oaUser

OA makes decisions over my head

Recommended Posts

I have several times noticed that software is being "Trusted" and "Allowed" without my inteference. This worries me greatly.

I've tried to set it up so I would have absolute control and not being nannied. Although something have been grayed out "In addition, automatically trust programs signed with valid digital signatures" there's no checkmark in it and it can't be changed. I suspect that is the culprit and it's turned on anyway because I'm not running with paid software, but I'm really not sure what the reason is.

Can someone please tell me why OA is making decisions without my knowledge and how I can get in control.

Thanks.

Share this post


Link to post
Share on other sites

In general there are 3 ways how Online Armor can determine whether to trust a program or not on its own:

  1. It can use the digital certificates that are used to sign an executable. You can disable this list via the "In addition, automatically trust programs signed with valid digital signatures" option.
  2. It can use an extensive offline white list that is provided by us. This white list contains hashes of programs that Emsisoft considers trustworthy like other Emsisoft products, files belonging to Windows, as well as high profile applications that are found on a large portion of our user's computers like for example Firefox or Chrome. You can disable the usage of this offline list via the "Automtically trust programs that Emsisoft deems trustworthy" option. Disabling this option will automatically turn off digital signature checks as well, which is why that option is disabled in your case.
  3. I can use cloud data to figure out whether or not a program is trustworthy or not. We do provide a web interface to our cloud data, in case you want to check it out. You can disable the cloud lookups by unchecking the "Contact Anti-Malware Network in realtime" option. Keep in mind though, that this will not only cause Online Armor to not know whether a program is a known good program, but also if it is known malware, as the cloud provides both a white list as well as a black list.

If you turn off all three options, Online Armor will not create and program rules automatically. If you disable only some of those options, you will end up with some automatic rules eventually.

Share this post


Link to post
Share on other sites

In general there are 3 ways how Online Armor can determine whether to trust a program or not on its own:

  1. It can use the digital certificates that are used to sign an executable. You can disable this list via the "In addition, automatically trust programs signed with valid digital signatures" option.
  2. It can use an extensive offline white list that is provided by us. This white list contains hashes of programs that Emsisoft considers trustworthy like other Emsisoft products, files belonging to Windows, as well as high profile applications that are found on a large portion of our user's computers like for example Firefox or Chrome. You can disable the usage of this offline list via the "Automtically trust programs that Emsisoft deems trustworthy" option. Disabling this option will automatically turn off digital signature checks as well, which is why that option is disabled in your case.
  3. I can use cloud data to figure out whether or not a program is trustworthy or not. We do provide a web interface to our cloud data, in case you want to check it out. You can disable the cloud lookups by unchecking the "Contact Anti-Malware Network in realtime" option. Keep in mind though, that this will not only cause Online Armor to not know whether a program is a known good program, but also if it is known malware, as the cloud provides both a white list as well as a black list.

If you turn off all three options, Online Armor will not create and program rules automatically. If you disable only some of those options, you will end up with some automatic rules eventually.

Thank you very much! They are already turned off though, all three of them. Just in case I've let it run a little more and sure enough, new software popped up as "Trusted" and "Allowed". Some recent examples:

AcLayers.DLL

nvvsvc.exe

WINSPOOL.DRV

xul.dll

Out of nowhere they end up on the Programs list.

 

This seems to be a very long thread about the domains list. Is there any post in particular I should read? Thanks.

Share this post


Link to post
Share on other sites

Thank you very much! They are already turned off though, all three of them. Just in case I've let it run a little more and sure enough, new software popped up as "Trusted" and "Allowed". Some recent examples:

AcLayers.DLL

nvvsvc.exe

WINSPOOL.DRV

xul.dll

Out of nowhere they end up on the Programs list.

Can you enable the "Automtically trust programs that Emsisoft deems trustworthy" option, then disable the "In addition, automatically trust programs signed with valid digital signatures" option, and disable the "Automtically trust programs that Emsisoft deems trustworthy" option again, please? Just in case there is a logic error when dealing with the disabled check box internally.

 

This seems to be a very long thread about the domains list. Is there any post in particular I should read? Thanks.

Not really. Some people were upset that we disabled hiding trusted domains that were automatically trusted by Online Armor to keep the Banking Mode working properly. Since you are using the Free version, you don't have access to the Banking Mode and "trusted domains" are ignored outside of it.

Share this post


Link to post
Share on other sites

Thanks for the effort! I tried what you suggested. When I unticked the first one, there second one was ticked. I removed both. I did this several times. Unfortunately it doesn't help. I still get a lot of software automatically allowed and trusted. I can change it to Block/Untrust but then I have to watch for the software to show up in the list (already having privileges they shouldn't).

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.