Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by cloutz

  1. i'm Italian too, and there are many not translated strings
  2. Have you informed your translators of this OA release?
  3. Ok, tried calc.exe with that protections enabled it does not work, process successfully terminated with no alerts. so.. OA is not able to handle that messages for non-OA processes
  4. i did not posted anywhere screenshots, i thought it was a surprise for v5 i'll try that way, but have you planned to implement that kind of protectin for all processes? from what i can see i think no!
  5. i'm sorry but i can't find that function
  6. yes, OA processes can not be terminated! i thought it can protect all other processes from termination, or at least important ones such as explorer.exe anyway, is it in your to-do list? or is it an implementative choice? Best regards
  7. Hi, i tried OA 5 beta (alex_s gave me because i had some problems with v4.5 ) versus some type of termination tests in VM with win7 x64. In particular: Simple Process Termination Advanced Process Termination Process Hacker (no kernel mode) i tried to terminate always paint.exe, and i found that OA does not catch send message termination. In particular: (send WM_CLOSE) (send WM_SYSCOMMAND) (send WM_DESTROY) (send WM_QUIT) (send SC_CLOSE) Anyone can confirm it? Best Regards
  8. No problem with the v5 This alert appears even if the AutoAllow is activated. Great job, i really like this version! Thanks
  9. tried, bad result. PM sent, available to try the new beta. Honestly i'm not scared about this specific problem bacause i do not use Auto-Trusting features.. Anyway i'll try the newest version hoping it was a problem of mine Regards
  10. I'm using free version, that does not have Advanced Mode.. E:\ crypted is not a trusted program on OA. You can find other informations on this screen: Onestly it's a strange behaviour. If you want i can attach the zip with the malware, protected with password, so you can reproduce the same circumstances and try. I'm fully available B)
  11. Test is made on VirtualBox C:\ is the partition where Windows is installed E:\ is the shared directory with the real system When i execute crypter.exe from the shared directory, the file is trusted When i copy crypter.exe to the Desktop and then execute it, it is not trusted 101.exe is another malware that was on the shared directory, it was here cause i did some tests I do not know how to enable "Additional debug info", i can't find it: Thanks!
  12. Ok, but i haven't an email address to send the log, i will attach it here (otherwise give me an email address and i will forward it ). Useful information: 18:26 - a program (crypter.exe) wants to run > OK - C:\Users\vm\desktop\crypter.exe firewall orange alert: "crypter want to use internet" - process terminated via Task Manager 18:29 - a program (crypter.exe) wants to run > OK 18:30 - E:\crypter.exe firewall green alert: "crypter want to use internet"
  13. Hi, I tried OA with a malware sample today on my VirtualBox (win7 64 bit installed). 1. When i execute it from E:\ OA treated it as "Trusted by OA support team". 2. When i execute it from desktop C:\Users\VM\desktop OA treated it as "not flagged as good or bad by OA team" Is it normal? Or is there a criteria that I miss so the files are labeled as trusted in some situations? Cause this malware was allowed to connect to the internet (unless specified setting to AutoAllow trusted programs is DISABLED) Regards
  14. Okay, that's my thought, so i agree with your point of view. I was only scared about actually non-covered modules/protections (dll injection, COM interfaces, unhooking ?) Regards
  15. Hi, thanks for the reply. I was a Comodo fan , but actually i don't like how they're developing D+ on x64 platform. I criticize CIS x64 protection because i tried it, and anyway you can find lots of segnalations on CIS forum, for example here LINK So I asked for the difference in OA between x32-x64, and what is still missing. Despite OA supports x64 since only 2 version, i found a great protection on x64 imho
  16. Hi! I saw that other hips (even CIS) still have security problems on x64 platform. In fact x64 version is more vulnerable than x32, they cannot guarantee full protection against some attacks like dll-injection, keylogging, DDE, windows messages.. Same things for SpyShelter for example. And what about OA?? What are the protection module differences from x32 and x64 version? Regards
  • Create New...