NoVirusThanks OSArmor

RoboMan

Level 35
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,487

RoboMan

Level 35
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,487
Has anyone noticed degraded computer performance with OSA on win 10 1809?
I actually have noticed random slowdowns in file execution and reading, and sometimes where my FPS drop in-games or suddenly I'm using Word and I have to open Task Manager because it seems I'm using 100% CPU. I was blaming Kaspersky to be honest, but OSA is giving you trouble?
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
I actually have noticed random slowdowns in file execution and reading, and sometimes where my FPS drop in-games or suddenly I'm using Word and I have to open Task Manager because it seems I'm using 100% CPU. I was blaming Kaspersky to be honest, but OSA is giving you trouble?
It might have been system-specific, but everything seemed to move a little slower.
 

MeltdownEnemy

Level 7
Verified
Well-known
Jan 25, 2018
300
No Virus Thanks making problems with the Malwarebytes Antiexploit autoupdate installation, when MBAE try to put setup decompressed fragments on temp files to complete Iinstallation:
Process: [6100]C:\Users\*yourname*\AppData\Local\Temp\is-EB4G3.tmp\mbae-setup-1.12.1.139.tmp
Process MD5 Hash: A2C4D52C66B4B399FACADB8CC8386745
Rule: BlockUnsignedProcessesAppDataLocal
Rule Name: Block execution of unsigned processes on Local AppData
Command Line: "C:\Users\*yourname*\AppData\Local\Temp\is-EB4G3.tmp\mbae-setup-1.12.1.139.tmp" /SL5="$4E03BA,1720762,56832,C:\Users\*yourname*\Downloads\mbae-setup-1.12.1.139.exe"
Signer:
Parent Signer: Malwarebytes Corporation
System File: False
Parent System File: False
Integrity Level: Medium
Parent Integrity Level: Medium
It forces me to download MBAE installer from forum & disabling nvtoa protection to install manually, is the onlyway, because malwarebytes is not recognized or it not appears in NVTOA whitelist. It has been the same problem since its development. ¿what should I do?
 
  • Like
Reactions: oldschool

Stas

Level 10
Verified
Well-known
Feb 21, 2015
456
No Virus Thanks making problems with the Malwarebytes Antiexploit autoupdate installation, when MBAE try to put setup decompressed fragments on temp files to complete Iinstallation:

It forces me to download MBAE installer from forum & disabling nvtoa protection to install manually, is the onlyway, because malwarebytes is not recognized or it not appears in NVTOA whitelist. It has been the same problem since its development. ¿what should I do?
You can disable rule "Block execution of unsigned processes on Local AppData" or continue to do manual update.
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
293
Here is a new v1.4.2 (pre-release) test1:
https://downloads.novirusthanks.org/files/osarmor_setup_v1.4.2_beta_build1.exe

*** Please do not share the download link, we will delete it when we'll release the official v1.4.2 ***

So far this is what's new compared to the previous pre-release:

+ Added option to password-protect power options (all options in the right-mouse-button in the system tray icon)
+ Fixed some false positives
+ Improved internal rules to block suspicious process activities
+ Improved internal rules to block new LOLBins
+ Minor improvements

To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.

Let me know if you find any issue or FPs with this new beta build.
 

Stas

Level 10
Verified
Well-known
Feb 21, 2015
456
After updating to v1.4.2 all options in the right-mouse-button in the system tray icon was password protected but I did not create new password :eek: I run OSArmorDevCfg.exe select password column and saw password-protect power options was unticked and no password saved :emoji_fearful: After saving new password I was able to unlock all options in the system tray icon :emoji_v:
 
  • Like
Reactions: oldschool

plat

Level 29
Top Poster
Sep 13, 2018
1,793
^^You successfully made a password? I'm envious, I just hit "cancel." Anyway, darn it, the same issue I reported in the previous build is still present. If I check "block execution of Microsoft Edge" in Advanced tab, Edge opens anyway and the "blocked" window then shows up after the fact. OSArmor then successfully blocks Edge the next time/s you try to open it. I wish I could fully trust this great software, but at this time, I can't. Unless, you're supposed to restart the machine to save the changes? I didn't try that, but it would seem that wouldn't be necessary. Anyone? Again, I made a GIF to show you.

bandicam20181217095019616.gif
 

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
Here is a new v1.4.2 (pre-release) test1:
https://downloads.novirusthanks.org/files/osarmor_setup_v1.4.2_beta_build1.exe

*** Please do not share the download link, we will delete it when we'll release the official v1.4.2 ***

So far this is what's new compared to the previous pre-release:

+ Added option to password-protect power options (all options in the right-mouse-button in the system tray icon)
+ Fixed some false positives
+ Improved internal rules to block suspicious process activities
+ Improved internal rules to block new LOLBins
+ Minor improvements

To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.

Let me know if you find any issue or FPs with this new beta build.
Any chance to get brave browser support for anti-exploit
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
293
Here is a new v1.4.2 (pre-release) test2:
https://downloads.novirusthanks.org/files/osarmor_setup_v1.4.2_beta_build2.exe

*** Please do not share the download link, we will delete it when we'll release the official v1.4.2 ***

So far this is what's new compared to the previous pre-release:

+ Fixed: Right after installation a password is needed to open the GUI but i haven't set any password yet and i don't know the "current" password
+ Fixed: On main GUI, if I click on File -> Exit GUI and "Password Protect Power Options" is checked, I am asked for the pass
+ Fixed: When I close and re-open the Configurator, the loaded password is not correct
+ Added a button "Show/Hide Chars" in the Configurator -> Password tab
+ Added a button "Show/Hide Chars" in the password-prompt dialog
+ Do not show the password-prompt if the main form is showing
+ Improved internal rules to block suspicious process activities
+ Improved password protection logic in GUI

To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.

Let me know if you find any issue or FPs with this new beta build.

osa.png


@Moonhorse

Will check it.

@plat1098

Will try to reproduce it on these days.
 

128BPM

Level 2
Verified
Feb 21, 2018
90
@NoVirusThanks ,


This happens when I restore the system:


Date/Time: 04/12/2018 10:34:07 a.m.
Process: [3280]C:\Windows\System32\rstrui.exe
Process MD5 Hash: 989CE82781C5C9DF1D46A2E70A1BDB9C
Parent: [3220]C:\Windows\System32\rstrui.exe
Rule: BlockTricksToRunUACBypassSystemProcesses
Rule Name: Block "tricks" used to run UAC-bypass system processes
Command Line: "C:\Windows\system32\rstrui.exe" /RUNONCELAUNCH
Signer:
Parent Signer:
User/Domain: PC/PC
System File: True
Parent System File: True
Integrity Level: High
Parent Integrity Level: High



Thanks
 
  • Like
Reactions: NoVirusThanks

jrw666

Level 2
Verified
Oct 24, 2016
67
Sorry if it's been discussed before, but it's a long thread....
But do you have to update OSA manually? Mine never updates to the latest version.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top