Online Armor: Questions

I installed a poker client and OA alerts gave me this:

xyz is trying to write memory in another process:
msctf.dll, lpk.dll, usp10.dll, uxtheme.dll, setupapi.dll, secur32.dll, propsys.dll,
clbcatq.dll, linkinfo.dll, ntshrui.dll, netapi32.dll, psapi.dll, cscapi.dll, slc.dll

I went malware hunting and malware after install gave me this:

xyz is trying to write memory in another process:
msctf.dll, lpk.dll, usp10.dll, uxtheme.dll, setupapi.dll, secur32.dll, propsys.dll,
clbcatq.dll, linkinfo.dll, ntshrui.dll, netapi32.dll, psapi.dll, cscapi.dll, slc.dll

First, these aren't processes.

Why is OA calling them processes?

Should I be scared of my poker client?

 

If you're in advanced mode, its showing the chain of exection. I'd switch to standard mode. FWIW, I run in standard mode myself.

 

I always thought you used Comodo Mike.

 

I don't use their products, but often use them as an example in management meetings

 

Of the lessons of what not to do.

 

I'm using Standard mode. Never used Advanced mode.

I'm glad I was notified by OA.

For the poker client I blocked all of the injection attempts and deleted the program until I can figure out how much to trust.

Is cscript, wscript "run safer" by default?
They do not show in programs window.

 

If only you'd implemented some of the features of the Comodo FW in OA (especially its way of handling application and global rules). Then OA really would be top dog.

 

Maybe I haven't tried enough, but I don't see other products with a run safer type feature in their free or paid products.

OA is top dog.

 

We thought about it, but decided not to.

 

Don't misunderstand me; I like OA Premium and have purchased multiple licenses for it. Your decision regarding the Ask toolbar was certainly the right one. I just wish that, in addition to its excellent HIPS, OA had more of the firewall features one finds in OP Pro or CIS.

 

People choose OA because it is not like Comodo. People don't want the constant popup's or the 3949043 features that really do nothing over all but let you check a box.

 

Disapointing, very disapointing

Yesterday I signed up at OA's forum for a reason, and today I am reading Mike's posts here. Mike, you start to sound more and more like Melih, do you know that ? And you know I don't like Melih ! Very disapointing indeed

Greetz, Red.

 

That has to be a first. I have never thought Mike sounded like Melih just seems to be a really off the wall comment.

 

Red, aren't you referencing the wrong forum-this is Wilders. As far as the global rules, they are still one of the most confusing things about making rules, and even Egeman agreed they are completely unnecessary and that you can achieve the same functions and protection using the WOS application. I never had global rules in the year I used (constantly beta tested) Comodo, and advised others on how to avoid them also to simplify troubleshooting. In any case, OA is not a classical top-to-bottom sieve (shades of Kerio); the rules are alphabetical and essentially self contained. But if the two sets of rules appeal to you, enjoy! BTW, I don't think Mike sounds anything like Melih either. If he starts to, he should wash his mouth (keyboard?) out with soap.

 

Back on topic....


Mike my key is ticking away right now in Neverland waiting on that 64bit version! Anyword yet.

 

When your key runs out, and you re-subscribe, can't you just do an upgrade to 64 when it becomes available?

 

That's not the market we're in. The goal of OA has always been to try and deliver security in the way that is easiest to use.

Let me give you one example: We've been asked to alert on possible port scans.

Now, suppose that you are being port scanned - and OA gave you an alert - assuming it is not a false positive, what are you going to do about it?

Maybe in yours or my case, you will resolve the IP, figure out the owner, contact the ISP and report it - but in my mums case, she's going to get a terrifying alert that she is being attacked and feel completely powerless to do anything about it... but she wouldn't have to!

 

I don't agree that the style or posting I made is anything like Melih, but I'm sorry if you (or anyone) was offended - it was just a lighthearted comment. Nothing more, nothing less.

 

It's in progress. As Pete mentions, we're looking at early next year for it. As soon as I have anything substantial to show, don't worry, I'll be showing it.

 

Ill just attempt to hold my excitement in then.

 

Mike, for me you sound like Melih. And I realy mean that ! But I want to try/buy OA premium, the current price of a two year licence is very interesting. I have only one question : If I buy a licence now in december, can I start to use it in january/february ?

Greetz, Red.

 

Hi Red,

That's really terrible thing to say to someone

To answer your question - Yes, if you buy a licence now, you can install it when you wish.


Mike