Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
NoVirusThanks OSArmor
Message
<blockquote data-quote="NoVirusThanks" data-source="post: 997704" data-attributes="member: 68429"><p>Here is a pre-release test 1 version of OSArmor PERSONAL v1.7.8:</p><p></p><p>[code]</p><p>https://downloads.osarmor.com/osarmor-personal-1-7-8-setup-test1.exe</p><p>[/code]</p><p></p><p>You can install it "over-the-top" of the installed version, reboot is not needed.</p><p></p><p>Let me know if you find issues or FPs.</p><p></p><p>This is the changelog so far:</p><p></p><p></p><p></p><p>The new Windows Terminal app can be abused to proxy execution of other processes:</p><p></p><p>[MEDIA=twitter]1552805567076483077[/MEDIA]</p><p></p><p>May be used soon on Qakbot or maldocs so if you don't use it you may want to block it with the new OSA option.</p><p></p><p>[USER=79310]@Back3[/USER]</p><p></p><p>The export option will only export settings and protections (it is an INI file).</p><p></p><p>If you install OSA "over-the-top" of an already installed OSA version then the exclusions and custom rules are never overwritten.</p><p></p><p>If you uninstall OSA then it will ask you if you want to delete also all .db files and the log files (if you choose No then they will not be deleted).</p><p></p><p>A good recommendation when you export settings/protection would be to also backup manually the Exclusions.db and the CustomBlock.db file.</p><p></p><p>So in any case you can restore your OSA setup completely.</p><p></p><p>[USER=92939]@Shadowra[/USER]</p><p></p><p>Sure you can do that <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p></p><p>A few things to take into consideration:</p><p></p><p>- You may want to use OSA 1.7.8 and enable the new option "Do not cache similar notifications" on Configurator -> Settings</p><p> </p><p> This option will not cache the notification windows so you will always get an alert even when the same event is blocked after 1 second, else they are cached for a few seconds to avoid sending to the user too many similar notifications (the event is always blocked and logged to the .log file).</p><p></p><p>- You may want to test the Extreme Protection and/or the Basic Protection with the 4 additional options enabled since you will test also the execution of .exe files directly.</p><p> </p><p>- Processes/scripts blocked by OSA are not deleted, so if you scan the system with an AV at the end of the test it will find the malware remnants in the disk and simply remove them.</p><p></p><p> They are innocuous since they failed to execute in the system because they were blocked by OSA.</p></blockquote><p></p>
[QUOTE="NoVirusThanks, post: 997704, member: 68429"] Here is a pre-release test 1 version of OSArmor PERSONAL v1.7.8: [code] https://downloads.osarmor.com/osarmor-personal-1-7-8-setup-test1.exe [/code] You can install it "over-the-top" of the installed version, reboot is not needed. Let me know if you find issues or FPs. This is the changelog so far: The new Windows Terminal app can be abused to proxy execution of other processes: [MEDIA=twitter]1552805567076483077[/MEDIA] May be used soon on Qakbot or maldocs so if you don't use it you may want to block it with the new OSA option. [USER=79310]@Back3[/USER] The export option will only export settings and protections (it is an INI file). If you install OSA "over-the-top" of an already installed OSA version then the exclusions and custom rules are never overwritten. If you uninstall OSA then it will ask you if you want to delete also all .db files and the log files (if you choose No then they will not be deleted). A good recommendation when you export settings/protection would be to also backup manually the Exclusions.db and the CustomBlock.db file. So in any case you can restore your OSA setup completely. [USER=92939]@Shadowra[/USER] Sure you can do that :) A few things to take into consideration: - You may want to use OSA 1.7.8 and enable the new option "Do not cache similar notifications" on Configurator -> Settings This option will not cache the notification windows so you will always get an alert even when the same event is blocked after 1 second, else they are cached for a few seconds to avoid sending to the user too many similar notifications (the event is always blocked and logged to the .log file). - You may want to test the Extreme Protection and/or the Basic Protection with the 4 additional options enabled since you will test also the execution of .exe files directly. - Processes/scripts blocked by OSA are not deleted, so if you scan the system with an AV at the end of the test it will find the malware remnants in the disk and simply remove them. They are innocuous since they failed to execute in the system because they were blocked by OSA. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
