harsha

Member
  • Content Count

    31
  • Joined

  • Last visited

Community Reputation

0 Neutral

About harsha

  • Rank
    Member
  • Birthday 11/28/1985

Profile Information

  • Gender
    Male
  • Location
    India
  1. Hi, When updating my Office 2010 (32 bit) thru windows updater, i was presented with numerous pop-ups (pls. see screenshot 1) and had to activate OA's learning mode in order to continue Office updates. 1) Since MS Office 2010 is a trusted application, i wonder whether OA should present any alerts to the user at all? (pls. see screenshot 1) So, after rebooting machine (after office is updated), i got following pop-up (screenshot 2). I am not sure why lsass.exe isn't a trusted process? (though OASIS says that it is not digitally signed). Am i missing some thing here? OS - W7 Prof 64 bit Security S/w2 - OA Premium v5.1 + NOD 32 v5 AV Office 2010 update details - Service Pack 1 for Microsoft Office 2010 (KB2510690) 32-bit Edition Thanks, Harsha
  2. Sorry, wanted to be clear enough here. Would OA hips protects itself by ZeroAcess tripwire? Thanks, Harsha
  3. thanks catprincess for the reply. Initially, i had small doubt it could be a special build but again thought it might be a common beta build normally which is available to all beta testers:) I will wait for Andrey reply.
  4. Hi All, I had a discussion thru PM with Andrey reg. the issue last week. He suggested me to try the beta build if the problem is solved. So, i'm posting here if someone could let me know where the beta build exists? Thanks, Harsha
  5. Hi Andrew, I could able to reproduce the issue even after trusting MSVBVM60.dll (this particular dll is not loaded/used by Excel in my computer). Sent the log files via PM with a link to this post. Issue reproduced at 1:18 PM (kernel event fired at 1:19:01 PM). I guess below are the log files you might be looking into.. Harsha(1)_<ComputerName>_OAhlp_20110507-1311(3720).log Harsha(1)_<ComputerName>_oaui_20110507-1311(3584).log SYSTEM(0)_NT AUTHORITY_oasrv_20110507-1310(1724).log Thanks, Harsha.
  6. Thanks Pete for the help and andrewf for all the clues . If MSVBM60.dll is used by excel then promoting it to trusted group should solve the problem. I will do it later tonight. As probably you may know, i have installed OA++ quite recently and all the stuff its shown there are there prior to OA installation. So, I have yet to evaluate those list which are not set to trusted group by default (by OASIS). b/W DFX as shown in the screenshot, doesn't go away either with windows uninstaller or "your uninstaller". Need to manually uninstall or re-install to remove it... Thanks, Harsha.
  7. I have unknown trust level set to few of the programs but i think they are no where related to Excel 2010. Please find the attached screenshot. Note: This happens to both .xls and .xlsx format as i was wrong in the first post. Thanks, Harsha.
  8. I just checked the rules. And yes, for unknown and untrusted processes all actions are blocked. And for trusted processes all actions are allowed. Thanks, Harsha.
  9. i think all actions are blocked for all processes except trusted ones. note: i'll confirm once i reach home. Thanks, Harsha.
  10. thanks again catprincess. i'm just trying to learn/understand the things..
  11. Yes. File shield rules are set where i'm trying to save the files. After disabling them, i can save files instantly. So, the problem comes back only if file shield is activated again. Note: I have another kernel event being logged (not related to this issue and am not sure why it is being logged). Attached image for the same. Whenever these kernel events fired oacat.exe and oasrv.exe are fired one after the other. Thanks, Harsha.
  12. I guess, file shield rules are set. I am currently at my work place. I would reply back after reaching home and test with disabling file shield rules and let you know.
  13. Thanks Catprincess. So, i think its safe to assume that, updater settings can be scheduled for every 4 hours. Is it anywhere documented about ikarus updates interval?
  14. Hi, How frequently does Ikarus update its definitions? So, that i can configure my OA++ update accordingly. Thanks, Harsha.
  15. if i'm right, IE9 already runs in low integrity mode. Then what is the purpose/benefit of running IE9 in runsafer mode? Thanks, Harsha