- Jun 24, 2016
- 2,485
Thank you for the update! Are we seeing any self-protection in the near time?
NoVirusThanks OSArmor
- Thread starter Evjl's Rain
- Start date
- Jun 20, 2011
- 1,005
thanks for the info about the official version of OSArmor 1.4.1.0
- Jul 3, 2015
- 8,153
Has anyone noticed degraded computer performance with OSA on win 10 1809?
- Jun 24, 2016
- 2,485
I actually have noticed random slowdowns in file execution and reading, and sometimes where my FPS drop in-games or suddenly I'm using Word and I have to open Task Manager because it seems I'm using 100% CPU. I was blaming Kaspersky to be honest, but OSA is giving you trouble?
- Jul 3, 2015
- 8,153
It might have been system-specific, but everything seemed to move a little slower.
- Jan 25, 2018
- 300
No Virus Thanks making problems with the Malwarebytes Antiexploit autoupdate installation, when MBAE try to put setup decompressed fragments on temp files to complete Iinstallation:
Process: [6100]C:\Users\*yourname*\AppData\Local\Temp\is-EB4G3.tmp\mbae-setup-1.12.1.139.tmp
Process MD5 Hash: A2C4D52C66B4B399FACADB8CC8386745
Rule: BlockUnsignedProcessesAppDataLocal
Rule Name: Block execution of unsigned processes on Local AppData
Command Line: "C:\Users\*yourname*\AppData\Local\Temp\is-EB4G3.tmp\mbae-setup-1.12.1.139.tmp" /SL5="$4E03BA,1720762,56832,C:\Users\*yourname*\Downloads\mbae-setup-1.12.1.139.exe"
Signer:
Parent Signer: Malwarebytes Corporation
System File: False
Parent System File: False
Integrity Level: Medium
Parent Integrity Level: Medium
It forces me to download MBAE installer from forum & disabling nvtoa protection to install manually, is the onlyway, because malwarebytes is not recognized or it not appears in NVTOA whitelist. It has been the same problem since its development. ¿what should I do?
Process: [6100]C:\Users\*yourname*\AppData\Local\Temp\is-EB4G3.tmp\mbae-setup-1.12.1.139.tmp
Process MD5 Hash: A2C4D52C66B4B399FACADB8CC8386745
Rule: BlockUnsignedProcessesAppDataLocal
Rule Name: Block execution of unsigned processes on Local AppData
Command Line: "C:\Users\*yourname*\AppData\Local\Temp\is-EB4G3.tmp\mbae-setup-1.12.1.139.tmp" /SL5="$4E03BA,1720762,56832,C:\Users\*yourname*\Downloads\mbae-setup-1.12.1.139.exe"
Signer:
Parent Signer: Malwarebytes Corporation
System File: False
Parent System File: False
Integrity Level: Medium
Parent Integrity Level: Medium
It forces me to download MBAE installer from forum & disabling nvtoa protection to install manually, is the onlyway, because malwarebytes is not recognized or it not appears in NVTOA whitelist. It has been the same problem since its development. ¿what should I do?
- Feb 21, 2015
- 456
You can disable rule "Block execution of unsigned processes on Local AppData" or continue to do manual update.
- Jan 25, 2018
- 300
I will follow every one of your steps. thank you my brother.
- Mar 29, 2018
- 7,613
I don't use it, but doesn't OSA let you create a rule for MBAE? @shmu26 makes custom rules in OSA so he should know.
Last edited:
Yes. Users can make exclusions rules either by adding it from the alert prompt you get when OsArmor blocks something or by manually entering the information in the ‘Manage Exclusions’ setting.
- Mar 29, 2018
- 7,613
- Aug 23, 2012
- 293
Here is a new v1.4.2 (pre-release) test1:
https://downloads.novirusthanks.org/files/osarmor_setup_v1.4.2_beta_build1.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4.2 ***
So far this is what's new compared to the previous pre-release:
+ Added option to password-protect power options (all options in the right-mouse-button in the system tray icon)
+ Fixed some false positives
+ Improved internal rules to block suspicious process activities
+ Improved internal rules to block new LOLBins
+ Minor improvements
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
Let me know if you find any issue or FPs with this new beta build.
https://downloads.novirusthanks.org/files/osarmor_setup_v1.4.2_beta_build1.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4.2 ***
So far this is what's new compared to the previous pre-release:
+ Added option to password-protect power options (all options in the right-mouse-button in the system tray icon)
+ Fixed some false positives
+ Improved internal rules to block suspicious process activities
+ Improved internal rules to block new LOLBins
+ Minor improvements
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
Let me know if you find any issue or FPs with this new beta build.
- Feb 21, 2015
- 456
After updating to v1.4.2 all options in the right-mouse-button in the system tray icon was password protected but I did not create new password I run OSArmorDevCfg.exe select password column and saw password-protect power options was unticked and no password saved :emoji_fearful: After saving new password I was able to unlock all options in the system tray icon :emoji_v:
I run OSArmorDevCfg.exe select password column and saw password-protect power options was unticked and no password saved :emoji_fearful: After saving new password I was able to unlock all options in the system tray icon :emoji_v:^^You successfully made a password? I'm envious, I just hit "cancel." Anyway, darn it, the same issue I reported in the previous build is still present. If I check "block execution of Microsoft Edge" in Advanced tab, Edge opens anyway and the "blocked" window then shows up after the fact. OSArmor then successfully blocks Edge the next time/s you try to open it. I wish I could fully trust this great software, but at this time, I can't. Unless, you're supposed to restart the machine to save the changes? I didn't try that, but it would seem that wouldn't be necessary. Anyone? Again, I made a GIF to show you.
- May 29, 2018
- 2,728
- Aug 23, 2012
- 293
Here is a new v1.4.2 (pre-release) test2:
https://downloads.novirusthanks.org/files/osarmor_setup_v1.4.2_beta_build2.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4.2 ***
So far this is what's new compared to the previous pre-release:
+ Fixed: Right after installation a password is needed to open the GUI but i haven't set any password yet and i don't know the "current" password
+ Fixed: On main GUI, if I click on File -> Exit GUI and "Password Protect Power Options" is checked, I am asked for the pass
+ Fixed: When I close and re-open the Configurator, the loaded password is not correct
+ Added a button "Show/Hide Chars" in the Configurator -> Password tab
+ Added a button "Show/Hide Chars" in the password-prompt dialog
+ Do not show the password-prompt if the main form is showing
+ Improved internal rules to block suspicious process activities
+ Improved password protection logic in GUI
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
Let me know if you find any issue or FPs with this new beta build.
@Moonhorse
Will check it.
@plat1098
Will try to reproduce it on these days.
https://downloads.novirusthanks.org/files/osarmor_setup_v1.4.2_beta_build2.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4.2 ***
So far this is what's new compared to the previous pre-release:
+ Fixed: Right after installation a password is needed to open the GUI but i haven't set any password yet and i don't know the "current" password
+ Fixed: On main GUI, if I click on File -> Exit GUI and "Password Protect Power Options" is checked, I am asked for the pass
+ Fixed: When I close and re-open the Configurator, the loaded password is not correct
+ Added a button "Show/Hide Chars" in the Configurator -> Password tab
+ Added a button "Show/Hide Chars" in the password-prompt dialog
+ Do not show the password-prompt if the main form is showing
+ Improved internal rules to block suspicious process activities
+ Improved password protection logic in GUI
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
Let me know if you find any issue or FPs with this new beta build.
@Moonhorse
Will check it.
@plat1098
Will try to reproduce it on these days.
@NoVirusThanks ,
This happens when I restore the system:
Date/Time: 04/12/2018 10:34:07 a.m.
Process: [3280]C:\Windows\System32\rstrui.exe
Process MD5 Hash: 989CE82781C5C9DF1D46A2E70A1BDB9C
Parent: [3220]C:\Windows\System32\rstrui.exe
Rule: BlockTricksToRunUACBypassSystemProcesses
Rule Name: Block "tricks" used to run UAC-bypass system processes
Command Line: "C:\Windows\system32\rstrui.exe" /RUNONCELAUNCH
Signer:
Parent Signer:
User/Domain: PC/PC
System File: True
Parent System File: True
Integrity Level: High
Parent Integrity Level: High
Thanks
This happens when I restore the system:
Date/Time: 04/12/2018 10:34:07 a.m.
Process: [3280]C:\Windows\System32\rstrui.exe
Process MD5 Hash: 989CE82781C5C9DF1D46A2E70A1BDB9C
Parent: [3220]C:\Windows\System32\rstrui.exe
Rule: BlockTricksToRunUACBypassSystemProcesses
Rule Name: Block "tricks" used to run UAC-bypass system processes
Command Line: "C:\Windows\system32\rstrui.exe" /RUNONCELAUNCH
Signer:
Parent Signer:
User/Domain: PC/PC
System File: True
Parent System File: True
Integrity Level: High
Parent Integrity Level: High
Thanks
Sorry if it's been discussed before, but it's a long thread....
But do you have to update OSA manually? Mine never updates to the latest version.
But do you have to update OSA manually? Mine never updates to the latest version.
Similar threads
