Anyone using Comodo Firewall Pro?

(1/2) > >>

SaraMK:
I have a game that I registered using a *coughkeygencough* and for some reason it repeatedly tries to hijack my web browser. I don't think this is the *coughkeygencough*'s fault, since none of the other games do this.

It doesn't do anything if I'm just playing the game. But, if I start a web browser while the game is running, and then go to any website, I get a popup saying that the game has "modified the memory of iexplorer.exe in memory." It does the same thing to Firefox.

I deny this action, which causes the website to not load. Then I can't load any websites until I restart my web browser. After restarting my web browser everything works fine and it doesn't try to hijack it again... for a while, anyway.

Is this game trying to get me busted? Or is the firewall acting crazy? What does that message mean, anyway?

jrd:
Sounds like spyware antics to me. When is the last time you did a deep scan of your system for malware?

No program should ever be allowed to modify the memory of a third-party program. This is exactly how trojan horses work: they attach themselves to a legit process like a web browser, and do their damage in the background.

Might be the game, or the keygen.

J. M. Pescado:
Quote from: Jordi on 2007 July 11, 08:05:55

No program should ever be allowed to modify the memory of a third-party program. This is exactly how trojan horses work: they attach themselves to a legit process like a web browser, and do their damage in the background.
This is not entirely true: There are legitimate reasons for why a program would modify the memory of another program: Debuggers, cheat programs, and even some forms of cracks and hiding software all have legitimate reasons for why they would modify the memory or executable space of a third-party program.

Most likely, however, in this case, the behavior is that of Evil Spywares.

morriganrant:
I had my browser doing something similar for awhile although not using the game as an excuse. It was then that i realized that my boyfriend looks at porn and doesn't run the virus scan or ad-aware afterward. I don't care if he looks at pron but he will not infect my computer by his own stupidity! I now badger him to run them after such use and run them twice a week anyway.

Paperbladder:
I use CPF 3.0.2.5 Alpha (it's still somewhat unstable and you have to sign up to get it), and this is what pops up whenever I get a global hook.



I've noticed that CPF 2.4 displays some really odd messages when it comes to web browsers saying something like "Photoshop wants to inject a hook into Firefox" or "Some setup program wants to inject a hook into Firefox".  Like you said, if you deny these then it'll prevent your browser from connecting to anything.  This is one of the reasons I stopped using it.

Navigation

[0] Message Index

[#] Next page