Katsuro

Member
  • Content Count

    14
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Katsuro

  • Rank
    Member

Recent Profile Visitors

1012 profile views
  1. Thanks for the response Arthur. Just to give a total breakdown of what I have done. As you know the last time I posted we had removed Emsisoft from the computer and the EyeMD software worked fine. After reading your post I have done the following. 1. Tested to make sure EyeMD still functioned before the reinstall of Emsisoft and it was functioning correctly and it was indeed still working. 2. Attempted to reinstall Emsisoft. It said there was remaining files from the previous install so it needed to restart the computer before it could proceed so I told it to restart the computer. 3. Re-ran the Emsisoft installer and it installed without a hitch. I licensed it once again. 4. Attempted to run EyeMD and found that it was no longer working again. 5. Opened Emsisoft and added all EyeMD executables to the Behavior Blocker (as Trusted). Then went into Scanning and Monitoring and added the folders there. I have attached screenshots of that. 6. Rebooted the computer and just for the fun of it I disabled Fast Startup. We typically try to do this in all of our environments. 7. Opened EyeMD and it was unable to open once again. 8. Uninstalled Emsisoft. After Emsisoft was uninstalled I opened EyeMD and it opened just fine. Just to reiterate this is happening on all workstations in their office. Wanted to mention that to eliminate any suspicion of a computer specific issue and these workstations are Windows 10 as well. I'm curious if the customer has a Windows 7 workstation to maybe see if there was some weird reaction with Emsisoft and Windows 10. If you think that may be a possibility I can certainly look into checking if there is a Windows 7 workstation we can test Emsisoft/EyeMD on. The one thing I find interesting is Emsisoft is also installed on their server (Server 2008 R2) and EyeMD opens just fine and runs without any rules in behavior blocker or the exclusions of the file guard (for both scanning and monitoring). I don't know if Emsisoft is just having some sort of problem with the way the software is connecting over the LAN to the server vs the EyeMD opening locally on the server and just connecting to localhost (or it's own LAN IP). The EyeMD software "opens" fine on these workstations but it's hinting at some sort of connection issue when it's getting blocked or when I say it isn't working.
  2. Posting this here because I'm not sure where to go or how to approach this issue. Client of mine uses a program called EyeMD which is server/client EMR software based on MSSQL. For some reason Emsisoft appears to be blocking this program. No matter what exclusion I add I can't get the software to work. Even disabling Emsisoft does not get it to work and the only time it will work is when I uninstall Emsisoft. Not sure why the disable doesn't work but removing Emsisoft does. Made sure there was exclusions in both file blocker and behavior blocker but it doesn't work. I do not see anything in Emsisoft's logs either that indicate that it is blocking this software but I can only come to the conclusion that it is blocking it since it works perfectly fine when Emsisoft is removed. If you need logs or any additional information I'll gladly post it here.
  3. Yes, We also see this issue on a new Windows 10 machine. It froze at 8% for us too.
  4. Here is a zip file containing the EmsisoftDiag output and the FRST files of two machines that were having the issues. As I have said in my post previously - Reinstalling Emsisoft resolves the issue for some reason. We will try the Windows Defender workaround on a machine to see if that changes any outcome. 808DiagInfo.zip
  5. Okay, will give that a try. I will be providing two more sets of logs on machines currently in my office shortly but I will try the exclusion.
  6. None of the systems have ever had Comodo installed on them. I have encountered this issue on two machines myself today. Attached is the diagnostic information from the Emsisoft tool before reinstalling Emsisoft. EmsisoftDiagLog.txt
  7. We have a few clients of ours that is experiencing the same issue. I haven't had a chance to gather any log information till this customer. Here is all the log information I have. 4/25/18 @ 8:39pm. Problem signature Problem Event Name: APPCRASH Application Name: a2service.exe Application Version: 2018.3.1.8572 Application Timestamp: 5acb5d54 Fault Module Name: ntdll.dll Fault Module Version: 10.0.16299.334 Fault Module Timestamp: e508fc03 Exception Code: c0000005 Exception Offset: 000000000001d14c OS Version: 10.0.16299.2.0.0.768.101 Locale ID: 1033 Additional Information 1: abcc Additional Information 2: abcc8f7853b48d9807d6d51eb1fa5df9 Additional Information 3: abcc Additional Information 4: abcc8f7853b48d9807d6d51eb1fa5df9 Extra information about the problem Bucket ID: f546f896b06d48e3afdd7143cfe261bc (2296115921093288380) 4/25/18 @ 8:39pm. Problem signature Problem Event Name: BEX64 Application Name: a2service.exe Application Version: 2018.3.1.8572 Application Timestamp: 5acb5d54 Fault Module Name: StackHash_2264 Fault Module Version: 0.0.0.0 Fault Module Timestamp: 00000000 Exception Offset: PCH_84 Exception Code: c0000005 Exception Data: 0000000000000008 OS Version: 10.0.16299.2.0.0.768.101 Locale ID: 1033 Additional Information 1: 2264 Additional Information 2: 2264db07e74365624c50317d7b856ae9 Additional Information 3: 875f Additional Information 4: 875fa2ef9d2bdca96466e8af55d1ae6e Extra information about the problem Bucket ID: cb86500791ae58132a7e97c612d496a7 (1909130169026909863) 4/25/18 @ 8:40pm. Problem signature Problem Event Name: BEX64 Application Name: a2service.exe Application Version: 2018.3.1.8572 Application Timestamp: 5acb5d54 Fault Module Name: StackHash_2264 Fault Module Version: 0.0.0.0 Fault Module Timestamp: 00000000 Exception Offset: PCH_84 Exception Code: c0000005 Exception Data: 0000000000000008 OS Version: 10.0.16299.2.0.0.768.101 Locale ID: 1033 Additional Information 1: 2264 Additional Information 2: 2264db07e74365624c50317d7b856ae9 Additional Information 3: 875f Additional Information 4: 875fa2ef9d2bdca96466e8af55d1ae6e Extra information about the problem Bucket ID: cb86500791ae58132a7e97c612d496a7 (1909130169026909863) 4/25/18 @ 8:40pm. Problem signature Problem Event Name: BEX64 Application Name: a2service.exe Application Version: 2018.3.1.8572 Application Timestamp: 5acb5d54 Fault Module Name: StackHash_2264 Fault Module Version: 0.0.0.0 Fault Module Timestamp: 00000000 Exception Offset: PCH_84 Exception Code: c0000005 Exception Data: 0000000000000008 OS Version: 10.0.16299.2.0.0.768.101 Locale ID: 1033 Additional Information 1: 2264 Additional Information 2: 2264db07e74365624c50317d7b856ae9 Additional Information 3: 875f Additional Information 4: 875fa2ef9d2bdca96466e8af55d1ae6e Extra information about the problem Bucket ID: cb86500791ae58132a7e97c612d496a7 (1909130169026909863) 4/25/18 @ 8:43pm. Problem signature Problem Event Name: APPCRASH Application Name: a2service.exe Application Version: 2018.3.1.8572 Application Timestamp: 5acb5d54 Fault Module Name: ntdll.dll Fault Module Version: 10.0.16299.334 Fault Module Timestamp: e508fc03 Exception Code: c0000005 Exception Offset: 000000000001d14c OS Version: 10.0.16299.2.0.0.768.101 Locale ID: 1033 Additional Information 1: abcc Additional Information 2: abcc8f7853b48d9807d6d51eb1fa5df9 Additional Information 3: abcc Additional Information 4: abcc8f7853b48d9807d6d51eb1fa5df9 Extra information about the problem Bucket ID: f546f896b06d48e3afdd7143cfe261bc (2296115921093288380) 4/25/18 @ 8:44pm. Faulting application name: a2service.exe, version: 2018.3.1.8572, time stamp: 0x5acb5d54 Faulting module name: a2service.exe, version: 2018.3.1.8572, time stamp: 0x5acb5d54 Exception code: 0xc0000005 Fault offset: 0x000000000000fbc5 Faulting process id: 0x17f8 Faulting application start time: 0x01d3dd29f689ece3 Faulting application path: C:\Program Files\Emsisoft Anti-Malware\a2service.exe Faulting module path: C:\Program Files\Emsisoft Anti-Malware\a2service.exe Report Id: 6a70efda-2562-481e-be11-08397a0e5a96 Faulting package full name: Faulting package-relative application ID: Then the machine was totally locked up (no BSOD) and they had to force a restart. The previous system shutdown at 8:45:09 PM on 4/25/2018 was unexpected. Then again today. Here are the logs from today. 4/16/18 @ 3:16pm. Problem signature Problem Event Name: APPCRASH Application Name: a2service.exe Application Version: 2018.3.1.8572 Application Timestamp: 5acb5d54 Fault Module Name: a2service.exe Fault Module Version: 2018.3.1.8572 Fault Module Timestamp: 5acb5d54 Exception Code: c0000005 Exception Offset: 000000000000fbc5 OS Version: 10.0.16299.2.0.0.768.101 Locale ID: 1033 Additional Information 1: 136f Additional Information 2: 136fcb3dc2c33c68a7227035c36a2916 Additional Information 3: a20e Additional Information 4: a20e0a7c5c148753e1be3574c1bc67ae Extra information about the problem Bucket ID: 72198391b6715d90e0200c2033fcbbc6 (1161942036312275910) 4/26/18 @ 3:16pm. Problem signature Problem Event Name: APPCRASH Application Name: a2service.exe Application Version: 2018.3.1.8572 Application Timestamp: 5acb5d54 Fault Module Name: a2service.exe Fault Module Version: 2018.3.1.8572 Fault Module Timestamp: 5acb5d54 Exception Code: c0000005 Exception Offset: 000000000000fbc5 OS Version: 10.0.16299.2.0.0.768.101 Locale ID: 1033 Additional Information 1: 136f Additional Information 2: 136fcb3dc2c33c68a7227035c36a2916 Additional Information 3: a20e Additional Information 4: a20e0a7c5c148753e1be3574c1bc67ae Extra information about the problem Bucket ID: 72198391b6715d90e0200c2033fcbbc6 (1161942036312275910) 4/26/18 @ 3:17pm. Faulting application name: a2service.exe, version: 2018.3.1.8572, time stamp: 0x5acb5d54 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000000000000 Faulting process id: 0x3e0 Faulting application start time: 0x01d3ddc56d05db48 Faulting application path: C:\Program Files\Emsisoft Anti-Malware\a2service.exe Faulting module path: unknown Report Id: 4980c5b7-6c0c-4fc4-88f9-c17afaa8550d Faulting package full name: Faulting package-relative application ID: Then again - Machine locked up (no BSOD) and they have to force the machine off via power button. The previous system shutdown at 3:16:45 PM on ‎4/‎26/‎2018 was unexpected. We have a fairly large customer base and are seeing this occur on quite a few machines. So far it seems like uninstalling and reinstalling Emsisoft resolves the issue. I'm not 100% sure since we have not had a customer complain since reinstalling Emsisoft but I'm going to stick with that assumption since we haven't had anyone call us with this issue after a reinstall.
  8. Cool, thanks for all your hard work. If we ever run into any other issues I'll be sure to report them for you guys.
  9. Tried installing the current version of Emsisoft on three different servers. Two of which is Server 2008 and the third one was Server 2012. Seems to be an issue on all server OS's. It appears to be the Installer - not Emsisoft itself. We are able to download Emsisoft but get this when running the download. We do not have any issues with server's that already has Emsisoft installed.