NoVirusThanks OSArmor: An Additional Layer of Defense

Test 8 fixed all my problems, too.

 

It turns out that Bouncer driver was loading, but OSArmor was blocking the driver from communicating with the tray icon. Bouncer tray icon uses a cmd command to allow the driver to communicate with it's tray icon.

Test 8 fixed the problem with Bouncer, and Malwarebytes, but now I have a problem I had with a prior build of OSArmor. It's blocking adguard, Windows Start Menu, Settings, Control Panel, Windows Notification Area, and Cortana. It's all being silently blocked. OSArmor does not report to be blocking anything. This occurred several builds ago, and Adguard happen to get blocked that time as well. I'm using Windows 10 x64 version 1709.

 

Do you have any log messages from OSA you could post here? Do you use default settings for OSA and did you "tweak" it a bit?

 

Test 8 appears to sort #344

 

OSA is not logging anything being blocked. I took a picture of the plug & play message i'm getting when trying to reboot. This also happen the last time I had this problem. The following error is being recorded in Windows Event Viewer. ATI EEU PnP start/stop failed I did some Googling, and it says it might have something to do with my Graphics Card. I have an AMD Radeon HD 6770 Graphics Card.

 

Doing a full uninstall, and reinstall seems to have fixed the problem. That worked the last time also. I have all rules ticked except for the following below.

Block execution of .CPL (Control Panel) applets
Block any process executed from mmc.exe
Block any process executed from wmiprvse.exe
Block unknown processes executed from TeamViewer
Block execution of any process related to TreamViewer
Block execution of any process related to RealVNC
Block execution of any process related to UltraVNC
Block execution of any process related to NirSoft
Block execution of any process related to Radmin
Block exection of schtasks.exe

 

I still think it's wise to reformat atleast yearly

 

Here is a new v1.4 (pre-release) (test9 ):
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test9.exe

*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***

So far this is what's new compared to the previous pre-release:

+ Fixed blocking of processes executed from mmc.exe
+ Minor fixes and optimizations

This pre-release version can be installed over the top of the previous one.

@Sampei Nihira

I checked your security setup, very minimal and OSArmor should work just fine.

Will try to reproduce the issue.

@Cutting_Edgetech

Yeah, looks like related to the graphic card:

Win 10 booting delay caused by AMD graphic driver in my laptop
ATI EEU PnP start/stop failed
Event Viewer Logs Error [Solved]

 

TH.

 

Losing (already lost? my mind. Of course at my age, memory is a terrible thing to lose. heh Anyway, how do I ascertain which beta I am testing? I thought it showed me, but now I only see 1.4.0.0. Am I mis-remembering? TIA

 

@novirusthanks

Thanks for this new release. Great new program and i'm anxiously looking forward to all your team does to make it a fabulous useful addition to users security layer.

 

When I reset the rules to default the scroll function quits working until I close and reopen the configurator or click on a rule.

To turn OSArmor off permanently am I to disable it in Services or is there going to be a way to turn it off permanently in the GUI?

 

Here is a new v1.4 (pre-release) (test10):
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test10.exe

*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***

So far this is what's new compared to the previous pre-release:

+ Block any process executed from javaw.exe (except java.exe)
+ Block any process executed from java.exe
+ Fixed display of GUI and Configurator on multi-monitors
+ Minor fixes and optimizations

This pre-release version can be installed over the top of the previous one.

We're now working on the driver to support Secure Boot.

@Charyb

This test 10 should fix it.

You disable OSArmor via tray icon -> Disable Protection, but if you want to disable it permanently you need to disable the service (OSArmorDevSvc).

@Peter2150

Should be fixed now, let me know if it works fine.

 

Thanks for the update. BTW, I have always enabled all options (with only two exceptions: block execution of any process related to NirSoft and SecurityXploded). So far, so good. Works really great, but I also have a couple of exclusion rules.

 

Nice to scroll thru the rules now. Some rules like blocking known Bitcoin miner command-lines suggest a need for periodic updating, right? Would the interface be getting some sort of updater? For version/test #--same, I only see the date it was modified in Properties, no test #.

 

@novirusthanks ,

I'm using the v1.4 test 10 without issues...

Inside Configuration window, can you group the protections by their type, for better understanding...?

Keeps the great work!

 

I just don't want to reformat! Not my thing to do!

 

Why is Panda Security\Panda Devices Agent and PSExpCampaign.exe considered unsafe and being blocked? Does OSArmor not have a whitelist? I think PSExpCampaign.exe is an advertising component and \Panda Devices Agent is required for the anti-virus cloud component to work.

 

What is mentioned in the log file?

 

Rule: BlockSuspiciousProcesses along what appears to be an I.D. of my computer, some other info for them and what I mentioned in post #372.

 

This version is working great, but could you fix the scrollbar to move up or down as I'm moving it? because, I have to use the arrows currently...check out this short video to see what I mean...
https://sendvid.com/7j9krykz