NoVirusThanks OSArmor: An Additional Layer of Defense

Discussion in 'other anti-malware software' started by novirusthanks, Dec 17, 2017.

  1. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,239
    @itman
    May I ask what version # of PE did you run and do you have OSArmor rule:
    Block execution of unsigned processes on user space box checked when you
    ran PE?
     
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,268
    Location:
    U.S.A.
    16.31.
    No.
     
  3. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,239
    OK thanks.

    Couldn't run PE version 16.32 without getting notification from
    OSArmor about block execution of unsigned processes on user space.
    The digital signature of the object did not verify. (Verified Signer)
    I assume that's why OSArmor blocked it.

    Older PE version 15.23 there was no block from above checked OSArmor rule as
    it was verified. Microsoft Corp. (Verified Signer)

    If you run PE 16.31 does it say verified? (Verified Signer)

    NOTE: Open PE -> View -> Select Columns... and check Verified Signer box
    if it hasn't been already checked by default.
     
  4. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,268
    Location:
    U.S.A.
    My PE ver. 16.31 is Microsoft signed. Where did you download your version from? SysInternals web site?

    PE_Signed.png
     
  5. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,239
    Got it from docs.microsoft.com website for Sysinternals PE.
    (2.5MB zip file)

    I opened Digital Signatures tab for PE 16.32 in Properties and it says the
    digital signature is not valid.

    Signing time: Not available

    CounterSignatures - Is blank

    Certificate information - The digital signature of the object did not verify.

    Have another version of PE that's signed & verified that I'll use.

    Anyway, back to NVT OSArmor before mod says stay on topic.
     
  6. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,108
    Location:
    Italy
    We've released a new version of OSArmor v1.5.6:
    https://www.osarmor.com/download/

    Changelog:

    + Added more signers to Trusted Vendors list
    + Added new internal rules to block suspicious behaviors
    + Alert window is auto-closed when button Exclude is clicked
    + Fixed removal of a registry value related to licensing
    + Fixed DPI-scaling issue on Configurator
    + Fixed all reported false positives
    + Minor improvements

    User notice:

    * You can install over-the-top
     
  7. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,925
    Location:
    Canada
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    13,763
    Location:
    The Netherlands
  9. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    737
    Location:
    Brooklyn, NY
    OSA's UIs and Connections Viewer 1.1 UI are still crystal-clear on here w/1920x1080p display, Rasheed.

    OSA did initially block Connections Viewer so I had to disable it to check. :) Phew, AdGuard was all over the place in there, btw. :eek: NVT: are you not on your own Trusted Vendor list? Oh, nvm, yeah you are. Block rule was "browser exploit."

    I happened to read about this latest mal-campaign here and since it appears it can infect literally anyone as it's dropped via email, can OSArmor block this and its payload, and I mean: COMPLETELY. Which rule/s would one tick for a better protection outcome, anyone?

    OSA updated nicely via the internal updater, also. :thumb:

    Edit: typo
     
    Last edited: Feb 17, 2021
  10. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,151
    Location:
    Canada
    Thank you Andreas!
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    13,763
    Location:
    The Netherlands
    To clarify, apps will never look blurry if you use a scale of 100%. So my question to you is, are you using a scale of 150% or not? And not that it matters, but is this is a laptop or desktop monitor? Also, I forgot to add that apps like OSA and Connections Viewer won't look blurry if you select the "Override high DPI scaling behavior" setting in Win 10, see link. But of course, you shouldn't need to change these settings if apps are correctly designed to support scaling on full HD screens, so I guess that's what I'm asking for.

    https://www.howtogeek.com/175664/ho...ll-on-high-dpi-displays-and-fix-blurry-fonts/
     
  12. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,268
    Location:
    U.S.A.
    I use 125% w/no display issues in regards to OSA or anything else for that matter.

    Since you are always complaining about this, I would say something is wrong with;

    1. Your graphics card.
    2. Your graphics card drivers.
    3 Your graphics card software settings.
    4. Windows settings that control graphics display.
    5. Your monitor or its settings.
    6. Possibly the connection from graphics card to monitor; HDMI, DVI, VGA or the cable itself.
     
  13. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    737
    Location:
    Brooklyn, NY
    Oh, I see. No, only 100%. To check this out to your specifications I switched to 150% via Settings/Display and have to concede: the UI IS slightly more blurred. Not much but it's definitely there. Then again, I have a fairly capable graphics processor running the latest driver.

    Thank you for clarifying, Rasheed. :)
     
  14. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,174
    Location:
    Hollow Earth - Telos
    I use 125% and don't see why anyone would want to use 100%.
     
  15. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,268
    Location:
    U.S.A.
    Here's a screen shot of OSA Configuration screen at 125%. If that is considered blurry, so be it. I also don't know why anyone would be using 150% unless they have definite eyesight problems.

    OSA_Blurry.png
     
  16. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,151
    Location:
    Canada
    100% with 1366 X 768 resolution on a Lenovo E580 laptop. both settings are Recommended and any other combination looks inferior when I test.
     
  17. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    13,763
    Location:
    The Netherlands
    Yes, that looks pretty blurry, so seems like you have the except same problem. It can be fixed by this setting, but you will have to do this for all apps individually. This is mind boggling to me.

    https://answers.microsoft.com/en-us...tions-do/e4afd178-50d7-463b-acd4-dbcb0a00ab21

    Yes exactly, on my Lenovo laptop a scale of 150% is recommended, 125% and 100% makes everything look too small.

    Thanks for checking and like I said before, the weird thing is that this problem could have been easily fixed by M$ by simply enabling the "Override high DPI scaling behavior" on a global level, this will make almost every app look crisp even with a scale of 150%.
     
  18. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,268
    Location:
    U.S.A.
    Yikes! The reason I posted it is it is not blurry on my device. If its burry on your monitor display, something is wrong with your monitor or other software/hardware.

    I had an Acer 23" monitor a while back that was famous for doing things like this. Font sizes would at random expand and contract; you name it. I haven't had display issues since I bought an HP IPS monitor a while back.
     
  19. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,621
    Location:
    Among the gum trees
    itman, you have your screen at 125% (so do I by the way) and Rasheed has his set at 150%, so there would be cumulative error, wouldn't there?
     
  20. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    737
    Location:
    Brooklyn, NY
    Don't know if this is a factor but chromium browsers in general seem to have a qualitative problem w/images. Firefox is better with images, I saw this myself. Also, the latest Edge version 88.0.705.74 is rendering images better than my default Opera at the moment. I have hardware acceleration enabled in both browsers.

    I do not venture beyond what is recommended in the Settings app for my system (100%), as experimenting with these settings result in an obviously degraded visual experience. itman's snip of OSA's UI looks a little blurry but clicking to expand it results in a clearer image.
     
  21. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,268
    Location:
    U.S.A.
    For starters and noted in @plat1098 posting, I certainly hope he expanded the thumbnail image I posted?

    What I recommended to @Rasheed187 is to first use ClearType text. Then run Win 10's ClearType Text Tuner and see if that helps. The Tuner shows a series of 5 screens. On each screen you select the picture with the text display clearest to you.

    Here's a complete guide on the issue: https://www.guidingtech.com/guide-to-fixing-blurry-text-windows-10/ . Funny they didn't mention ClearType Text Tuner.
     
  22. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,268
    Location:
    U.S.A.
    Happened again today after Win 10 20H2 Preview Cumulative update. After update completion and display of desktop, OSA dev. service didn't auto start.

    I am beginning to believe it might be best to fully disable OSA prior to performing any Win Cumulative updates.
     
    Last edited: Feb 24, 2021
  23. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,441
    No problems here after today's Win 10 cumulative update.
     
  24. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    13,763
    Location:
    The Netherlands
    Perhaps you can read these articles, I believe that the problem with OSA and Connections Viewer looking blurry may be caused by the "DPI Aware flag". Is this correct, and did you fix it by changing this setting? BTW, I still need to test your other NVT tools to see if they have the same problem and I also still need to test the newest OSA.

    https://kynosarges.org/WindowsDpi.html
     
  25. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    13,763
    Location:
    The Netherlands
    I've done some research and I doubt that the problem is caused by problems with the GPU. It's a well known problem in Win 10, see links. Like I said, the only way to fix this problem with blurry looking GUI's is by manually changing the “Override high DPI scaling behavior.” If it was a hardware issue, then ALL apps should look blurry which is not the case. ClearType hasn't got anything to do with it.

    https://news.kynosarges.org/2017/04/16/dpi-settings-in-windows-10-creators-update/
    https://www.ghacks.net/2020/09/18/how-to-fix-blurry-text-in-programs-on-windows-10/

    Yes I did, and if you didn't resize the pic, it looks pretty blurry to me. See screenshots, the first one is sharp and the second one is blurry and looks a lot like yours. But it's very simple, once the lockdown is over I will do some testing in the electronics store, to see if other laptops and desktops with a full HD screen have the same problem.
     

    Attached Files:

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.