Ross MacGregor

Member
  • Content Count

    3
  • Joined

  • Last visited

Everything posted by Ross MacGregor

  1. Thanks, I switched to PowerArchiver. It's not free but it does a good job of encrypting my files and I trust it.
  2. How can you be so sure? Why is it spying on my running processes? I am not going to use an application that is acting like malware for my security needs. The author of the application admits that many anti-virus programs routinely flag his application as malware, but he pleads innocence. and the big bad anti-virus companies are just out to put down the little guy trying to offer a free security tool. http://blog.axantum.com/2012/07/anti-malware-vendors-here-we-go-again.html
  3. I just installed this popular file encryption software, the installer is signed and automatically trusted by OA. But when I ran it, I got these troubling warnings from Online armor. AxCrypt is trying to access multple processes running on my system. It looks very suspicious but maybe this is a side effect of some harmless activity? I've uninstallled it to be safe, but this is a very popular application, I'd like someone to double check to see if I'm being overly paranoid. Here are a sample of events from the OA history log: HISTORY ------------ Created: 7/18/2013 1:02:51 AM Summary: Program Guard: AxCrypt.exe -> cmd.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Windows\system32\cmd.exe(2688) Event type: Program Guard(9) Event action: Blocked(3) Created: 7/18/2013 1:02:45 AM Summary: Program Guard: kernel event Description: OADriver: OB_OPERATION_HANDLE_CREATE, 3784 -> 2340, Mask: 1FFFFF - 1FF414 Event type: Kernel event(26) Event action: None(1) Processes: PID: 2340 Name: conhost.exe PID: 3784 Name: AxCrypt.exe Created: 7/18/2013 1:02:45 AM Summary: Program Guard: AxCrypt.exe -> googledrivesync.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files (x86)\Google\Drive\googledrivesync.exe(3276) Event type: Program Guard(9) Event action: Blocked(3) Created: 7/18/2013 1:02:43 AM Summary: Program Guard: AxCrypt.exe -> googledrivesync.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files (x86)\Google\Drive\googledrivesync.exe(1476) Event type: Program Guard(9) Event action: Blocked(3) Created: 7/18/2013 1:02:43 AM Summary: Program Guard: kernel event Description: OADriver: OB_OPERATION_HANDLE_CREATE, 3784 -> 2688, Mask: 1FFFFF - 1FF414 Event type: Kernel event(26) Event action: None(1) Processes: PID: 2688 Name: cmd.exe PID: 3784 Name: AxCrypt.exe Created: 7/18/2013 1:02:42 AM Summary: Program Guard: AxCrypt.exe -> opera.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files (x86)\Opera\opera.exe(4372) Event type: Program Guard(9) Event action: Blocked(3) Created: 7/18/2013 1:02:42 AM Summary: Program Guard: kernel event Description: OADriver: OB_OPERATION_HANDLE_CREATE, 3784 -> 3276, Mask: 1FFFFF - 1FF414 Event type: Kernel event(26) Event action: None(1) Processes: PID: 3276 Name: googledrivesync.exe PID: 3784 Name: AxCrypt.exe Created: 7/18/2013 1:02:41 AM Summary: Program Guard: kernel event Description: OADriver: OB_OPERATION_HANDLE_CREATE, 3784 -> 1476, Mask: 1FFFFF - 1FF414 Event type: Kernel event(26) Event action: None(1) Processes: PID: 1476 Name: googledrivesync.exe PID: 3784 Name: AxCrypt.exe Created: 7/18/2013 1:02:41 AM Summary: Program Guard: AxCrypt.exe -> LCDClock.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe(4200) Event type: Program Guard(9) Event action: Blocked(3) Created: 7/18/2013 1:02:38 AM Summary: Program Guard: AxCrypt.exe -> LCDCountdown.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe(4544) Event type: Program Guard(9) Event action: Blocked(3) Created: 7/18/2013 1:02:38 AM Summary: Program Guard: kernel event Description: OADriver: OB_OPERATION_HANDLE_CREATE, 3784 -> 4372, Mask: 1FFFFF - 1FF414 Event type: Kernel event(26) Event action: None(1) Processes: PID: 3784 Name: AxCrypt.exe PID: 4372 Name: opera.exe Created: 7/18/2013 1:02:29 AM Summary: Program Guard: AxCrypt.exe -> CTXFISPI.EXE Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Windows\SysWOW64\CTXFISPI.EXE(4292) Event type: Program Guard(9) Event action: Allowed(2) Created: 7/18/2013 1:02:27 AM Summary: Program Guard: AxCrypt.exe -> CorsTra.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files (x86)\Corsair\M60 Mouse\CorsTra.exe(3388) Event type: Program Guard(9) Event action: Allowed(2) Created: 7/18/2013 1:02:21 AM Summary: Program Guard: AxCrypt.exe -> dopus.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files\GPSoftware\Directory Opus\dopus.exe(3384) Event type: Program Guard(9) Event action: Allowed(2) Created: 7/18/2013 1:01:54 AM Summary: Program Guard: kernel event Description: OADriver: OB_OPERATION_HANDLE_CREATE, 3784 -> 3388, Mask: 1FFFFF - 1FF414 Event type: Kernel event(26) Event action: None(1) Processes: PID: 3388 Name: CorsTra.exe PID: 3784 Name: AxCrypt.exe Created: 7/18/2013 1:00:54 AM Summary: Program Guard: kernel event Description: OADriver: OB_OPERATION_HANDLE_CREATE, 3784 -> 3384, Mask: 1FFFFF - 1FF414 Event type: Kernel event(26) Event action: None(1) Processes: PID: 3384 Name: dopus.exe PID: 3784 Name: AxCrypt.exe Created: 7/18/2013 12:59:54 AM Summary: Program Guard: AxCrypt.exe -> jusched.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(3520) Event type: Program Guard(9) Event action: Allowed(2) Created: 7/18/2013 12:59:44 AM Summary: Program Guard: AxCrypt.exe -> Ctxfihlp.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Windows\SysWOW64\Ctxfihlp.exe(3636) Event type: Program Guard(9) Event action: Allowed(2) Created: 7/18/2013 12:59:42 AM Summary: Program Guard: AxCrypt.exe -> iusb3mon.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(3176) Event type: Program Guard(9) Event action: Allowed(2) Created: 7/18/2013 12:59:38 AM Summary: Program Guard: AxCrypt.exe -> dopusrt.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe(3228) Event type: Program Guard(9) Event action: Allowed(2) Created: 7/18/2013 12:59:27 AM Summary: Program Guard: kernel event Description: OADriver: OB_OPERATION_HANDLE_CREATE, 3784 -> 3660, Mask: 1FFFFF - 1FF414 Event type: Kernel event(26) Event action: None(1) Processes: PID: 3660 Name: oaui.exe PID: 3784 Name: AxCrypt.exe Created: 7/18/2013 12:59:27 AM Summary: Program Guard: AxCrypt.exe -> KHALMNPR.EXE Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE(3064) Event type: Program Guard(9) Event action: Allowed(2) Created: 7/18/2013 12:59:15 AM Summary: Program Guard: AxCrypt.exe -> SetPoint.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Program Files\Logitech\SetPointP\SetPoint.exe(2428) Event type: Program Guard(9) Event action: Allowed(2) Created: 7/18/2013 12:59:08 AM Summary: Program Guard: AxCrypt.exe -> igfxpers.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Windows\System32\igfxpers.exe(2344) Event type: Program Guard(9) Event action: Allowed(2) Created: 7/18/2013 12:58:07 AM Summary: Program Guard: AxCrypt.exe -> dwm.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to open C:\Windows\System32\dwm.exe(1812) Event type: Program Guard(9) Event action: Allowed(2) Created: 7/18/2013 12:57:47 AM Summary: Program Guard: kernel event Description: OADriver: OB_OPERATION_HANDLE_CREATE, 4472 -> 3660, Mask: 40 - 100000 Event type: Kernel event(26) Event action: None(1) Processes: PID: 3660 Name: oaui.exe PID: 4472 Name: explorer.exe Created: 7/18/2013 12:57:29 AM Summary: Program Guard: AxCrypt.exe -> dopus.exe Description: C:\Program Files\Axantum\AxCrypt\AxCrypt.exe(3784) wants to remotely control C:\Program Files\GPSoftware\Directory Opus\dopus.exe(3384) Event type: Program Guard(9) Event action: Allowed(2)