NoVirusThanks OSArmor: An Additional Layer of Defense

Discussion in 'other anti-malware software' started by novirusthanks, Dec 17, 2017.

  1. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,973
    Location:
    Poland - Cracow
    Screenshot from my Vista (first version) - two processes
    171217183546_5.jpg
    and from latest build - one process...what was heppende with OSArmorDevSvc.exe?...now it's not presented
    171218132755_2.jpg

    Second question - is this new build? It's still as 1.0.0.0 (15 December 2017).
     
  2. Tomin2009

    Tomin2009 Registered Member

    Joined:
    Sep 13, 2012
    Posts:
    94
    Could you please add an option to terminate suspicious process?
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    41,863
    Download it again from the website, there was an update of the installer some hours ago #40
    The digital timestamp of the service OSArmorDevSvc.exe : 18 December 2017
    OSArmorDevUI.exe / OSArmorDevCfg.exe: 17 December 2017
     
  4. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,134
    Location:
    Italy
    @ichito

    Strange, can you try to uninstall and reinstall from:
    http://www.novirusthanks.org/products/osarmor/

    The new build is always v1.0 but from 18 December:

    File: osarmor_setup.exe
    File size: 1,87 MB (1.960.400 bytes)
    MD5 checksum: 712D6263737C73DF1877362CF453C91A
    SHA1 checksum: AC24F22E839C08893348A6ABD3C26D0DD744E29A

    @Tomin2009

    What do you mean exactly?
    Suspicious proceses are already blocked by OSArmor.
     
  5. Tomin2009

    Tomin2009 Registered Member

    Joined:
    Sep 13, 2012
    Posts:
    94
    I've send you a PM.
     
  6. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,973
    Location:
    Poland - Cracow
    Thanks @mood and @novirusthanks
    I've checked SHA1 and it's this new - AC24F22E839C08893348A6ABD3C26D0DD744E29A.
     
  7. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    Hello
    Um, is it possible for OSA to communicate in Sandboxie sandboxes ... akin to ERP ... *\mailslot\NVTInj\* .
    Thanks
    -----------------------------------------------------------------------------------------------
    btw ~ I tried uninstall and reinstall from:
    http://www.novirusthanks.org/products/osarmor/

    NoVirusThanks OSArmor
    (C) NoVirusThanks Company Srl
    http://www.novirusthanks.org/
    Changelog: [15-Dec-2017] v1.0.0.0
    + Initial release

    File: osarmor_setup.exe
    File size: 1.87 MB (1,960,400 bytes)
    MD5 checksum: 712D6263737C73DF1877362CF453C91A
     
    Last edited: Dec 18, 2017
  8. novirusthanks

    novirusthanks Developer

    Joined:
    Nov 5, 2010
    Posts:
    1,134
    Location:
    Italy
    @bjm_

    MD5 checksum of last updated build is 712D6263737C73DF1877362CF453C91A

    The changelog was not updated.

    Not sure for now, will need to run some tests and report back here.
     
  9. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    Aha!...."The changelog was not updated".
    Thanks & Thanks
     
  10. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    562
    Location:
    The Outer Limits
    Wow, first stand alone BB in a long time( for free) and so very light as well.

    Thanks @novirusthanks

    Regards Eck:)
     
  11. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,420
    Location:
    Under a bushel ...
    Looking forward to trying this, but will wait for the above. :)
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Have it installed now, got past the alerts blocking it.

    Andreas now for my favorite NVT bug. GUI's centered between screens on dual monitors.
     
  13. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Please make it work with sbie...btw, whenever I lock my computer then log back in, OSA's GUI window pops up every time why is that?
     
    Last edited: Dec 18, 2017
  14. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,485
    Why is it important for OSA to work with SBIE? I mean, if you have sandboxed your app, why do you need to further restrict it with OSA?
     
  15. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    1,287
    Location:
    Québec, Canada
    Forgive the pun, but seems overkill, no? ;)
     
  16. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    For the same reason ERP and my AV communicates in sandboxes. Information & Control.
     
  17. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,485
    It makes sense for AV to communicate in sandbox, because most AV programs block malicious URLs such as phishing sites, and they also try to detect malware that could steal login credentials from the browser.
    But OSA is protecting the OS from being compromised, and when the app is sandboxed, the OS is already protected.
     
  18. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    Hmm....so, no Information & Control in sandboxes.
     
  19. hayc59

    hayc59 Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,843
    Location:
    KEEP USA GREAT
    How will this work along side avast...webroot..ect.ect?
     
  20. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,069
    Location:
    .
    WebrootSA agent is monitoring OSA processes, at this time.
     
  21. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,485
    Not sure I understood you right, so please correct me if I am missing the point:
    A lot of people set up their sandboxes so that only their browser has internet access, thus malware running in the sandbox cannot call home.
    And they also restrict which processes have the right to run inside the sandbox.
    So if you use SBIE right, sandboxed malware cannot modify the OS, cannot encrypt files outside the sandbox, cannot call home in order to exfiltrate personal data, and probably cannot even run at all.
     
  22. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    1,292
    Location:
    USA, MICHIGAN
    Good question, also Bitdefender, is this really needed? just wondering.
     
  23. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    That was important to me with ERP. I wanted to interact even with something in the Sandbox. Andreas solved that and I am sure he can with this product depending on his endgame
     
  24. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,825
    Location:
    The Netherlands
    Yes I understand. BTW, can you give some more info about:

    - Block suspicious processes
    - Block suspicious svchost.exe/explorer.exe process behaviors
     
  25. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    As Peter and BJM has already mentioned and I don't want any type of conflicts with any security apps
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.