OpenRCE

📚 OpenRCE is preserved as a read-only archive. Launched at RECon Montreal in 2005. Registration and posting are disabled.

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Wednesday, December 9 2009 07:49.57 CST

Direct Link, View / Make / Edit Comments

OSAM: Autorun Manager v5.0 - against rookits that hide their files!

Author:

OnlineSolutions

# Views: 3791

OSAM: Autorun Manager v5.0 - against rookits that hide their files!
11-Sep-2009

As mentioned before, a few weeks ago we recommenced the works on our first public product, namely OSAM: Online Solutions Autorun Manager.

Releasing this, fifth, version of the product has turned hard for our company. For a number of reasons of different nature the release data had to be moved several times. However, we managed to brace up and - thanks to join efforts - finally released the new version of the product.

Now, greet OSAM: Online Solutions Autorun Manager v5.0!

The 5th version provides a unique possibility to detect and remove rootkits that hide their files on the hard disk. Hiding registry keys and files rootkit techniques are spreading wider and wider, so our company had nothing to do but invent and implement a solution for detecting and removing such malware. And we did it! OSAM applies algorithms that parse and the structure of file systems on hard disks without involving any mechanisms of the operating system and thus detects and removes almost all the known viruses and other types of malware.

Presently OSAM detects hidden files, in addition to detecting hidden registry entries, which allows for using it in detecting and removing newest and up-to-date viruses.

One-click removal of the Conficker (Downadup) worm using OSAM

For a long time, our malware analysts have requested on improvements in processing of Windows .job files. Good news - version v5.0 features a fundamentally modified and improved the information retrieval method. This modification has significantly simplified detection and removal of viruses, improved and accelerated the procedure of adding information to malware databases.

Due to high popularity of our product among Windows Vista and Windows 7 users, a set of considerable improvements have been introduced into support of these operating systems.

Besides, we have reworked a large number of scanning techniques and data processing algorithms, fixed the known bugs, and implemented several helpful functions (please, refer to the complete list of updates).

We are sure that you will like the new version of OSAM: Online Solutions Autorun Manager as it will help you always keep your computer safe and sound!

We are glad to once again express our thanks to Julia (JM) for her patience, devotion to the company, and confidence of success! Hold on!

We are also glad to inform all users of OSSS: Security Suite, that besides the OSAM version 5 release, during the recent four weeks we have worked hard on the client-server interaction. This work has been very fruitful and resulted in serious improvements in the functionality, which we hope to present in a new version of the product, due in the near future.

If you use various software and would like to participate in beta-testing of our new secutiry techniques, apply for participation at the following address: [email protected].

Created: Thursday, August 20 2009 16:41.34 CDT

Modified: Thursday, August 20 2009 16:49.38 CDT

Direct Link, View / Make / Edit Comments

OSSS: Online Solutions Security Suite v1.1 Beta - Vista support

Author:

OnlineSolutions

# Views: 3490

OSSS: Security Suite. Fourth public beta (15-Aug-2009 06:30)

For the recent six weeks we have implemented a number of new functions.

The first one to mention is automatic customization of rules via Security Master already at the program installation stage.

Starting with version v1.1, search for software in use is performed during the OSSS installation, whereupon the accumulated data are analyzed on our server and the set of rules for the detected applications is generated automatically.

The safety level of an application is analyzed using the database of another our product Online Solutions Autorun Manager (OSAM), which contains information about tens thousands of safe and malicious applications. Thanks to excellent contribution of Julia (JM), the head of the Malware Analysis Department, our users no longer need to respond annoying requests during the first start of their computers - our server will do it for them!

Another new important feature is protection against keyloggers and mouse grabbers, which is an improved version of the previously implemented functionality. Currently OSSS detects any attempts to intercept control over keyboard or mouse thus protecting our users against banking trojans and rootkits, while stealing money through internet banking is one of the most common functions of malicious software.

During the several recent days we have completed testing the OSSS product on the Microsoft Windows Vista x86 (32-bit version) platform. We are glad to inform, that our product is now available for users of this operating system as well. It is worth mentioning that fourth Beta is the first Windows Vista-compatible public version of our product, which causes a set of known issues (this list is not updated yet; it will be updated soon). In the closest future, we are going to put effort into resolving them and completing the functionality for work under Windows Vista.

In OSSS v1.0 the self protection feature was included, so uninstalling the product required disabling the self protection module. The current version provides the possibility to turn self protection off during uninstallation. This will have no impact on the system safety level because this functionality will be unavailable for malicious software.

We keep working on the program interface and usability improvement. In the current version, formatting and data selection have been improved in activity dialog boxes. On no longer has to carefully read the entire text to answer a request, but only needs to take a glance at the window and make the right decision. Moreover, text scrolling is now available in the "Suggestion" and "Details" blocks.

Unfortunately, we have not had time to test the Russian localization, but we hope to publish the multi-language version in 2 or 3 weeks. If you are eager to be the first to see our program in Russian, you are welcome to contribute in testing it. Feel free to apply for the Russian version by the following e-mail address: [email protected].

We are glad to inform all the numerous users of our Online Solutions Autorun Manager (OSAM) program that we have resumed this project after almost a year since the last release. For the recent six weeks we have considerably improved the code, sped up scanning, implemented the algorithms for analyzing FAT32 and NTFS partitions without using operating system mechanisms. In a few weeks we are going to release a new version of the product, which allows for detecting and removing practically all known malicious software that is beyond the power of most antiviral programs.

Here is another good novelty for our users. We are keeping on development of the OSSS server side, which will allow for implementing a number of new promising approaches to computer and user security. Within the closest months we are going to work hard in this direction and we need your help in checking the implementation of our concepts. If you are interested in becoming our beta-tester, contribute to the development of a complicated and high-quality software product, cooperate with inspired people, feel free to apply on participation in beta-testing by the following e-mail address: [email protected].

The "Online Solutions" company is a small but very purposeful team that permanently seeks for and uses advanced methods and techniques. In our everyday work we target at improving our solutions that ensure computer and user security. Within a short period of time, our team managed to create a world-class product. However, we keep on improving and expanding the product functionality. What we want is to create the best product for your security!

Original: http://www.online-solutions.ru/en/news/company/osss-security-suite-fourth-public-beta.html

_________
Remember that in order to update the OSSS v1.0 Beta (with self-protection) to the new version, it is required to disable a self-protection module before uninstalling v1.0 Beta, otherwise the uninstallation process will be simply impossible. Step-by-step manual is here.

Created: Thursday, August 20 2009 16:40.21 CDT

Direct Link, View / Make / Edit Comments

Change list for OSSS: Security Suite v1.1 Beta

Author:

OnlineSolutions

# Views: 3377

Change list for OSSS: Security Suite v1.1 Beta (15 Aug 2009 06:30)

- Support of 32-bit versions of Windows Vista and Windows 2008 operating systems has been included.
- "Security Master" for customizing the system automatically during installation has been added.
- Protection against keyboard and mouse control interception has been significantly improved.
- Interface of requests has been improved. Formatting and contents of displayed text has been changed. Scrolling in request dialog boxes has been implemented.
- In the OSPD (Proactive Defense) module the "Allow Most" policy has been restored.
- The possibility to uninstall the program without manual turning off the self security module has been implemented.
- Generating rules for installing drivers and services and for working with physical disks has been improved.
- The set of predefined rules has been improved.
- Fixed:
- Working with visual themes under Windows XP SP0 with self protection enabled;
- GUI freeze while working with docking panels in the "Events" tab (special thanks to Denis Porfiryev for reporting the problem).

Screenshots of improved user interface and action request windows (Click on picture to view it fullsize):

Quick links:
- More information about new beta-release
- Download OSSS v1.1 Beta...
- Manual to update OSSS v1.0 Beta...
- List of the known issues and functions, not included in this release (v0.8; not updated yet)

Created: Thursday, August 20 2009 16:35.59 CDT

Modified: Thursday, August 20 2009 16:38.20 CDT

Direct Link, View / Make / Edit Comments

Change list for OSSS: Security Suite v1.0 Beta

Author:

OnlineSolutions

# Views: 3361

Change list for OSSS: Security Suite v1.0 Beta (04 Jul 2009)

- Partially enabled the self protection module (pay attention to the uninstallation process!).
- Added the experimental heuristical analyser of the events risk level.
- Implemented the ability of automatic rule creation for safe and malicious programs, based on heuristical analyser (experimental adaptation).
- Added some new hooks for control over events (registry key rename, access to kernel through undocumented way, process suspending).
- Improved action request windows interface. The windows are more friendly and usable now. (The second step of the big interface improvement plan has been done).
- Improved NDIS WAN interfaces support. Added ADSL ISDN modems support. PPPoE and VPN connections have been tested.
- Implemented the new way of work with Trusted and Blocked applications groups.
- Added the ability to view internal DNS-cache (search, removing of elements).
- Added new and modified old application icons.
- Fixed:
  - kernel memory leak (after long work without reboot the system could be crashed with BSOD)
  - WAN-adapter detection error
  - processing of IP addresses adding/removal.

Screenshots of improved user interface and action request windows (Click on picture to view it fullsize):

Quick links:
- More information about new beta-release
- Download OSSS v1.0 Beta...
- List of the known issues and functions, not included in this release (v0.8; not updated yet)

Created: Thursday, May 21 2009 15:36.34 CDT

Modified: Saturday, May 23 2009 13:25.49 CDT

Direct Link, View / Make / Edit Comments

OSSS: Security Suite v0.9 Beta

Author:

OnlineSolutions

# Views: 4102

OSSS: Security Suite v0.9 Beta

"OSSS" (Online Solutions Security Suite) is a complex protection software, that includes:
- Proactive Defense (OSPD) - new generation proactive defense system,
- Personal Firewall (OSPF) - extremely powerful personal firewall

"OSSS" provides a complete computer protection against newest hacker attacks, malicious code and rootkits.

(Click on image thumbnail to view it)

- Change list for v0.9 Beta
- List of the known issues and functions, not included in this release (v0.8; not updated yet)
- General advices and help on the use of Online Solutions Security Suite
- Latest information about version, attention regarding beta-version
- Download OSSS v0.9 Beta

Most important: searching for active beta-testers :-)

... In the next releases (only part) - multi-language, dramatic improvements to decrease amount of questions from OSSS, improvements of interface; probably, support for several other OS'.

Archived Entries for OnlineSolutions

Subject	# Views	Created On
Long-awaited update - new version of OSAM: Autorun Manager	2463	Saturday, April 5 2008
OSAM: Autorun Manager v1.0.0.4088 first public beta	1928	Monday, December 3 2007

There are 31,328 total registered users.

Recently Created Topics
[help] Unpacking VMP...	Mar/12
Reverse Engineering ...	Jul/06
let 'IDAPython' impo...	Sep/24
set 'IDAPython' as t...	Sep/24
GuessType return une...	Sep/20
About retrieving the...	Sep/07
How to find specific...	Aug/15
How to get data depe...	Jul/07
Identify RVA data in...	May/06
Question about memor...	Dec/12

Recent Forum Posts
Finding the procedur...	rolEYder
Question about debbu...	rolEYder
Identify RVA data in...	sohlow
let 'IDAPython' impo...	sohlow
How to find specific...	hackgreti
Problem with ollydbg	sh3dow
How can I write olly...	sh3dow
New LoadMAP plugin v...	mefisto...
Intel pin in loaded ...	djnemo
OOP_RE tool available?	Bl4ckm4n

Recent Blog Entries
	halsten	Mar/14
Breaking IonCUBE VM
	oleavr	Oct/24
Anatomy of a code tracer
	hasherezade	Sep/24
IAT Patcher - new tool for ...
	oleavr	Aug/27
CryptoShark: code tracer ba...
	oleavr	Jun/25
Build a debugger in 5 minutes
More ...

Recent Blog Comments
	nieo on:	Mar/22
IAT Patcher - new tool for ...
	djnemo on:	Nov/17
Kernel debugger vs user mod...
	acel on:	Nov/14
Kernel debugger vs user mod...
	pedram on:	Dec/21
frida.github.io: scriptable...
	capadleman on:	Jun/19
Using NtCreateThreadEx for ...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit