NoVirusThanks OSArmor

plat

Level 29
Top Poster
Sep 13, 2018
1,793
The last build test6 still has the Access Violation issue--after you select another profile when you've selected an initial one.


So, we should wait for another build--hopefully soon.
 

Mops21

Level 36
Verified
Honorary Member
Content Creator
Oct 25, 2014
2,503
Here is a pre-release test 7 version of OSArmor PERSONAL v1.7.2:

Code:

+ Enabled more protection options on Extreme Protection profile
+ Fixed AV issue when selecting protection profiles on Configurator GUI

Let me know if you find issues or FPs.

@plat1098 @wat0114

The AV issue when selecting protection profile should be fixed now.

Also: a little question: how come the UAC dialog box comes to the desktop if you click "Open Configurator" from the main UI but only makes to the taskbar if you click that option via the right click menu on the tray icon? Anyone else notice that? Just a little thing but thought I would mention off-hand.
Will take a look at that, thanks for reporting it.
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420
We've released OSArmor v1.7.2:

Download OSArmor for Windows 7, 8, 10, 11 (32 & 64-bit) | OSArmor

Here is the changelog:

[28-Jun-2022] v1.7.2.0

+ Fixed all reported false positives
+ Added "Protection Options" button on Configurator GUI
+ Added new internal rules to block suspicious behaviors
+ Block execution of curl is now enabled on Basic Protection profile
+ Enabled more protection options on Extreme Protection profile
+ Improved blocking of processes with fake file extension
+ Improved many internal rules to block suspicious behaviors
+ Updated NVT License Manager with latest version
+ Minor improvements
If you find false positives or issues please let me know.

Users that are using previous test builds of 1.7.2 should manually update to this new final version (download setup file and install-over-the-top).
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420
We've released OSArmor v1.7.3:
Download OSArmor for Windows 7, 8, 10, 11 (32 & 64-bit) | OSArmor

Here is the changelog:

[01-Jul-2022] v1.7.3.0

+ Fixed display of UAC dialog from OSArmor UI trayicon popup menu

If you find false positives or issues please let me know.
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420
We've released OSArmor v1.7.4:
Download OSArmor for Windows 7, 8, 10, 11 (32 & 64-bit) | OSArmor

Here is the changelog:

[01-Jul-2022] v1.7.4.0

+ Improved internal rules to block suspicious behaviors
Just a very quick update, improved an internal rule to block suspicious behaviors (thanks @plat1098).

If you find false positives or issues please let me know.
 

plat

Level 29
Top Poster
Sep 13, 2018
1,793
Two version build updates in a single day. Quite a nice performance.

This was concerning an internal block rule involving msdt.exe that was found outside the parameters of Microsoft Office applications. If anyone knows an admin. on the MajorGeeks site, maybe it would be nice to ask whether wushowhide.diagcab should still be available on the site--considering msdt can be abused in the wild. :unsure: :coffee:
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420
Here is a pre-release test 1 version of OSArmor PERSONAL v1.7.5:

Let me know if you find issues or FPs.

You can install it "over-the-top" of the installed version, reboot is not needed.

Here is the changelog so far:

+ Fixed showing of password prompt when OSArmorUI.exe is executed
+ Added new internal rules to block suspicious behaviors
+ Minor improvements
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
293
Here is a pre-release test 5 version of OSArmor PERSONAL v1.7.5:

Code:
https://downloads.osarmor.com/osarmor-personal-1-7-5-setup-test5.exe

Let me know if you find issues or FPs.

You can install it "over-the-top" of the installed version, reboot is not needed.

Here is the changelog so far:

+ Fixed showing of password prompt when OSArmorDevUI.exe is executed
+ Added new internal rules to block suspicious behaviors
+ Merged some user-selectable protection options
+ Digital Code Signature rules are now applied also to MSI files
+ Minor improvements

OSA can now apply Digital Code Signature rules to MSI installers, here is an example blocking Magniber MSI malware sample signed:

Magniber_Signed.png


Rule triggered is "Block signers not present in Trusted Vendors".

Another good rule that should be enabled is blocking of unsigned MSI installers, it can block unsigned Magniber MSI installers:

Magniber_Unsigned.png
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420
Here is a pre-release test 6 version of OSArmor PERSONAL v1.7.5:

Let me know if you find issues or FPs.

You can install it "over-the-top" of the installed version, reboot is not needed.

@JOHNoff

Thanks for reporting it, the issue was that the popup menu in the tray icon was not matching the protection status in some occasions.

I uploaded the above new test build that should fix the issue, you can install it "over-the-top".

Let me know if you notice again this issue after a reboot or shutdown.
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
293
We've released OSArmor v1.7.5:

Here is the changelog:

[15-Jul-2022] v1.7.5.0

+ Fixed showing of password prompt when OSArmorDevUI.exe is executed
+ Added new internal rules to block suspicious behaviors
+ Merged some user-selectable protection options
+ Digital Code Signature rules are now applied also to MSI files
+ Fixed saving of protection status on tray icon popup menu
+ Added more signers to Trusted Vendors list
+ Minor improvements

If you have automatic updates enabled then OSArmor should auto-update in the next hours.

Else you can install it "over-the-top" of the installed version, reboot is not needed.

*** If you are running the test builds you need to manually update to this final version.

If you find false positives or issues please let me know.
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,420
We've released OSArmor v1.7.6:
Download OSArmor for Windows 7, 8, 10, 11 (32 & 64-bit) | OSArmor

Here is the changelog:

[17-Jul-2022] v1.7.6.0

+ Improved internal rules to block suspicious behaviors
+ Added more signers to Trusted Vendors list
+ Minor improvements
If you have automatic updates enabled then OSArmor should auto-update in the next hours.

Else you can install it "over-the-top" of the installed version, reboot is not needed.

If you find false positives or issues please let me know.
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
293
Here is a new video of OSArmor:

Testing OSArmor with Magniber, Maldocs, Qbot, IceID, Bumblebee



In this video we test NoVirusThanks OSArmor with some recent malware samples from the past 2 or 3 months (May-July 2022). We test various malware families (Magniber, Qbot, Bumblebee, IceID, AgentTesla, etc) and file types (.exe, .msi, .iso, .img, .lnk, .html, .cab, .chm, .doc, .xls, .ppt, .vbs, .wsf, .scr, .pif, .hta and more).

The duration is 25 minutes, is spoken in English and there are chapters for important sections.

Some particularly interesting parts are when testing LNK, IMG, ISO, MSI, EXE (signed) and HTML samples.

Hope you'll enjoy the video :)
:)
 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
@NoVirusThanks Does OSArmor change this registry key: HKLM\System\CurrentControlSet\Services\TcpIp6\Parameters ? Just curious. I was playing with the settings in the video and then reset all settings to default earlier today and now IPV6/Teredo isn't working properly. Just trying to chase down what caused the problem.
 

Harputlu

Level 5
Verified
Well-known
Dec 26, 2016
228
İşte OSArmor'un yeni bir videosu:

OSArmor'u Magniber, Maldocs, Qbot, IceID, Bumblebee ile Test Etme





Süre 25 dakikadır, İngilizce konuşulur ve önemli bölümler için bölümler vardır.

Bazı özellikle ilginç kısımlar, LNK, IMG, ISO, MSI, EXE (imzalı) ve HTML örneklerinin test edilmesidir.

Umarım videodan keyif alırsınız:)
:)

i want to buy the software. Can you give me any discount code?
 

wat0114

Level 13
Verified
Top Poster
Well-known
Apr 5, 2021
621
Here is a new video of OSArmor:

Testing OSArmor with Magniber, Maldocs, Qbot, IceID, Bumblebee

Hi Andreas,

thank you for the video demo of OSArmor against recent malware samples. You have proven once again what you don't actually need to prove; that is OSArmor has always worked as advertised with all the relevant protections enabled. You have gone above and beyond what most anti-malware providers have done with this video demo. Well done!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top