision.

    And, kernel non-paged pool memory use for the first day or so (while EIS was not
    uptodate) did grow, but only very slowly, staying around 720 KB for five hours then
    over 6 hours increasing to 2 MB.  But later yesterday it went up to 350 MB and now
    it's up to just over one GB.

    Interestingly, for the first day or so of the newly-installed EIS, I was logged-in
    as my admin id, which I don't normally use for day-to-day stuff, but do use when I'm
    uninstalling & installing things.  I stayed logged in as that for a day or so after
    I hit the problem bringing signatures uptodate, and classifying the network properly,
    hoping there would be a quick fix.  It wasn't until 1311 on 24th that I logged-out &
    then in as my ordinary user... and it looks as if the next update attempt after that
    was the first of the ones that worked.

    I have made no manual changes to any rules or settings, so far, except for trying to
    get the network type to accept Private, and having debug logs on for a while.


  10. You could send them as a PM (private message) to GT500; to do that hover the mouse over his name (at the top lefthand part of one of his posts) and choose 'Send Message'.  When the simple editor opens up a window for you to write that message, click on 'Use full editor' at the bottom of that pane.  The editor that opens up has options for attaching files just to that private message.


  11. Do you know which version you uninstalled, and made the backups from?   And which version did you (re)install?

     

    If you look at the .ini files in the installation folder, probably C:\Program Files\Emsisoft Internet Security\, by right-clicking them and opening them in Notepad, do they look similar to the backed-up settings files - that is, plain text?   In my a2rules.ini, for example, there's a pair of entries (one is the 'application rule', the other a firewall rule) for Firefox, looking like:

     

    [C:\Program Files (x86)\~M-folder\Mozilla\Firefox\firefox.exe]
    Revision=4
    SectionType=1
    SHA1=BFD15925DCD4376358009266DD389FE595C74591
    GUID={8B015EBF-C72F-499C-8BBA-C9DA2D01E889}
    Action=1
    Worm=0
    Dialer=0
    Backdoor=0
    Hijacker=0
    Inject=0
    Downloader=0
    Spyware=0
    Service=0
    KeyLogger=0
    Startup=0
    HiddenInstall=0
    Virus=0
    Hosts=0
    Rootkit=0
    BrowserSettings=0
    Debugger=0
    RemoteControl=0
    DirectDiskAccess=0
    SystemPolicies=0
    Exploit=0
    CryptoMalware=0
    Updated=1

    [FirewallRules_8B015EBFC72F499C8BBAC9DA2D01E889_D114142AE71E414AB74AA81FCC436D97]
    Revision=1
    SectionType=2
    Name=Autorule
    Index=0
    Type=APP
    Protocol=TCP
    Resolution=ALLOW
    Direction=OUT
    NetworkType=ANY
    ObjectName=C:\Program Files (x86)\~M-folder\Mozilla\Firefox\firefox.exe
    Enabled=0

     

     

    Never mind the actual values listed there... do your backed-up files have entries that look somewhat like that?

     


  12. W8.1, 64-bit, reinstalling EIS v11.7.0.6394, as advised in: http://support.emsisoft.com/topic/20057-possible-virtual-memory-problem-with-a2serviceexe/

     

    I did a very thorough uninstall of EIS, several restarts, ran the Emsi diagnostic .bat file several times - before uninstall, during and after, and also made full registry backups before, during and after.    I used Emsiclean  to get rid of registry entries not removed by the ordinary installer. 

     

    During the following install (using an installer I downloaded at 1356 on 20160519, it all went well until it tried to contact your servers to get uptodate signatures, when it said it couldn't connect.  I ran your diagnostic .bat file at that point and all three of its traceroutes worked fine, and with similar routes & timings to the tracerts done before I started the uninstall.  I continued on past this stage.

     

    When EIS started at the end of the install, the GUI showed up in orange saying the product was out of date.  I noted at that point that ping/tracert issued from a command window failed (as I'd found several months ago, discussed at: http://support.emsisoft.com/topic/19819-new-to-eis-and-dont-understand-why-an-app-is-being-blocked/ ). 

     

    As was true then, I have Windows set up thinking that I'm always (even at home) using a public network.  Previously I'd eventually told EIS to set itself up as a Priivate network, so that ping etc issued from a command window would work.  So I tried to do that again.  I didn't work.  Even with a reboot, and despite the 'Manage Networks' option "Use Windows settings for new connections" being unset, and "Category for new connections" being set to: Private network, the top part of the display still says that EIS thinks I'm on a Public Network.  

     

    Before I tried the reboot with those settings, I also tried a slightly less drastic option:  I unplugged the LAN cable, turned on debug logging, closed the GUI, reconnected the cable,  re-opened the GUI, checked debugging was still on (yes), and went to Manage Networks... and observed the incorrect setting.  Then I 

    turned off that debug logging.  Do you want those logs?

     

     

    Clicking on 'update now' in the GUI simply produces a message saying it can't connect to the servers.