NoVirusThanks OSArmor: An Additional Layer of Defense

Screenshot from my Vista (first version) - two processes

and from latest build - one process...what was heppende with OSArmorDevSvc.exe?...now it's not presented


Second question - is this new build? It's still as 1.0.0.0 (15 December 2017).

 

Could you please add an option to terminate suspicious process?

 

Download it again from the website, there was an update of the installer some hours ago #40
The digital timestamp of the service OSArmorDevSvc.exe : 18 December 2017
OSArmorDevUI.exe / OSArmorDevCfg.exe: 17 December 2017

 

@ichito

Strange, can you try to uninstall and reinstall from:
http://www.novirusthanks.org/products/osarmor/

The new build is always v1.0 but from 18 December:

File: osarmor_setup.exe
File size: 1,87 MB (1.960.400 bytes)
MD5 checksum: 712D6263737C73DF1877362CF453C91A
SHA1 checksum: AC24F22E839C08893348A6ABD3C26D0DD744E29A

@Tomin2009

What do you mean exactly?
Suspicious proceses are already blocked by OSArmor.

 

I've send you a PM.

 

Thanks @mood and @novirusthanks
I've checked SHA1 and it's this new - AC24F22E839C08893348A6ABD3C26D0DD744E29A.

 

Hello
Um, is it possible for OSA to communicate in Sandboxie sandboxes ... akin to ERP ... *\mailslot\NVTInj\* .
Thanks
-----------------------------------------------------------------------------------------------
btw ~ I tried uninstall and reinstall from:
http://www.novirusthanks.org/products/osarmor/

NoVirusThanks OSArmor
(C) NoVirusThanks Company Srl
http://www.novirusthanks.org/
Changelog: [15-Dec-2017] v1.0.0.0
+ Initial release

File: osarmor_setup.exe
File size: 1.87 MB (1,960,400 bytes)
MD5 checksum: 712D6263737C73DF1877362CF453C91A

 

@bjm_

MD5 checksum of last updated build is 712D6263737C73DF1877362CF453C91A

The changelog was not updated.

Not sure for now, will need to run some tests and report back here.

 

Aha!...."The changelog was not updated".
Thanks & Thanks

 

Wow, first stand alone BB in a long time( for free) and so very light as well.

Thanks @novirusthanks

Regards Eck

 

Looking forward to trying this, but will wait for the above.

 

Please make it work with sbie...btw, whenever I lock my computer then log back in, OSA's GUI window pops up every time why is that?

 

Why is it important for OSA to work with SBIE? I mean, if you have sandboxed your app, why do you need to further restrict it with OSA?

 

Forgive the pun, but seems overkill, no?

 

For the same reason ERP and my AV communicates in sandboxes. Information & Control.

 

It makes sense for AV to communicate in sandbox, because most AV programs block malicious URLs such as phishing sites, and they also try to detect malware that could steal login credentials from the browser.
But OSA is protecting the OS from being compromised, and when the app is sandboxed, the OS is already protected.

 

Hmm....so, no Information & Control in sandboxes.

 

How will this work along side avast...webroot..ect.ect?

 

WebrootSA agent is monitoring OSA processes, at this time.

 

Not sure I understood you right, so please correct me if I am missing the point:
A lot of people set up their sandboxes so that only their browser has internet access, thus malware running in the sandbox cannot call home.
And they also restrict which processes have the right to run inside the sandbox.
So if you use SBIE right, sandboxed malware cannot modify the OS, cannot encrypt files outside the sandbox, cannot call home in order to exfiltrate personal data, and probably cannot even run at all.

 

Good question, also Bitdefender, is this really needed? just wondering.

 

Yes I understand. BTW, can you give some more info about:

- Block suspicious processes
- Block suspicious svchost.exe/explorer.exe process behaviors

 

As Peter and BJM has already mentioned and I don't want any type of conflicts with any security apps