POLALA.COM
welcome to my space
X
Welcome to:polala.com
Search:  
Web Design | Video Games | RVs | Religion | Management | Supplements and Vitamins | Software | Basketball | Related articles
 HOME   Outpost reporting/blocking changes

Outpost reporting/blocking changes

Published by: cfz 2009-01-07
  • I have a family license and since installing V4 on my PC and that of my wife, both machines occasionally present a "post-it" information message that a file has attempted to modify Outpost but has been blocked. You have to be quick to read it as it is a transient panel and closes down spontaneously. The OS (Windows XP Home) continues to function and there no detectable consequences. Two accused files that I can recall are avgw.exe (AVG Antivirus is on both machines) and ieexplore.exe. This issue has been reported to Support but I wondered if anyone else has encountered the problem and figured out what it all means?
    • UNCLASSIFIED AD NUMBER CLASSIFICATION CHANGES LIMITATION CHANGES ::
    In one case where frequent enemy mining and road block activi- . contact with the outpost force and report progress and departure from the
    http://www.stormingmedia.us/28/2829/0282905.pdf    HOME
    librarian.net » Blog Archive » The State of America’s Libraries ::
    According to the executive report: Library use is up up up, even at “one-room rural outposts” which are then contrasted with the “spectacular” Seattle
    http://www.librarian.net/stax/2025/the-state-of-americas-libraries-from-ala-april-2007/    HOME


  • hi lysander,

    if you wish to keep the self-protection feature enabled, you need to set your anti-virus to exclude the c:program filesagnitum folder and it's sub-directories from scanning. you will also need to do that in any disk defragmenter prog (like diskeeper) or any other legit. prog that may try to 'enhance' the outpost files...if you are using avg free i think this may not be an option, it is in the pro version. in that case you may need to disable the 'self protection' feature thru the 'tools' menu item.

    you may also need to exclude the C:Program FilesCommon FilesAgnitum Shared folder, as this is also protected.

    the new anti-leak features are responsible for flagging a process that tries to inject itself into memory. this is a seperate thing frrom the self protection.

    if you go into the application options and click the antileak button, you will get a display of your default 'global' antileak settings. these should normally be set to 'prompt' and the lower tick box for 'allow all listed...' should be un-ticked. if you are prompted during a legit. application you should be able to choose to allow it, which will add it to the exclusions in that same anti-leak control. if you select the exclusions tab in that control, it will list all the applications and by high-lighting the desired item, will show its exclusion settings, which can be modified there if an incorrect choice was made during the prompt by clicking the blue 'action' item to cycle thru the options, and you can decide to add/remove reporting of that event with the tick box on the same line.

    bit complex when you first set it up, but should work ok thereafter...

    any problems, holler here....

    edited:

    Hi manny, didn't men to step on your toes, saw you'd also been posting after i posted this, of course great minds thinks alike......


  • I have a family license and since installing V4 on my PC and that of my wife, both machines occasionally present a "post-it" information message that a file has attempted to modify Outpost but has been blocked. You have to be quick to read it as it is a transient panel and closes down spontaneously. The OS (Windows XP Home) continues to function and there no detectable consequences. Two accused files that I can recall are avgw.exe (AVG Antivirus is on both machines) and ieexplore.exe. This issue has been reported to Support but I wondered if anyone else has encountered the problem and figured out what it all means?

    Hi lysander,

    Welcome to the forum.

    The pop ups are due to the implementation of a new feature, Self-Protection mechanism in Outpost 4.0.

    In http://www.agnitum.com/products/outpost/whatsnew40.php

    Self-protection

    Outpost Firewall Pro now includes a self-protection mode that acts as a defense shield around the program to prevent the firewall from being deactivated by viruses, Trojans or spyware. Even attempts to shut down the firewall by simulating keystrokes are detected and stopped. Outpost continuously monitors its own files on the hard drive, as well as registry entries, memory status and running services, and blocks any attempted changes by malicious applications. You can turn this self-protection mode off and on to permit the installation of new plug-ins and other configuration adjustments.

    AVG Antivirus is a legitimate program and it is normal behaviour for AVG to preform its task when it want to inject dll into another running process, in this case Outpost Firewall. Since Outpost has a self-protection mechanism, you will receive an alert as if some malware is trying to modify or shut down Outpost. It is normal behaviour in Outpost 4.0.


  • Thanks Wayne. Something else I broke on my PC. I don't have an aupdate.0 and my update menu is grayed out. I should quit doing things like this.


  • Oh, I agree with Wayne.

    Leaving that option ticked basically turns off AntiLeak for your networked applications. It makes the firewall easier to use if you leave it ticked and allows all networked applications (ie, those you have rules for) to perform all those listed actions. It's probably safe since presumably you trust those apps anyway. But wanting to control what my PC does makes me untick that option.

    It does mean more pops up that you have to answer but you gain more control. Leaving it ticked still protects you from apps that don't have rules. It's not a bad way to go as this will protect you from tricky malware that use these indirect "leaky" techniques and don't attempt a direct network connection.

    Mine is unticked. I didn't write about it before because I was sleepy and wanted to go to bed.

    Hey Wayne, anytime, this is a good way to see others thoughts on the same subject. Don't ever worry about it - as they say somewhere - Just do it! By the way are you sure about C:Program FilesCommon FilesAgnitum Shared folder being protected. I just went there and renamed the ini file with self protection on but I can't do that in the OP folder. Is my system messing up again?


  • The self protection feature stops any programs from changing Outposts files. This self protection is all or nothing. Either you allow changes or you don't. There are some legitimate reasons for making changes to OP files. For example, defragmentation is not allowed by self protection either. You are right in that these programs are blocked from doing their jobs but only for the OP folder.

    Perhaps future versions will allow for exceptions. For right now it's off or on.

    I'm not sure if your version of AVG has an exclusion list. If it does, then put the OP folder so AVG won't scan it. An AV scan isn't needed since OP protects itself. Your choices now are to either ignore the popup or turn self protection off.


  • By the way are you sure about C:Program FilesCommon FilesAgnitum Shared folder being protected. I just went there and renamed the ini file with self protection on but I can't do that in the OP folder. Is my system messing up again?


    hi manny,

    went in there & opened aupdate.0 in my notepad app, instantly got the popup warning when i tried to save a change (see attached). i note that after the 1st warning on the file, subsequent attempts on the same file do not cause a warning, tho the file stays protected from editing. leaving the folder & return & again the 1st attempt on a file gives a popup warning. attempts to add a new text file, or rename an existing file give me 'access denied'.


  • Forgive me if I am lacking in the right kind of knowledge here. However, if AVG as a legitimate program is (legitimately) trying to "inject dll into another running process", then it must need to do so. The flashed-up message tells me that avgw.exe has been prevented from modifying Outpost files. There is a contradiction within your answer. Either a legitimate program needs to modify Outpost files and it should therefore be allowed, not blocked and if it is blocked, surely the "accused" program is itself going to be prevented from fully functioning if it is so blocked?


  • Thanks for both those explanations. FYI I have AVG Pro and (Manny) had already added the Outpost folder to exclusions - picked that up from Agnitum site when trying to figure this out on my own before discovering this forum. The only other action that I found unaligned with your advised options (Wayne) was to untick the "allow all listed" option. I have now done that though right now I confess that I do not totally understand what are the practical ramifications!

    Thank you once more for your help.





    • Where's The Advantage In Windows Genuine Advantage?
    Stocks Bounce After S&P Joins Bear Market
    PRINT Add to favorites
    #If you have any other info about this subject , Please add it free.#
    Your name:
    E-mail:
    Telphone:

    Your comments:


    If you have any other info about Outpost reporting/blocking changes , Please add it free.
  • growth profit and margin
  • what does this question mean
  • the question that i have is from a homework assignment it says find a professional technical document such as
  • sms culture is affecting language skills of students give points in support
  • is it just me or is this a trick question
  • what is solanine
  • can anyone help
  • how would i graph y 2 3 3
  • what is the most important factor in trying to solve the internal and external threats
  • is the size of the eye of a hurricane proportional to its intensity
  • engineering research project pls help
  • can two hurricanes collide together
  • how has technology changed todays society
  • how to start an introduction in my term paper about age alcoholism
  • state and explain why the following are true or false
  • where do sharks go during a hurricane
  • wat is the most important factor in trying to solve the internal and external threats
  • big help needed please
  • why didn 039 t everyone leave the texas coast when they heard the storm was coming
  • how do you compare imagery in poems
  • help needed urgently sherlock holmes essay
  • please help me with my upcoming debate
  • are there any books about what would happen if the icebergs melt
  • help with science home work
  • i am looking at the weather forecast for ibiza and some of the days says t showers what does this mean
  • what happens inside the volcano during its eruption
  • how do u change 5 1 2 into a whole number
    •  Homepage | Add to favorites | Contact us | Exchange links | LOGIN | Site map | 
    Copyright© 2008 polala.com        Site made:CFZ