Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Lode

  1. Hi! For the first time since I have enjoyed OA Premium these last years, I just got some OA popups, asking me to allow or block the following 3 items when I used my IE9 browser after not having done that for a long time (Opera is my default, Firefox my second choice): inetcpl.cpl -> explorer.exe iexplore.exe -> dwmapi.dll inetcpl.cpl When I opened IE9 -which I set to make of Google the home page- an IE9 message appeared asking me for permission to have the keystrokes be send to MS through Bing. That is when those OA popups showed up. I allowed it, not knowing what to do yet. I removed the Bing bar and everything related to it using RevoUnistaller free, then I opened IE9 again, but the MS message asking me to have my keystrokes send on through Bing appeared again. The OA popups also appeared again, and this time I had it block the above mentioned items and remember my decisions. OA reported that MS wanted to have my browser history, favorites, and HP (brand of my notebook) info send to them. Before that I had noticed OA showing that something called "seaport" was constantly very active sending and receiving data. I googled it and found out that it is a MS feature taking up a lot of memory. It is part of Windows Live which I don't use, so I had RevoUnistaller remove that as well. Although I have nothing to hide, just out of principle I congratulate OA for making me aware of these issues, and offering to block the MS spyware. Some very unflattering info on Seaport: http://besthubris.co...ent-seaportexe/
  2. Update: Hurray! After a few more reboots the handy little green square is back again. I did not have to reset my machine to the system backup I made 3 weeks ago, and then have to go through downloading/installing all the updates etc. that occurred since then again. I'll make a new complete system backup of this current situation now. Problem solved.
  3. Hi! For reasons unknown to me since today the above mentioned icon does not show up anymore on the list of pictograms when I click on "Properties" on the tray bar. I can still call up the Firewall Status monitor, but not get the handy little green square back on the tray. At first even the OA shield icon was also gone. In the Start list I could call OA up, but only make the OA shield icon appear on the tray bar properties list by clicking on OA's update (there was no newer update, as I knew, but I did it to see if I could get the OA shield icon back, and it worked.) So I have the OA shield icon back on the tray. But not the green square. I wonder if this has to do with the latest recent new update/version of OA, or with the right after that following Windows updates, among which was the usual program for searching for malicious software. It was only just now after the required reboot for Windows updates that this problem appeared. But it might have been caused by the equally recent OA new version/update. I don't remember if I had already rebooted for the latter. I'm thinking of using a complete Windows System backup I made a few weeks ago, and this time make sure I don't get Windows "Searching for malicious software" update on my machine. But I would like to check here first, in case it is caused by the new OA version that was automatically downloaded/installed yesterday.
  4. I like these fortunate coincidences. It's still appearing on my tray after reboots.
  5. Hi! After a reboot OA's Firewall Status icon now appears on my tray bar automatically. Before I always had to make it appear there by hand: (Click on tray > Properties > etc.) Is this the long awaited fix that we were told the OA team might get to one day after more important issue would have been dealt with first? If so, thanks!
  6. Thank you. I have not seen that facebook thing anymore lately, but when I see it again -I sometimes check when I awaken my notebook, or after a reboot, just to see what it is connecting to- I'll follow your instructions, using the 'Restrictions' field. I mostly use Opera, Firefox, and sporadically IE9. Not Chrome. And googling to find out what 'Trusteer Rapport' is, I think my bank might be using something like that, as it doesn't allow my browsers to remember my username and password. I always have OA in 'Advanced' mode. Can't remember why. Thanks again.
  7. Thank you. I'm probably just being paranoid after having seen this clip once: "Do you have Facebook?": http://www.youtube.com/watch?v=ZMWz3G_gPhU As I have nothing to hide, I have nothing to worry about, but it's just the principle. Anyway, when I see that IP again, can I just copy it and paste it in 'Restrictions'? (I don't understand the difference between that and the 'Blacklist.') I have OA Premium.
  8. Hi! Lately I have seen on OA's Status screen that there is a connection to this: www-13-01-ash4.facebook.com:80 I have no Facebook account, nor anything to do with Facebook, so I wonder what this might be, and if it even really is Facebook. This brings me to my question: Is it possible to prevent my notebook from connecting to an IP? Any 'blocklist' or something like that in OA?
  9. Exactly. I brought this topic up because I once had something happening on my laptop that in the end only reformatting got rid of. It was partly my fault: I had gone to Windows' update site unsandboxed not to let Sandboxie interfere with the downloading/installing of updates, and from there gone to a Russian site -still unsandboxed- to read an article in English. This was my first error. A few days later my laptop was nearly out of my control. My AV and ASW did nothing to stop it. But I scanned with SAS and MBAM and they both found a trojan. But instead of letting it be removed I wanted to see if my AV would also find it, and scanned with my top AV (according to AV-Comparatives) and it did not detect it. I scanned again with SAS -nothing found now- and MBAM -same- so I suppose I had prodded it to change itself. So this was my second error. Even the experts on the original (Dutch) HijackThis forum could not help me get rid of it. The one trying posted that it was a know hacker attack and gave a link to an article about it. But half of the time I could not even go online, receiving error messages. And it would take minutes to move the scroll bar or save a document. In the mean time my screen would blink off for a second once every minute. The OA IP monitor showed tons of connections to the Russian Republic. And as soon as I blocked them as fast as I could, new connections were made. So I wondered if this would have happened if OA had password protection for new installations and settings or something like that... I still don't understand how this could have taken place. But that's old water under the bridge now.
  10. Thank you. I had a little problem -I could not get to my router- and asked for help on the Opera forum. It turned out that I was typing in 168.192.01 and Opera was automatically changing it to So I though Opera was preventing me from getting to my router interface. Luckily someone on that forum noted that the address should be And Opera is so good as to correct it to that even when I typed in the address without the last dot: http://my.opera.com/community/forums/topic.dml?id=1023712&t=1308685358&page=1#comment9695602I On my router interface I under "Firewall" I see: "Enable": "Enable" is checked. "DMZ": "Disabled." Under "DoS": "Ping of Death": checked. "Discarding Ping on WAN": checked. "Port Scan": checked. "Sync Flood": checked. Under "Access": "Enable MAC filtering": unchecked. Under "URL Block": "Enable URL Blocking": unchecked. That's all under "Firewall."
  11. Speaking of echo replies, could having "Echo request" checked as Allowed in OA's ICPM not be related to this ping reply? My router is a Sitecom 300N. I can get to its interface by typing 168.192.01 in my browser, and know how to set WPA2. But beyond that it's all Greek to me. Normally only a non-wireless modem is given by my provider, but luckily they also offered this wireless router for free as a special offer for a short while for new clients. There is only one pc -my laptop- connected to it.
  12. Thank you. I already found it hard to believe that OA would allow a thing like that. And yes, I'm using a router. In "firewall/icmp" I see checked in Allowed only these 4: 8. Echo request. 13. Timestamp request. 15. Information request. 18. Address mask reply. All the others are unchecked under Allowed. Under "Logged" all are checked. I had never even looked into this ICMP.
  13. Hi! I suppose this has been addressed already, but I could find no reference to it. This is what the test site Shields Up just reported: "Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation." I wonder if this is a false positive, or if it would not be a fp, can I configure OA Premium to prevent the mentioned ping reply?
  14. Thank you. I have no malware on my laptop as far as I know, nor according to my av and anti-spyware scanners. Everything works fast and normal. I was thinking that with password protection it would be even more hacker-safe. But I guess if a hacker or cracker would enter and begin to change OA settings -or even disable OA- I would somehow see it. Still password protection might not be a bad idea. It's just that I would still have to be able to see popups, and then use my password to allow or block the action.
  15. Hi! I have 2 questions: I understand one can use password protection to prevent someone using one's pc to change OA settings. 1. But could that also be utilized to prevent a hacker or cracker from making changes to disable enough of OA to do his thing? I still don't understand the settings of a password for OA. It gives 2 options (I translate from my Dutch version): A. Enable automatic protection. B. Lock GUI. 2. What exactly does each of these options do? I had a severe cracker problem on my laptop some time ago, and I imagine that somehow the settings of my OA were tampered with by the culprit. I posted about the problem I had then: "Some Russian guests on my laptop...": http://support.online-armor.com/showthread.php?t=12735&highlight=Lode
  16. "Video about Google and gmail removed. Interesting, but nothing to do with CLOSE_WAIT." You're right of course. And it was a bit of vengefulness on my part... Oh well... Glad that question I have had for years has been answered, and everything is working fine now. B)
  17. PS: A dear friend mailed me from the US: "I sent you a fairly short email this morning 9:32 my time with a bunch of questions in it, but it looks like it might not have gone through. Did you receive it? I've got it in my "Sent" box but it doesn't show up in our correspondence. I was just curious. Also I notice that your name is now showing up as "L. Langeweg" now, not with your full first name. Did you change something?" So it was the change I made by making that gmail account. If I ever make one again I will make sure to not tie it in with my regular e-mail address. Video about Google and gmail removed. Interesting, but nothing to do with CLOSE_WAIT
  18. Thank you. After having let a night pass now in the morning my e-mail comes in normally again. Maybe it was a problem with my provider, or because for the first time I made a gmail account, using my regular e-mail address, and thus created a conflict, or something else, I don't know. Right after posting the above and scanning for malware -nothing found- I canceled both my Google/YouTube and gmail accounts to make sure there was no conflict. I can always make new ones if I would need them. I am glad it is solved, and now also understand what CLOSE_WAIT stands for. I had seen that many times before over the years of course, but it was only now that I started to worry about it because of the e-mail problem. Not really logical to connect those two, but feeling even slightly upset can interfere with logical thinking... Oh well, all's well that ends well.
  19. Hi! Sometimes I see "CLOSE_WAIT" as the Status of an IP in the addresses list on the Firewall Status panel. What does that mean? The reason I am asking is that since a day or so when I try to get my e-mail using my Opera browser with its e-mail program I don't receive it. I now always get a "No new messages for..." which now takes about a whole minute vs the few seconds it took before. And the following appears on OA's panel: proxy.alice.nl:pop3 / CLOSE_WAIT I can still get to my e-mail going to the site of my provider -alice.nl- but the e-mails I see there that normally are always send to my laptop are not being send on now. Even when I send a test e-mail to my own address it stays on the site of my provider. This has not happened before in the years I am with this provider. (In the mean time I'll scan for malware...)
  20. After changing its status to "Not trusted" and a reboot -for 11 Windows updates- I see that "pc_van_hans" is gone now from Computers. I also removed it from Domains just to make it all look green. Thanks again.
  21. I have a laptop with wireless connection to a router, which is connected to a modem. So that other connection (pc_van_Hans) must be of a neighbor who is -was- somehow connected to my wireless signal and laptop. I have no other connections. That Windows connections list of those 12 signals are the totality of signals in my vicinity, but mine is accessible only to me now because I have applied WPA2 since my above post. On the OA Interfaces list only appears 192.168.100, which includes only mine and hans' connections. I just changed his connection on my Computers list to "Not trusted." Rests only one question: If I remove "pc_van_hans" from my Domains list, does that only remove it from that list or also from my laptop? (For now I blocked it also on my Domains list.)
  22. Thank you! I had not thought of checking there. It does indeed appear in that list besides my own router. This is the info (sitecom is mine): -, CO-CB-38-2F-46-63 - Wireless networkconnection ... 192.168.001, 00-0C-F6-51-18-BB (sitecomwl312.sitecomwl312) <networkpoint/router> (Status: ? Unknown -light bulb) ... 192.168.101, 00-19-D2-83-54-40 (pc_van_hans) (Status: ? Unknown -no light bulb)
  23. Hi! I noticed that the OA shield icon was gone from my tray, and no matter what I tried I couldn't get it back on there. Only the Firewall status monitor was on it. I had also seen a to me unknown item in the OA Domains list: "pc_van_hans." I live in Holland and this is Dutch meaning "the pc of hans", "hans" being a male name. Yet I don't know any hans let alone his pc... but it is checked as "Trusted." Anyway, I used a recently made image backup I had saved on an external drive, and the OA shield is back on the tray. But the "pc of hans" is there also, so it was already on my laptop when I made the image. Maybe "hans'pc" is something completely legitimate belonging to some software I am using, but I have no idea what it could be. I have not blocked it (yet), although I found no info on it anywhere. I have the option -besides blocking- to delete it from the Domains list, but will that also remove it from my laptop? Or only from the list, so I will be asked again by OA for my decision in case something on my laptop related to "pc_van_hans" would seek access to that domain? Or vice versa? I don't see that name on my Internet connections list with 12 wireless connections, but maybe I should use the WPA2 option. PS: I just set my connection to WPA2. Maybe "hans" is one of those 12 neighbours in my vicinity.
  24. PS: The usual solution: keep it as much as possible in hibernation or stand-by when not in use, thus avoiding reboots.
  25. Following the above link to the old OA forum about the tray issue I see: "You could use TaskbarRepairToolPlus! from hxxp://www(dot)kellys-korner-xp.com/taskbarplus!.htm" This seems to be for Windows xp only. I have Windows 7 64 bits. ..................................................................................................... "This is a Windows 7 issue. This is how I correct. There are other ways but this is the easiest. Step 1 - Open CCleaner and select "Tray Notifications Cache". Then select Analyze and then run. Step 2 - Open Task Manager and kill process "Explorer.exe". You will notice that the tray and taskbar will disappear - this is ok. Step 3 - In Task Manager select File->New Task (Run..) At the prompt enter explorer.exe and select Open Step 4 - All of your tray icons will now be visible. You will have to select those that you want to Show Icons and Notifications." ..................................................................................................... About CCleaner: Only in "Register" did I see a scan option. I had it scan everything, and it corrected 17 items. I also did the Task Manager thing, but only the same icons I always have on the tray appeared again, nothing else. So still no OA monitor, only the shield. Then I tried this one for removing old obsolete tray icons, and it did remove them: http://www.sevenforums.com/tutorials/13102-notification-area-icons-reset.html but although almost all icons had disappeared -except for 3 default ones- and I set all back again, only OA's handy green square did still not return automatically after the next reboot. I also found the above mentioned CCleaner scan/cleanup old icons trick in a post on the first page of the last given link -and now understanding it, tried it- but still no OA monitor icon after reboot, so back to clicking on the tray > Properties > (etc.) I guess I'll have to live with this unbearable pc crippling disaster...
  • Create New...