902 replies to this topic

[Ilya Rabinovich]

"Run as trusted" can work as it should- running a process into the trusted zone.

[Ilya Rabinovich]

Ilya, I downloaded the click-and-run version of office 2010 and installed it on a fresh snapshot on my laptop. I was going to use NirSoft RegScanner to find all the registry keys and export them but it has found over 5,000 keys with Program Files\Common Files\Microsoft Shared\Virtualization Handler and is still running!!! Is there some other utility I should be using? I did also run jv16 Power Tools and saved the list to a text file (attached).

OK, I understand why DW turns CVH.EXE into the untrusted state. Could you, please, also find the real Outlook path and find all the references to it, if they are ever exists?

[Ilya Rabinovich]

Ilya, I downloaded the click-and-run version of office 2010 and installed it on a fresh snapshot on my laptop. I was going to use NirSoft RegScanner to find all the registry keys and export them but it has found over 5,000 keys with Program Files\Common Files\Microsoft Shared\Virtualization Handler and is still running!!! Is there some other utility I should be using? I did also run jv16 Power Tools and saved the list to a text file (attached).

Just uploaded new version that ignores "CVH.exe" as a "virtual Outlook" item. Check the new build out.

[abc]

Currently, moving the mouse cursor over DW's tray icon, the string "DefenseWall Personal Firewall v3.xy" appears in a gray field:
it would be nice if for every process that starts as untrusted can appear a reminder indicating the name of the untrusted process for a defined laps of time (5 seconds,...).

Similarly, I'd like the same information was provided "on the fly" by moving the cursor over DW's tray icon.

What do you think about it?

nobody?

Too talkative?



(obviously, the ex. above is related to the "on the fly" scenario...)

Edited by abc, 16 January 2010 - 08:17 PM.

[Ilya Rabinovich]

Well, it's possible. There are some restrictions on Win2k platform.

[abc]

txs a lot for your opinion.

[Ed_H]

Ilya, I downloaded the click-and-run version of office 2010 and installed it on a fresh snapshot on my laptop. I was going to use NirSoft RegScanner to find all the registry keys and export them but it has found over 5,000 keys with Program Files\Common Files\Microsoft Shared\Virtualization Handler and is still running!!! Is there some other utility I should be using? I did also run jv16 Power Tools and saved the list to a text file (attached).

Just uploaded new version that ignores "CVH.exe" as a "virtual Outlook" item. Check the new build out.

No luck...DW log attached.

Attached Files

•  DW_Log.txt   3.87KB   20 downloads

[mossman]

Currently, moving the mouse cursor over DW's tray icon, the string "DefenseWall Personal Firewall v3.xy" appears in a gray field:
it would be nice if for every process that starts as untrusted can appear a reminder indicating the name of the untrusted process for a defined laps of time (5 seconds,...).

Similarly, I'd like the same information was provided "on the fly" by moving the cursor over DW's tray icon.

What do you think about it?

nobody?

Too talkative?



(obviously, the ex. above is related to the "on the fly" scenario...)

I. for one, quite like that idea.

Edited by mossman, 17 January 2010 - 11:29 AM.

[Threedog]

That would be very convienient. I look quite often look to see what untrusted process are running via the tab and it would be a lot simpler to mouse over on the icon to do this.

[Ilya Rabinovich]

To everybody who being reported about the bypass- it's all fixed. New build is uploaded.

[abc]

perfect!

[abc]

@ Ilya:

can i ask you if my suggestion is in your to do list or whether the restrictions you mentioned above prevent you from implementing it? (in particular, i think it would be very useful to be informed through a simple balloon alert for any process starting as untrusted)...

Another thing i'd like to be implemented is different colors in the events log module so to distinguish between different types of events..

Edited by abc, 17 January 2010 - 05:47 PM.

[Ilya Rabinovich]

New build is uploaded. It fixes one BSOD issue I found accidentally.

[Ilya Rabinovich]

can i ask you if my suggestion is in your to do list or whether the restrictions you mentioned above prevent you from implementing it?

It' in my third-priority todo list. The first one is about security issues, the second one is about new important value-adding features. The third-priority list is about minor value-adding changes. So, I'll think about this feature implementation, but not very soon- there are other very important function must be implemented first head. For example, ability to update FireFox from the untrusted zone. Or visual indication of untrusted executable files.

[WilliamP]

I agree that No1 issue is security. That is the main reason I have DW.