Online Armor: Questions

Discussion in 'other firewalls' started by Searching_ _ _, Nov 29, 2009.

Thread Status:
Not open for further replies.
  1. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    I installed a poker client and OA alerts gave me this:

    xyz is trying to write memory in another process:
    msctf.dll, lpk.dll, usp10.dll, uxtheme.dll, setupapi.dll, secur32.dll, propsys.dll,
    clbcatq.dll, linkinfo.dll, ntshrui.dll, netapi32.dll, psapi.dll, cscapi.dll, slc.dll

    I went malware hunting and malware after install gave me this:

    xyz is trying to write memory in another process:
    msctf.dll, lpk.dll, usp10.dll, uxtheme.dll, setupapi.dll, secur32.dll, propsys.dll,
    clbcatq.dll, linkinfo.dll, ntshrui.dll, netapi32.dll, psapi.dll, cscapi.dll, slc.dll

    First, these aren't processes.

    Why is OA calling them processes?

    Should I be scared of my poker client?
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,041
    If you trust your poker client, just set it to trusted, and the pop ups will stop.
     
  3. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    If you're in advanced mode, its showing the chain of exection. I'd switch to standard mode. FWIW, I run in standard mode myself.
     
  4. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812

    I always thought you used Comodo Mike. :D
     
  5. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    I don't use their products, but often use them as an example in management meetings ;)
     
  6. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Of the lessons of what not to do. ;)
     
  7. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    I'm using Standard mode. Never used Advanced mode.

    I'm glad I was notified by OA.

    For the poker client I blocked all of the injection attempts and deleted the program until I can figure out how much to trust.

    Is cscript, wscript "run safer" by default?
    They do not show in programs window.
     
  8. eliastz

    eliastz Registered Member

    Joined:
    Aug 24, 2009
    Posts:
    22
    If only you'd implemented some of the features of the Comodo FW in OA (especially its way of handling application and global rules). Then OA really would be top dog.
     
  9. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Maybe I haven't tried enough, but I don't see other products with a run safer type feature in their free or paid products.

    OA is top dog.
     
  10. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
  11. eliastz

    eliastz Registered Member

    Joined:
    Aug 24, 2009
    Posts:
    22
    Don't misunderstand me; I like OA Premium and have purchased multiple licenses for it. Your decision regarding the Ask toolbar was certainly the right one. I just wish that, in addition to its excellent HIPS, OA had more of the firewall features one finds in OP Pro or CIS.
     
  12. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    People choose OA because it is not like Comodo. People don't want the constant popup's or the 3949043 features that really do nothing over all but let you check a box. :D
     
  13. Rednose!

    Rednose! Registered Member

    Joined:
    Apr 7, 2008
    Posts:
    80
    Location:
    Netherlands
    Disapointing, very disapointing :doubt:

    Yesterday I signed up at OA's forum for a reason, and today I am reading Mike's posts here. Mike, you start to sound more and more like Melih, do you know that ? And you know I don't like Melih ! Very disapointing indeed :(

    Greetz, Red.
     
  14. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    That has to be a first. I have never thought Mike sounded like Melih just seems to be a really off the wall comment.
     
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,041
    Folks this thread is about Question about Online Armor. It's drifted a bit off topic. Lets get it back on topic...Please.

    Pete
     
  16. sded

    sded Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    512
    Location:
    San Diego CA
    Red, aren't you referencing the wrong forum-this is Wilders. ;) As far as the global rules, they are still one of the most confusing things about making rules, and even Egeman agreed they are completely unnecessary and that you can achieve the same functions and protection using the WOS application. I never had global rules in the year I used (constantly beta tested) Comodo, and advised others on how to avoid them also to simplify troubleshooting. In any case, OA is not a classical top-to-bottom sieve (shades of Kerio); the rules are alphabetical and essentially self contained. But if the two sets of rules appeal to you, enjoy! BTW, I don't think Mike sounds anything like Melih either. If he starts to, he should wash his mouth (keyboard?) out with soap. :)
     
    Last edited: Nov 30, 2009
  17. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Back on topic....


    Mike my key is ticking away right now in Neverland waiting on that 64bit version! Anyword yet. :cool:
     
  18. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    When your key runs out, and you re-subscribe, can't you just do an upgrade to 64 when it becomes available? :)
     
  19. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,041
    Word is still early 2010, just early is still open. You might check in with the OA forum, as thats where the beta will be available when it's ready
     
  20. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    That's not the market we're in. The goal of OA has always been to try and deliver security in the way that is easiest to use.

    Let me give you one example: We've been asked to alert on possible port scans.

    Now, suppose that you are being port scanned - and OA gave you an alert - assuming it is not a false positive, what are you going to do about it?

    Maybe in yours or my case, you will resolve the IP, figure out the owner, contact the ISP and report it - but in my mums case, she's going to get a terrifying alert that she is being attacked and feel completely powerless to do anything about it... but she wouldn't have to!
     
  21. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    I don't agree that the style or posting I made is anything like Melih, but I'm sorry if you (or anyone) was offended - it was just a lighthearted comment. Nothing more, nothing less.
     
  22. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia

    It's in progress. As Pete mentions, we're looking at early next year for it. As soon as I have anything substantial to show, don't worry, I'll be showing it.
     
  23. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Ill just attempt to hold my excitement in then. :p
     
  24. Rednose!

    Rednose! Registered Member

    Joined:
    Apr 7, 2008
    Posts:
    80
    Location:
    Netherlands
    Mike, for me you sound like Melih. And I realy mean that ! But I want to try/buy OA premium, the current price of a two year licence is very interesting. I have only one question : If I buy a licence now in december, can I start to use it in january/february ?

    Greetz, Red.
     
  25. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Hi Red,

    That's really terrible thing to say to someone :(

    To answer your question - Yes, if you buy a licence now, you can install it when you wish.


    Mike
     
Loading...
Similar Threads
  1. ttomm1946
    Replies:
    0
    Views:
    508
Thread Status:
Not open for further replies.