mundial

Member
  • Content count

    18
  • Joined

  • Last visited

Community Reputation

1 Neutral

About mundial

  • Rank
    Member
  • Birthday
  1. Thanks for saving my hand! My only doubt is whether it is safe to do so. Since learning mode involves rule creations, I wouldn't fancy a rogue. I know they are MS Updates, but you never know! So do you first check the digital signatures of the updates and then allow them to install in learning mode? Of course you have to download the updates manually for that.
  2. Thanks a lot Fabian. I am sure that this will put to rest all queries about permissible connections during banking mode. My suggestion to you is to kindly put it in the OA documentation at your convenience so that we can immediately see the list while reading about banking mode.Thanks again
  3. Sorry for gatecrashing here. Fabian, is it possible for you to give out the list, so we know at least which domains can be accessed in banking mode?
  4. Hi, You have to wait for some time (or a few days) for responses. I had this same problem for sometime. Try this and let us know. I could get the login page in banking mode (hotmail, yahoo). As soon as I put the username and pwd and clicked 'submit' the browser couldn't load the following pages. Yesterday I couldn't reproduce this though. None of the pages were accessible in banking mode. Do update OA regularly and see if it goes away.
  5. Is this list publicly available?
  6. Thanks. Yes i am aware and no it is happenng outside the sandbox. The first one worries me the most and it is just after system start, no sandbox or any virtualization involved.
  7. I didn't mean that at all, but yes if updates are the reason, then only updates.emsisoft.com and a few more (if you gather domain names for checking etc) and windowsupdate domains should be allowed, and not the entire Emsisof and MS domain. MS has come under attack quite a few times including loss of confidential data (customer details and financial details). Hence I, as an user would love to get a choice to block all domains during my banking transactions (may be except emsisoft updates, but then why not even that for the 10 mins of my secure banking).
  8. Thats because those two domains are hard coded and allowed even in banking mode. I woke to this very recently. I don't know the logic (and it defeats a very big part of banking mode security, IMHO). See this http://support.emsisoft.com/topic/7394-how-exactky-does-banking-mode-work/page__view__findpost__p__45029
  9. this becomes a pain while installing MS updates. Ther are trusted. But still a zillion autoruns pop up one after the other even after selecting remember my decision. Is there any way to suppress the pop ups? Thanks
  10. I have been using OA Premium for last 3 years. Everything has been working perfect. Suddenly after the 5.5.0.1557 quite a few things seem to be broken. 1. Block all network trafic malfunctions. My dialer still can connect to the Net, though browser can't connect to sites. Earlier even dialer couldn't connect to the Net. 2. Blocked domains just do not work, with/without *, even mentioning full top level domains. Again earlier this used to work perfectly. Only way to block is blocking by IP. The only change in my system is the replacement of Avira Antivir with Emsisoft Antimalware. No exclusions in any product. Win Vista SP2.
  11. Hi cat, let me first thank you here for all the replies in this and other threads. Now do the domains list work only for banking mode? In advanced mode, When I use mywot.com -> blocked or noscript.net -> blocked, firefox can still make connections, but not in banking mode.
  12. Which one to keep? Can they both exist? In case I need to switch one off, which one should I choose? Or rather which one is more exhaustive? Thanks.
  13. Learning mode picked up the following: lsass.exe, services.exe, svchost.exe and wininit.exe. I know I need to allow svchost.exe. What about the rest? Can I block them or will that stop my Internet access at some point, even if not immediately? Also why do they need incoming connections as picked up by learning mode? Is there any way to stop incoming connections (like default deny all incoming connections) other than select Protocol: BOTH, Deny: INBOUND, Add ports: 0-65535 for each program?
  14. Suddenly I got this pop up in OA Premium that System (Protocol:RAW) wants to access the Internet. What exactly is this System? For svchost or any other program I can see the location and type (e.g. exe), but this is just system with no exe file mentioned. And why does it suddenly want to access Internet? Shall I allow or keep it blocked? Additional details: Win Vista SP2, OA Premium 5.5.0.1557. System requests: Once port 445, other times none, no destination IP (not even local host, protocol:RAW I have "intercept loopback interface" & "enable active subnet scan" ticked. Thanks
  15. Thanks for the explanation catprincess. As you mentioned there was a firewall rule from learning mode (always present with svchost, wininit, lsass etc). I have my doubts on this too, but I'll open a new thread for this. Are there any other domains other than MS that are accessible by default? So whats the way to disable them? Put *microsoft.com* in blocked list?