Have installed 1.78 test 8. Running without issues so far.
Last edited:
NoVirusThanks OSArmor
- Thread starter Evjl's Rain
- Start date
- Aug 23, 2012
- 293
Here is a pre-release test 10 version of OSArmor PERSONAL v1.7.8:
Now when new signers are found while scanning for Trusted Vendors, the Configurator will show a new window showing which are the new signers added:
Code:
https://downloads.osarmor.com/osarmor-personal-1-7-8-setup-test10.exeNow when new signers are found while scanning for Trusted Vendors, the Configurator will show a new window showing which are the new signers added:
When I tried to open Softmaker Free Office, TextMaker help section, it was blocked by OSA. I had to make an exclusion. I have 1.78 test 10
Parent: [11208]C:\Program Files (x86)\SoftMaker FreeOffice 2021\TextMaker.exe
Parent Process Size: 24,3 MB (25 478 696 bytes)
Rule: AntiExploitProtectOfficeApplications
Parent: [11208]C:\Program Files (x86)\SoftMaker FreeOffice 2021\TextMaker.exe
Parent Process Size: 24,3 MB (25 478 696 bytes)
Rule: AntiExploitProtectOfficeApplications
Last edited:
- Apr 24, 2016
- 7,249
Here is a pre-release test 14 version of OSArmor PERSONAL v1.7.8:
www.wilderssecurity.com
You can install it "over-the-top" of the installed version, reboot is not needed.
Let me know if you find issues or FPs.
Here is what's new compared to previous test build:
+ Improved management of rules on Protections tab
+ Improved support for high-DPI
+ Fixed all reported false positives
+ Fixed search of rules when mouse cursor is moved below the searchbar
+ Minor improvements
Here is a screenshot of the new Protections tab:
NoVirusThanks OSArmor: An Additional Layer of Defense
Here is a pre-release test 14 version of OSArmor PERSONAL v1.7.8: https://downloads.osarmor.com/osarmor-personal-1-7-8-setup-test14.exe You can...
www.wilderssecurity.com
I have installed the new version of SoftMaker FreeOffice over-the-top and OSA blocked the last part of the installation. I had to make an exclusion to resume the installation.
- Apr 24, 2016
- 7,249
Here is a pre-release test 16 version of OSArmor PERSONAL v1.7.8:
www.wilderssecurity.com
You can install it "over-the-top" of the installed version, reboot is not needed.
Let me know if you find issues or FPs.
Here is what's new compared to previous test build:
+ Font Segoe UI is now used on all UI elements
+ Show a notification if protection is disabled for more than 10 minutes
+ Fixed all reported false positives
+ Minor improvements
Here is a screenshot of the "protection disabled" notification:
The notification works only for the Protection -> Disable Protection, not for Disable Temporarily.
The notification will not auto-close, you can close it with the X button on top-right or by clicking the button "Enable Protection".
NoVirusThanks OSArmor: An Additional Layer of Defense
Here is a pre-release test 14 version of OSArmor PERSONAL v1.7.8: https://downloads.osarmor.com/osarmor-personal-1-7-8-setup-test14.exe You can...
www.wilderssecurity.com
I have OSA on my PC set at medium protection. In the last 2 weeks, I got 18 alerts.
5 for unsigned process. Ex Hibit Uninstaller, LibreWolf.
1 for .msc scripts outside system folder.
1 for expired certificate.
1 for invalid certificate.
2 to prevent important system modifications: false positives for F-Secure that were corrected
3 for blocked signers not present in Trusted Vendors: Q-Dir.
1 to protect office applications with anti-exploit module: SoftMaker FreeOffice.
4 to block execution of suspicious command-lines strings: SoftMaker FreeOffice
My take:I have checked everything in the Digital Code Signature: 7 alerts; 5 alerts For Softmaker which is in the Trusted vendors list ??
I think I'll go back to basic protection. I did that!
5 for unsigned process. Ex Hibit Uninstaller, LibreWolf.
1 for .msc scripts outside system folder.
1 for expired certificate.
1 for invalid certificate.
2 to prevent important system modifications: false positives for F-Secure that were corrected
3 for blocked signers not present in Trusted Vendors: Q-Dir.
1 to protect office applications with anti-exploit module: SoftMaker FreeOffice.
4 to block execution of suspicious command-lines strings: SoftMaker FreeOffice
My take:I have checked everything in the Digital Code Signature: 7 alerts; 5 alerts For Softmaker which is in the Trusted vendors list ??
I think I'll go back to basic protection. I did that!
Last edited:
- Apr 24, 2016
- 7,249
Maybe you can use basic with with the following 4 additional protection options enabled:
Block signers not present in Trusted Vendors
Block processes signed with an expired certificate
Block unsigned processes on user space
Block execution of unsigned MSI installers ---> This is enabled by default on Basic Protection profile from OSArmor v1.7.7
Like in the video by @NoVirusThanks posted here:
NoVirusThanks OSArmor
We've released OSArmor v1.7.7: https://www.osarmor.com/download/ Here is the changelog: [23-Jul-2022] v1.7.7.0 + Merged some user-selectable protection options + Improved internal rules to block suspicious behaviors + Removed Block execution of popular web browsers + Improved detection of...
malwaretips.com
- Aug 23, 2012
- 293
We've released OSArmor v1.7.8:
Here is the changelog:
If you have automatic updates enabled then OSArmor should auto-update in the next hours.
Else you can install it "over-the-top" of the installed version, reboot is not needed.
If you find false positives or issues please let me know.
@Back3
Regarding these alerts:
5 for unsigned process. Ex Hibit Uninstaller, LibreWolf.
3 for blocked signers not present in Trusted Vendors: Q-Dir.
1 for expired certificate.
1 for invalid certificate.
Based on the options you enabled, you should make sure to use only apps that are digitally signed.
And you may need to add new signers to the Trusted Vendors list if you use apps signed by a signer/vendor that is not present in the list.
Regarding the expired or invalid certificate, these issues should be addressed by the application developer.
The other reported FPs have all been fixed on the latest version 1.7.8 (final release).
Thank you a lot for reporting them.
Download OSArmor for Windows 7, 8, 10, 11 (32 & 64-bit) | OSArmor
Download the setup file for OSArmor Personal, Business and Enterprise version for Windows 7, 8, 10, 11 (32 & 64-bit). All executable files are digitally signed and free from adware.
www.osarmor.com
Here is the changelog:
If you have automatic updates enabled then OSArmor should auto-update in the next hours.
Else you can install it "over-the-top" of the installed version, reboot is not needed.
If you find false positives or issues please let me know.
@Back3
Regarding these alerts:
5 for unsigned process. Ex Hibit Uninstaller, LibreWolf.
3 for blocked signers not present in Trusted Vendors: Q-Dir.
1 for expired certificate.
1 for invalid certificate.
Based on the options you enabled, you should make sure to use only apps that are digitally signed.
And you may need to add new signers to the Trusted Vendors list if you use apps signed by a signer/vendor that is not present in the list.
Regarding the expired or invalid certificate, these issues should be addressed by the application developer.
The other reported FPs have all been fixed on the latest version 1.7.8 (final release).
Thank you a lot for reporting them.
- Apr 24, 2016
- 7,249
Here is a pre-release test 1 version of OSArmor PERSONAL v1.7.9:
www.wilderssecurity.com
NoVirusThanks OSArmor: An Additional Layer of Defense
Wouldn't it be better to add the process to Exclusions? As long as OSA is disabled it doesn't protect you. No. #3894 The above command uses system...
www.wilderssecurity.com
- Aug 23, 2012
- 293
We've released OSArmor v1.7.9:
Here is the changelog:
If you have automatic updates enabled then OSArmor should auto-update in the next hours.
Else you can install it "over-the-top" of the installed version, reboot is not needed.
* If you used test builds you should manually update to this final version (install over-the-top is fine).
If you find false positives or issues please let me know.
Download OSArmor for Windows 7, 8, 10, 11 (32 & 64-bit) | OSArmor
Download the setup file for OSArmor Personal, Business and Enterprise version for Windows 7, 8, 10, 11 (32 & 64-bit). All executable files are digitally signed and free from adware.
www.osarmor.com
Here is the changelog:
If you have automatic updates enabled then OSArmor should auto-update in the next hours.
Else you can install it "over-the-top" of the installed version, reboot is not needed.
* If you used test builds you should manually update to this final version (install over-the-top is fine).
If you find false positives or issues please let me know.
I tried to install the 64 version of peazip 8.80. I made 2 exclusions for it, but couldn't install it. Not only that, but I had to disable OSA to be able to complete the installation.
Sent you the log files.
Sent you the log files.
Last edited:
- Aug 23, 2012
- 293
@Back3
I tried to install Peazip 8.80 with Basic Protection enabled and no alerts here.
But since it is unsigned (both the setup file and the .tmp setup file) with Extreme Protection I got these alerts:
//Edit
I see you have the option to block unsigned processes on user space enabled (checked the PM).
Unfortunately we can't do much about these alerts because Peazip is unsigned (both the .exe setup file and the .tmp setup file).
In these cases you may need to disable OSA temporarily (you can use right click on tray icon -> Protection -> Disable Temporarily -> 10 Minutes) before installing the unsigned application or you may find alternatives that are signed.
I tried to install Peazip 8.80 with Basic Protection enabled and no alerts here.
But since it is unsigned (both the setup file and the .tmp setup file) with Extreme Protection I got these alerts:
Code:
Date/Time: 8/21/2022 4:47:57 AM
Process: [7172]C:\Users\Dev\AppData\Local\Temp\is-68BA3.tmp\peazip-8.8.0.WIN64(1).tmp
Process Size: 1.15 MB (1,209,856 bytes)
Process MD5 Hash: 889C8EF91AC310544D1539AC3CDC0F07
Parent: [6524]C:\Users\Dev\Desktop\peazip-8.8.0.WIN64(1).exe
Parent Process Size: 9.15 MB (9,591,996 bytes)
Rule: BlockUnsignedProcessesAppDataLocal
Rule Name: Block execution of unsigned processes on Local AppData
Command Line: "C:\Users\Dev\AppData\Local\Temp\is-68BA3.tmp\peazip-8.8.0.WIN64(1).tmp" /SL5="$7031A,9122534,151552,C:\Users\Dev\Desktop\peazip-8.8.0.WIN64(1).exe" /SPAWNWND=$702F0 /NOTIFYWND=$702D2
Signer: <NULL>
Parent Signer: <NULL>
User/Domain: XXX/XXX
System File: False
Parent System File: False
Integrity Level: High
Parent Integrity Level: High
Date/Time: 8/21/2022 4:47:53 AM
Process: [7680]C:\Users\Dev\Desktop\peazip-8.8.0.WIN64(1).exe
Process Size: 9.15 MB (9,591,996 bytes)
Process MD5 Hash: BDECB3A0F57D652BE39014FEF26B875E
Parent: [4412]C:\Windows\explorer.exe
Parent Process Size: 4.8 MB (5,028,992 bytes)
Rule: BlockUnsignedProcessesOnDesktop
Rule Name: Block execution of unsigned processes on Desktop folder
Command Line: "C:\Users\Dev\Desktop\peazip-8.8.0.WIN64(1).exe"
Signer: <NULL>
Parent Signer: Microsoft Windows
User/Domain: XXX/XXX
System File: False
Parent System File: True
Integrity Level: Medium
Parent Integrity Level: Medium//Edit
I see you have the option to block unsigned processes on user space enabled (checked the PM).
Unfortunately we can't do much about these alerts because Peazip is unsigned (both the .exe setup file and the .tmp setup file).
In these cases you may need to disable OSA temporarily (you can use right click on tray icon -> Protection -> Disable Temporarily -> 10 Minutes) before installing the unsigned application or you may find alternatives that are signed.
This week, I set OSA with Basic protection. I only added the option to block unsigned processes on user space. Got one alert in the whole week. I like it that way, as an add-on to my antivirus.
- Apr 24, 2016
- 7,249
Here is a pre-release test 1 version of OSArmor PERSONAL v1.8.0:
www.wilderssecurity.com
NoVirusThanks OSArmor: An Additional Layer of Defense
Hmmm. Disabled OSA in order to install latest Sandboxie and neglected to enable protection. Come to find the reminder is once again at the upper left...
www.wilderssecurity.com
I'm using this program in the 30 day free trial, but honestly, I'm really enjoying it. If it continues like this, I will buy it at the end of the test.
- Apr 24, 2016
- 7,249
Here is a pre-release test 2 version of OSArmor PERSONAL v1.8.0:
www.wilderssecurity.com
NoVirusThanks OSArmor: An Additional Layer of Defense
Hmmm. Disabled OSA in order to install latest Sandboxie and neglected to enable protection. Come to find the reminder is once again at the upper left...
www.wilderssecurity.com
Have installed OSA 1.80 test 8: no problem here. The notification issue seems to be fixed.
Similar threads
