Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About mundial

  • Rank
  1. Thanks for saving my hand! My only doubt is whether it is safe to do so. Since learning mode involves rule creations, I wouldn't fancy a rogue. I know they are MS Updates, but you never know! So do you first check the digital signatures of the updates and then allow them to install in learning mode? Of course you have to download the updates manually for that.
  2. Hi, You have to wait for some time (or a few days) for responses. I had this same problem for sometime. Try this and let us know. I could get the login page in banking mode (hotmail, yahoo). As soon as I put the username and pwd and clicked 'submit' the browser couldn't load the following pages. Yesterday I couldn't reproduce this though. None of the pages were accessible in banking mode. Do update OA regularly and see if it goes away.
  3. Thanks. Yes i am aware and no it is happenng outside the sandbox. The first one worries me the most and it is just after system start, no sandbox or any virtualization involved.
  4. I didn't mean that at all, but yes if updates are the reason, then only updates.emsisoft.com and a few more (if you gather domain names for checking etc) and windowsupdate domains should be allowed, and not the entire Emsisof and MS domain. MS has come under attack quite a few times including loss of confidential data (customer details and financial details). Hence I, as an user would love to get a choice to block all domains during my banking transactions (may be except emsisoft updates, but then why not even that for the 10 mins of my secure banking).
  5. Thats because those two domains are hard coded and allowed even in banking mode. I woke to this very recently. I don't know the logic (and it defeats a very big part of banking mode security, IMHO). See this http://support.emsisoft.com/topic/7394-how-exactky-does-banking-mode-work/page__view__findpost__p__45029
  6. this becomes a pain while installing MS updates. Ther are trusted. But still a zillion autoruns pop up one after the other even after selecting remember my decision. Is there any way to suppress the pop ups? Thanks
  7. I have been using OA Premium for last 3 years. Everything has been working perfect. Suddenly after the quite a few things seem to be broken. 1. Block all network trafic malfunctions. My dialer still can connect to the Net, though browser can't connect to sites. Earlier even dialer couldn't connect to the Net. 2. Blocked domains just do not work, with/without *, even mentioning full top level domains. Again earlier this used to work perfectly. Only way to block is blocking by IP. The only change in my system is the replacement of Avira Antivir with Emsisoft Antimalware. No exclus
  8. Hi cat, let me first thank you here for all the replies in this and other threads. Now do the domains list work only for banking mode? In advanced mode, When I use mywot.com -> blocked or noscript.net -> blocked, firefox can still make connections, but not in banking mode.
  9. Which one to keep? Can they both exist? In case I need to switch one off, which one should I choose? Or rather which one is more exhaustive? Thanks.
  10. Learning mode picked up the following: lsass.exe, services.exe, svchost.exe and wininit.exe. I know I need to allow svchost.exe. What about the rest? Can I block them or will that stop my Internet access at some point, even if not immediately? Also why do they need incoming connections as picked up by learning mode? Is there any way to stop incoming connections (like default deny all incoming connections) other than select Protocol: BOTH, Deny: INBOUND, Add ports: 0-65535 for each program?
  11. Suddenly I got this pop up in OA Premium that System (Protocol:RAW) wants to access the Internet. What exactly is this System? For svchost or any other program I can see the location and type (e.g. exe), but this is just system with no exe file mentioned. And why does it suddenly want to access Internet? Shall I allow or keep it blocked? Additional details: Win Vista SP2, OA Premium System requests: Once port 445, other times none, no destination IP (not even local host, protocol:RAW I have "intercept loopback interface" & "enable active subnet scan" ticked. Thanks
  12. Thanks for the explanation catprincess. As you mentioned there was a firewall rule from learning mode (always present with svchost, wininit, lsass etc). I have my doubts on this too, but I'll open a new thread for this. Are there any other domains other than MS that are accessible by default? So whats the way to disable them? Put *microsoft.com* in blocked list?
  13. Isn't it NOT supposed to connect to any site other than the protected/trusted domain list? And if thats the case, how did Windows connect to Microsoft and activate itself on my PC? Or does it work in some other way? 1. Without asking for permission? and 2. When MS is not on my trusted/protected list? I have NOT checked 'automatically allow trusted programs to access the Net'. Thanks.OA Premium latest, Windows Vista SP2.
  14. Thanks a lot Fabian. I hope you do not mind if I post a link to this reply on the Wilderssecurity.com web site where I posted the same query.
  • Create New...