Sign in to follow this  
tallanvore

Firewall Status Misreading; Screenlogger Enumeration

Recommended Posts

Hello,

There are two issues outlined in the topic title that I would like to report on.

Firstly, I noticed an issue with the firewall status feature and how it would misread the uploaded/up speed units, the former being GB where it should be KB, and the latter Kb/s instead of MB/s (please see attached file). All internet-facing applications I have run exhibits similar behaviour.

There are also occasions when I am playing an online role-playing game (MMORPG) where the graph reading shoots up to 500,000 KB/s and the downloaded and uploaded entries no longer contain units, but large 6-digit numbers. This issue relates to the x64 version of Online Armor. On another machine running the x86 version these issues do not occur.

Secondly, will there be a section that lists screenlogger protected executables/dll's? I noticed on the Online Armor x86 version that if I had blocked an application from screenlogger activity, which in one instance was Foxit Reader, I could not revoke the deny permission and had to delete the executable from the Programs list and provide OA with an opportunity to re-learn the application. Since the anti-keylogger protection module is separate from the screenlogger protection module, I was hoping there might be an option to help simplify the process and provide a more user-friendly approach for OA subscribers.

Thank-you for your time and the wonderful support you have been providing for it is most appreciated.

Yours faithfully,

Tallanvore

Share this post


Link to post
Share on other sites

Hi Tallanvore,

Secondly, will there be a section that lists screenlogger protected executables/dll's? I noticed on the Online Armor x86 version that if I had blocked an application from screenlogger activity, which in one instance was Foxit Reader, I could not revoke the deny permission and had to delete the executable from the Programs list and provide OA with an opportunity to re-learn the application. Since the anti-keylogger protection module is separate from the screenlogger protection module, I was hoping there might be an option to help simplify the process and provide a more user-friendly approach for OA subscribers.

Any "loggers" can be controlled from the Keyloggers section. If you delete the entry in Keyloggers for Foxit Reader for example, you should get the screenlogger popup for Foxit again :)

Share this post


Link to post
Share on other sites

Hello, catprincess.

I attempted to do just that after the problem occurred. By removing the Anti-keylogger entry for Foxit Reader I was alerted by Online Armor of key-logging activity, likely due to navigating Windows Explorer to open a PDF file. Then I set Foxit Reader to the Allowed status. Unfortunately, the file being read still rendered a black page and the History Log showed five entries all related to the anti-screenlogger and Access Denied.

This is for Online Armor++ edition v5.0.0.1100 under Windows x64. I did get around the problem, though. The solution I suggested was to delete the Foxit Reader entry from the Programs list altogether and have Online Armor remap the executable permissions. The latter was merely a suggestion to have it listed somewhere under an appropriate heading for convenience.

I can confirm that the anti-keylogger entry for Foxit Reader, in this case, prevents the auto-completion for a filename. By setting it to Blocked status, I executed Foxit Reader and attempted to open a PDF file. The pages were rendered black, but the auto-complete function used while typing a filename was blocked. This leads me to suspect that the anti-screenlogger is not directly related to the anti-keylogger protection module.

However, the good news is there are no other issues that I have to contend with so I am still a very happy Emsisoft customer. :D

Cheers

Tallanvore

Share this post


Link to post
Share on other sites

I tried here (I don't have x64 however, so it's possible that the behaviour may be different on x86). Removing the blocked entry in Keyloggers for Foxit resulted in a new screenlogger popup for me or if instead I changed the blocked entry to allowed, history would record a screenlogger being allowed when I next opened Foxit. Was Foxit Reader closed when you removed the blocked entry or changed the blocked entry to allowed in Keyloggers?

Glad to hear you aren't having any other issues in any case :)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.