Jump to content


Photo
- - - - -

Online Armor versus Flame worm - failure


  • Please log in to reply
2 replies to this topic

#1 Paweł Smotryś

Paweł Smotryś

    Active Member

  • Tester
  • PipPipPip
  • 90 posts
  • LocationNetherlands
  • OS:Windows 8.1 x64
  • AV:Emsisoft Anti-Malware
  • HIPS:Online Armor Premium
  • Other:HitmanPro

Posted 16 June 2012 - 07:28 AM

Take a look:

Posted Image


#2 Christian Peters

Christian Peters

    Forum Veteran

  • Emsisoft Employee
  • 1745 posts

Posted 16 June 2012 - 10:44 AM

Hello,

The Flame malware use a valid Microsoft cert so Online Armor trust this executable automatically.

You can read more about this on http://blogs.technet...cate-store.aspx .

What happens if you turn off the option "In addition, automatically trust programs signed with valid digital signatures" on section Programs tab Options and run the Flame setup again?
Christian Peters [Support]
Emsisoft Team - www.emsisoft.com

#3 Paweł Smotryś

Paweł Smotryś

    Active Member

  • Tester
  • PipPipPip
  • 90 posts
  • LocationNetherlands
  • OS:Windows 8.1 x64
  • AV:Emsisoft Anti-Malware
  • HIPS:Online Armor Premium
  • Other:HitmanPro

Posted 19 June 2012 - 08:09 AM

What happens if you turn off the option "In addition, automatically trust programs signed with valid digital signatures" on section Programs tab Options and run the Flame setup again?

OA shows then a few popups with information about activity of the worm.

Posted Image





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users