Jump to content

qwerty

Member
  • Posts

    87
  • Joined

Everything posted by qwerty

  1. I'm also experiencing this on v4.5. Unfortunately, I have never had a previous version installed, to compare with, so I can't be certain that it's precisely the same problem as ITPython is having. Nevertheless, it would be good to implement whatever ITPython's solution turns out to be, and see if that helps. Just to be clear, OA hardly resolves any remote addresses, but perhaps more pertinently, it doesn't even recognise the local address of 127.0.0.1 as localhost, which surely proves that it's a bug. ITPython - When you get the problem fixed (in case you're getting support via PM or the CC), could you please add the solution to this thread for others to see and use? Thank you.
  2. But only you as the user of the machine know if a program has changed legitimately, OA can't know that. It could be malware masquerading as your original program, or it could have been malware that modified it. I'm not sure what you mean when you say that you "acknowledge" to OA that it it the same program. Do you mean that you accept a "Trusted program has changed" pop-up? If so, then I think that you should receive no alerts (about keylogging or otherwise) for a trusted program (you trust it to do whatever it needs), but I'll leave it to someone more qualified to confirm that.
  3. No, it doesn't forget anything. OA realises that it's a different program. If it didn't, it would be pretty useless. Yes, it does seems to have some "issues" in this regard. I sometimes receive "A trusted program has changed" alerts for programs that aren't trusted, and haven't changed.
  4. Don't hold your breath. You could try starting a ticket at cc.emsisoft.com. Just out of curiosity (and based on the observable problems), can anyone tell me how I would go about checking to see if the TLEM Network Service/Driver is installed/functioning correctly? Thank you.
  5. A very good point. I was in a bit of a hurry when I posted, so I forgot to add that information. Windows XP SP3, OA 4.5.1.431 Free and IE8. catprincess - unfortunately, there is no OASIS entry for the item, so that is no help.
  6. http://www.softpedia.com/reviews/windows/Online-Armor-Premium-Review-199849.shtml Seconded. You can add AOL, Avira, ATI graphics drivers (that's what, 1/4 of all computers in the world?), Quicktime, Realplayer and Spybot S&D to the list, too.
  7. Under the section for "IE Add-Ons", I have a number of entries that I don't recognise. Most of them are trusted and allowed, but one is Unknown. Can anyone help me to work out what they are and if I need them? Having searched the web, most of what I find suggests that they are simply core components of Windows or Internet Explorer and not add-ons at all. It would be interesting to know if anyone else has the same entries. The first is browseui.dll, which is apparently a "Toolbar" and has a name of "&Address" and then some version numbers. Then there is Shdocvw.dll with the name Real.com. SHELL32.dll, another toolbar with the name "&Links". xpnetdiag.exe, name "xpsp3res.dll,-20001" and then some version numbers (these are all trusted). Finally, there is something seemingly made of random characters with the name "&Search" which is Unknown. Does anyone have any information or experience of these items? Thank you.
  8. I'm not sure what you mean by new ports "opening up". Do you mean that, on the rules tab of the firewall, your browser is set to allow connections out to a few "default" ports (probably 80, 8080, 443 and possibly 53 and a couple of others), but that when you use it, new *rules* are created, allowing access through new ports? If so, then you're quite right, a browser should work perfectly well for most people on only a few standard ports. In fact, other firewalls configure browsers (and some other software) with access only through the standard ports, and block all others. Otherwise, with OA automatically allowing all ports/protocols requested, it's almost like allowing the browser to bypass the firewall (albeit, with connections logged). If, rather than keeping track and deleting the extra ports, you wanted to stop them from "opening up" in the first place, then you might like to create a rule blocking both protocols in both directions, on all ports. This should stop any new ports from "opening up" (because they're already blocked), while still allowing access through the default ports (which are already allowed). However, as sded said, lots of software talks to itself via the loopback interface, so you may find that blocking all ports causes your browser to malfunction, in which case, you should create a rule allowing UDP Out through All ports, but only to the specific endpoint of 127.0.0.1. PS: Everything I said was referring to IE, as this machine doesn't have Firefox installed, so the loopback rule might be different (e.g. TCP In to 0.0.0.0)
  9. Thank you for the suggestion, Wilbur, but again I have to agree with limande. I have used other browsers, but for various reasons, this machine will continue using IE. I was happy with the functionality provided by the Web Shield (automatic deletion of cookies and inline blocking of ActiveX and Java, with a simple click to enable), and so I'd like to find something to replace it. Finally, if you don't like the Web Shield, it's simple to disable.
  10. I don't see how it is rude. I'd actually played along by replying to her previous, irrelevant, posts. I was simply making clear that we were going around in circles, and should stop. If she wasn't aware that the statement was untrue, then I was enlightening her. If she was aware, then I could argue that it was rude to insult my intelligence by trying to fool me into thinking otherwise. Actually, I don't think that is what she was trying to do, and honestly, I think I'd be verging on over-sensitivity . However, I think it is rude to talk about someone as if they aren't here, or are unable to speak for themselves, so, unless Catpriness has anything to say, I'll leave it at that. Well, it is actually OA functionality that I was discussing, (but I suspect that you mean that it is no longer supported?) and as it's such a small, but relatively important, security feature, I thought someone may know of a small piece of software or plugin, that did the same. Would I be better off starting a thread in the "Offtopic" forum about this? Thank you.
  11. That isn't the same - see limande's post, above. This isn't the same either. It does not provide the functionality to automatically delete cookies after use (which is all that the cookie cutter did). Unfortunately, none of the add-ons that I might like to remove have an entry in Add/Remove Programs, and there is nothing in the "Downloaded Program Files" directory apart from Windows Update. There is no sense in arguing any longer, it doesn't achieve anything. The fact is, that is a blatant lie and limande, I and I'm sure many others need to find another piece of software if we want to replace the functionality that has been removed from OA.So, does anyone have any suggestions for software that can provide these functions? (Automatic deletion of cookies after use, the ability to detect and remove IE add-ons and (most importantly, from a security standpoint) automatic, inline blocking of all ActiveX and Java, with the ability to run any individual object at the press of a button.) Thank you for any ideas.
  12. And this can't be done in IE? And this can't be done in IE, either? Yes, thank you. I do use these settings to block or allow certain cookies, but this wasn't functionality that OA provided. This doesn't just remove cookies, it also wipes history, temporary internet files and other things. Also, it would have to be enabled every time you opened IE, a new window, or new tab. Unfortunately, neither of the links you provided worked; they both said "not found". I got this first one to work by sustituting the final "." with a "/", and using the "Manage Add-ons" from within IE, I can't see a way to uninstall an add-on. Plus, there are several add-ons missing that appear in OA.
  13. I agree with Jose and Alycat regarding the strange behaviour of the whitelist and it seeming to be completely absent, a lot of the time. Obviously, the whitelist (any whitelist) must have limitations, especially with obscure programs and files, or even new versions of well known software - we should expect these to be unknown. Sometimes, however, OA will spring into action over an "Unknown" program that "has not been classified by us yet", even though it is an incredibly popular piece of software, used by hundreds of thousands, or maybe even millions, of people worldwide, and which was released months, or sometimes even years ago. In that case, I wonder "When will you classify it, then?" - the obvious conclusion to draw is, never. I've even seen OA trust and allow one file from a program, but then say that another file is unknown and that I should consider it's validity. How can that happen? Honestly, I think there are far greater concerns with OA than the whitelist. I probably wouldn't care if the whitelist never changed, I'm simply sharing my (very similar) thoughts and experiences on the subject. Thank you.
  14. I have also had lots of problems with the Firewall Status window, from missing programs to under-reported Down/Up speeds and under-reported total Downloaded/Uploaded, all suggesting that some data is bypassing the firewall. I even have blocked programs appearing in green and uploading data, which if true, would be a complete security failure of the firewall, although, I hope this is just incorrect reporting by the Firewall Status window. Unfortunately, when Emsisoft weren't ignoring me, the best advice I got was to "wait and see" with version 5. Hopefully, now that they have finished developing, and have released, version 5, and have time to work on fixing errors/bugs and they can see that the problem still exists in the latest version and there are several different people/machines with the problem, they will now take a look at fixing it. ::Edit:: Tyler - Are you sure that the information is now displaying correctly? Has Firefox really only uploaded and downloaded a combined total of under 20KB? That would be what, a very small webpage with only 1 or 2 small images? Also, although your download manager is reporting a download speed of over 400KB/s, OA only shows 92KB/s. Finally, assuming that you can get correct information at some point, can you work out what happens to make it start reporting incorrectly? (It never reports correctly on this machine) Thank you.
  15. Thank you, I have read about the new abilities of IE (SmartScreen, InPrivate, etc.) and I do know how to change security settings, although, if I'm honest, most of them mean very little to me. What I was hoping for, was a list of each function that is removed from OA, with the corresponding setting in IE, so that I can check to see if either a) IE was already providing equal or better security than OA, and so (as has been suggested), the loss of function from OA is irrelevant, or b) that OA was, in fact, providing a function that will be lost when upgrading and that I will need to replace either by changing IE settings or downloading another program. Thank you.
  16. So, how do we go about implementing the functionality of the Web Shield, including "control over active content" and "private information", in an equal or superior way, in Internet Explorer? Thank you.
  17. I'm used to programs retaining all functionality of previous versions when upgraded, whilst possibly introducing more, however, I understand from the RC announcement thread, that some functions are removed from version 5 of Online Armor. Exactly what abilities will be lost when upgrading from version 4.5 to version 5 of Online Armor? Thank you.
  18. Well, I am experiencing some problems, but I presume you mean to ignore kernel events unless instructed otherwise by support staff. If it really is simply a debug feature that isn't useful to users, perhaps it should have it's own section of "Kernel event history", that only appears when debug mode is activated. I'm curious why I see so much Denying, even of perfectly legitimate, trusted programs.
  19. You say "the majority", how would we tell which are simple records of usage, and which are actually something to take notice of? Thank you.
  20. They say that they are working hard on the new version 5.0 of Online Armor, and I'm inclined to believe them. It would make sense if they wanted to wrap up and release 5.0 before doing any more bug hunting. That way, they can see which problems still exist and concentrate on those, ignoring any that have been inadvertently (or purposely) fixed by version 5. I've no idea if this is their plan, I'm just guessing. Either way, we'll have to see if their support picks up after the release of 5. If you seem to be having no luck with e-mail and such, you could always try talking to someone in real-time via the live support chat. The least they'll do is offer to flag up your problem for some attention.
  21. I'm also waiting patiently for v5. Just out of curiosity, for those who have used their 30 day trial of v4.5, will there be a new trial for the new version? Thank you. And stop calling me cheap! I'm... curious (genuinely).
  22. I'm having a number of problems, or at least "issues" with OA myself, and the lack of support in this forum is a little frustrating. However... ...OA (or any other security software) isn't magic. If something is known to be malicious, obviously there should be a reaction. Increasingly, there is a trend for security software to "trust" files and programs that are "known" to be "safe" (although, I don't know how reliable that is), but even with this functionality, some things must be unknown. Well, if you have gone through all of those precautions, then why are you having security software monitor the installation? You do know that the first thing an installer says when you run it, is that the developers recommend that you close down all other programs before running the installation, right? You're also guaranteed a conflict at some point in the future by installing software whilst other programs are running. (This is not meant as a "flame" or insult either, I'm sure most of us appreciate hearing your views (that's what a forum is for, after all), and I'm not saying that I don't do it either, but we can't be surprised if, when we run an installation, our security software alerts us to what's going on.)
  23. I've just done a quick test of that myself (trust batch file, modify, run and trust again) and I didn't get a second entry in the Programs list. The original entry simply got an updated hash. However, if I move the same (already trusted) batch file elsewhere, either by cutting or copying, I do get a new alert window and subsequent "Programs" entry for each different location, even with the same hash. Which is probably fair, because a program that you trust to run in it's own directory, you may not trust to run in the windows directory. So, when is it listed then? Only if "Only Deleted" is not selected? In that case, it must be green and would suggest that it still exists. Having said that, (I don't know what the rules are with regard to mentioning competitor's products here, but) "a competitor" has a button to simply "Purge" all non-existant program entries. It might be an idea for OA to have one of these. Finally, I also noticed that I have a deleted program called www.google.com with a file date of 1899...
  24. So you think I'll have to reinstall IE again? That's a pain. When you say that I should "properly disable" OA, should I untick all four components, or "Deactivate HIPS features", or enable "Learning Mode", or simply untick "Launch Online Armor at next startup"? Then I should disable other security software as best I can (I don't think I can stop Avira loading at startup without a fight, but I can disable the Guard). Then restart, close all programs and services and install IE. Then once installation has finished, re-enable everything and reboot? While I think about it, does anyone know where IE puts it's installation log, so I can see what has succeeded or failed? catprincess - I have now found the files in the Programs list and set them to Allowed, but why wouldn't OA recognise them automatically? Thanks for the help.
  25. Lynx, that is exactly what I did. The machine is running WinXP SP3 and Avira Personal, although, I'm not sure why that matters as it wasn't Avira that blocked the files, it was OA. Thank you.
×
×
  • Create New...