Jump to content


Photo

New tool - OSAM: Autorun Manager v1.0.0.4088 first public beta


  • Please log in to reply
12 replies to this topic

#1 OnlineSolutions

OnlineSolutions

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 04 December 2007 - 09:35 AM

One month ago we released a first public beta-version of [online-solutions.ru/ (free tool). We are interested in the opinion of end-users and security community about the program. Here is an [overview[/url] and download page[/url]. (You'll need to download Microsoft system libraries if you have no them or have a different versions).

"OSAM[/url]" (Online Solutions Autorun Manager[/url]) is a powerful and reliable tool for controlling the 'cleanliness' of components and applications that are automatically loaded or started under certain conditions without user's consent.

"OSAM[/url]" provides an easy one-click way of obtaining detailed information about the components that are run automatically at the system start and can potentially affect its operation.

Basically, all types of malicious software that have been around for the last 7-10 years use various mechanisms of sticking to an infected system. With this product, you will be able to monitor and control these activities and, which is more important, eradicate the threat on your own.

Usage examples:

Rootkits are one of the biggest threats for end user systems. This malicious software integrates into the system on a very low level and completely hides its presence. The user is often totally unaware that the computer is being controlled by hackers. But that's not a problem: whether it's a hidden start of a rootkit driver or other hidden keys, "OSAM[/url]" will detect any of these autorun variants.

Modern malicious software, such as adware, spyware and spambots cannot be completely removed by existing anti-virus solutions. However, such treatment attempts often leave the user without working network connections or damage other system components. The user becomes helpless and alone with the problem. The "OSAM /url]" manager will easily solve this problem!

Usage examples:
[
The virus blocks access to a registry key or file? You can't remove them using any possible means? The "]OSAM[/url]" manager will tackle this problem, too.

If the user is experiencing problems, he can use several program functions to seek experts' assistance (for instance, on our forum) - save a detailed system report (all autoruns) or save a full snapshot of the startup data (in the same form as on the user's system).

Functional capabilities:

- support of virtually all known methods of automatic loading using the system registry or
special folders;
- automatic detection of the peculiarities of settings on specific user systems;
- validation of digital file signatures;
- color marking of file statuses for better comprehension;
- filtering by statuses of detected objects;
- search by masks using any parameter in any display mode;
- output of additional information for any object type;
- output of detailed file information, validation of file existence and accessibility;
- temporary disablement of registry objects or files without creating additional keys or
subfolders;
- generation of two types of report files (text and HTML*) with all autoload information.

Unique capabilities:

- protection against rootkits by detecting hidden registry keys and records using the method of direct registry data analysis (without using OS functions);
- comprehensive support of LSP (Layered Service Providers) filters deletion and recovery with rearrangement of the providers chain;
- support of namespace providers (NSP) with rearrangement of the providers chain*.

Advantages:

- a completely free application!
- grouping by file objects enables you to quickly find all links to a specific automatically
loaded file;
- regular updates of the methodological database after the analysis of in-the-wild malicious
software;
- full Unicode support (any national characters, filenames and registry data);
- support of visual themes (skins) for users who do care how their favorite software looks.

Edit to munge links...

Edited by Budfred, 05 December 2007 - 06:58 AM.


#2 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,526 posts

Posted 04 December 2007 - 06:26 PM

I am not sure where you got the idea that we allow advertising on this forum... A simple statement that you had updated your tool might be acceptable... A blatant advertisement is not and it is considered SPAM... If you wish to be able to post here again, please do not repeat...

To our members...

I did not delete this topic because it is not clear if this is a legit or a malicious program... I advise considerable caution since many malware makers are claiming to produce anti-malware tools so that they can infect your computers... Given the way this tool was introduced here, I suggest great caution about trying this tool...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#3 OnlineSolutions

OnlineSolutions

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 05 December 2007 - 07:24 AM

Hello!

I am not sure where you got the idea that we allow advertising on this forum... A simple statement that you had updated your tool might be acceptable... A blatant advertisement is not and it is considered SPAM... If you wish to be able to post here again, please do not repeat...

This is not an advertising as you can though, because of this is absolutely free tool developed for protecting users against malware and rootkits. We decide to make this post here, because of this is a place where a lot of users trying to solve their problems with malware. And OSAM can really help them.
We cannot say that we "updated" our tool, because we're not. This is just a first public release, so how will people know that this software exists? We need to talk with users, but how?

To our members...
I did not delete this topic because it is not clear if this is a legit or a malicious program... I advise considerable caution since many malware makers are claiming to produce anti-malware tools so that they can infect your computers... Given the way this tool was introduced here, I suggest great caution about trying this tool...

We are Russian information security company. This is not a malicious program and your warn is not correct. You can read information about our company (contacts information, office phones, address, photos of office) and our products on our site.

We are really hope to have some feedback of OSAM usages.

Thank you for your care!

#4 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,526 posts

Posted 05 December 2007 - 08:08 AM

Hello!

I am not sure where you got the idea that we allow advertising on this forum... A simple statement that you had updated your tool might be acceptable... A blatant advertisement is not and it is considered SPAM... If you wish to be able to post here again, please do not repeat...

This is not an advertising as you can though, because of this is absolutely free tool developed for protecting users against malware and rootkits. We decide to make this post here, because of this is a place where a lot of users trying to solve their problems with malware. And OSAM can really help them.
We cannot say that we "updated" our tool, because we're not. This is just a first public release, so how will people know that this software exists? We need to talk with users, but how?

To our members...
I did not delete this topic because it is not clear if this is a legit or a malicious program... I advise considerable caution since many malware makers are claiming to produce anti-malware tools so that they can infect your computers... Given the way this tool was introduced here, I suggest great caution about trying this tool...

We are Russian information security company. This is not a malicious program and your warn is not correct. You can read information about our company (contacts information, office phones, address, photos of office) and our products on our site.

We are really hope to have some feedback of OSAM usages.

Thank you for your care!


It is a blatant advertisement whether you wish to call it that or not...

In addition, some of our staff have attempted to investigate your primary site, but apparently it is in Russian... Until we have someone who can investigate it carefully, this is considered to be a suspicious program... If you are legit, you surely know about the many attempts to infect users with fake security software, so you also know what any new product like this will not be trusted without considerable evidence that you are not criminal...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#5 OnlineSolutions

OnlineSolutions

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 05 December 2007 - 08:48 AM

It is a blatant advertisement whether you wish to call it that or not...

Okay, sorry.

In addition, some of our staff have attempted to investigate your primary site, but apparently it is in Russian... Until we have someone who can investigate it carefully, this is considered to be a suspicious program... If you are legit, you surely know about the many attempts to infect users with fake security software, so you also know what any new product like this will not be trusted without considerable evidence that you are not criminal...

Hm, your staff member didn't check language selector in top of site's menu. You can select "english" to see english version of site. Also you can use direct link to english version of site: [url="/en/ /url]

Interface of the program is fully in english.

Edit to munge yet another link...

Edited by Budfred, 05 December 2007 - 06:53 PM.


#6 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Retired Staff
  • PipPipPipPipPip
  • 15,830 posts

Posted 05 December 2007 - 02:07 PM

Maybe you'd like to remove the Porn links in your forum:
[url=" forum.online-solutions.ru/viewforum.php?f=21" /url]
They install malware:
Posted Image
How do you expect me to take you seriously as an organisation if you can't keep your own site clean? :hmmm:

Edited by Budfred, 05 December 2007 - 06:55 PM.

jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

#7 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,526 posts

Posted 05 December 2007 - 07:15 PM

I am getting tired of removing your links... Please do not post any more or you will lose your membership in this forum... So far all of the information I have heard about your organization suggests that you originate from a dubious site...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#8 OnlineSolutions

OnlineSolutions

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 06 December 2007 - 03:02 AM

Good morning,

Maybe you'd like to remove the Porn links in your forum: [url=" forum.online-solutions.ru/viewforum.php?f=21" /url]

We periodically cleaning the forum against spam-posts made by xrummer software of spammers. This is because phpBB have a weakness CAPTCHA module by default. But for what you wrote this? Just to carp at our company? :blush:

You spend some time to boot virtual machine and go to some idiotic spam link to get some malware... to tell what? That porn sites installs malware? We know this, you may be sure. Or you want to tell that we guilty that some porn sites install malware?

You was able to test our software and make some feedback on it, if you already booted your virtual machine. For example, to see how this malware is registered on your VM. But you didn't this. Or did you tested this software on "hard" malware or rootkits? Did you seen how you can remove malware using this software? As I see - didn't. You spend your time just to hit us? (Even more you seen that moderator have a suspicious for us). Great help, thank you. :blush:

How do you expect me to take you seriously as an organisation if you can't keep your own site clean? :hmmm:

Our site is absolutely clean. Don't surf on porn sites, its dangerous.

Thanks for a warm welcome :zipped:

Edited: typo removed

Edited by OnlineSolutions, 06 December 2007 - 03:10 AM.


#9 OnlineSolutions

OnlineSolutions

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 06 December 2007 - 03:34 AM

Good day,

I am getting tired of removing your links... Please do not post any more or you will lose your membership in this forum...

I didn't want to violate any rules. You just said that our site is in Russian language only, so I gave a link to english version. Before posting it here, I tried to send it to you using PM, but I cannot use it (function is not available). Sorry for that, but I haven't other possibilities. :unsure:

So far all of the information I have heard about your organization suggests that you originate from a dubious site...

Uhh... Why its 'dubious' and why you telling this about our company? It's not funny. :blush: Did you heard any stories about spammers and/or malware-coders, who talk for a one week with moderators/administrators to say that they are clear? This is a comedy, isn't it? :blush:

Or if we are Russians, so we are criminal? Isn't nationalism?

#10 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,526 posts

Posted 06 December 2007 - 06:32 AM

You explain that you periodically go through and clean out the polluted links in your forum... If you look at SWI, do you see any such links?? If you really want to keep your site clean, you will do so...

We frequently recommend various products created by Russians and have Russian people we trust who work with us in the fight against malware... If we knew you and you had approached us in a respectful manner, you might have been one of those people... However, you chose to SPAM your product in this and other forums... Your originating site has a dubious reputation as a hacking site and we mostly don't know you... It is not clear that your tool provides any function that isn't already available in trusted tools... You created this mess and your responses are not gaining you more trust to resolve it...

How many other forums have removed your ad and/or banned you?? I know of at least one...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#11 OnlineSolutions

OnlineSolutions

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 06 December 2007 - 07:23 AM

You explain that you periodically go through and clean out the polluted links in your forum... If you look at SWI, do you see any such links?? If you really want to keep your site clean, you will do so...

Please check our site and forum with siteadvisor.com for example, if you don't understand what is a posts made by spam-bots. (BTW, you talking about site, but our site have no any links to somewhere; none).

We frequently recommend various products created by Russians and have Russian people we trust who work with us in the fight against malware... If we knew you and you had approached us in a respectful manner, you might have been one of those people...

Okay, that's a very good news. Ask your Russian friends and/or colleagues about us! So, you will really know what and who we are. :thumbsup:

However, you chose to SPAM your product in this and other forums...

We didn't spam anywhere. As I told you: do you know any possibility to tell people about new product? You can do this only by posting overview on specialized forum, where users and professionals can value this product and write a feedback. I made only one post here.

Your originating site has a dubious reputation as a hacking site and we mostly don't know you...

Where and who told this to you? Why do you continue to say that? Where did you seen 'hackers'? :evilgrin:

Do you know what is presumption of innocence? :blush:

It is not clear that your tool provides any function that isn't already available in trusted tools... You created this mess and your responses are not gaining you more trust to resolve it...

Did you checked it to say something about it? How you can speak about the content of a book if you didn't opened and read it?

How many other forums have removed your ad and/or banned you?? I know of at least one...

Only one. With an unequal moderator. For example (in contrast to that forum), at BleepingComputers administrator made a good recommendations for users. :thumbup: Also I can show you a lot of Russian forums (SWI analogues) where people discussing OSAM and using it against malware.

#12 miekiemoes

miekiemoes

    Malware Expert

  • Global Moderator
  • PipPipPipPipPip
  • 20,026 posts

Posted 07 December 2007 - 10:33 AM

I've had a look at it and I must say - there are some nice options present. :)

Little note...

* - available only for registered users (conditions may be changed in the near future)

So I assume that it may not be free anymore in the future?

About the spambots, phpbb is the ideal target for spambots. Ever considered to use Advanced Textual Confirmation?
http://bbantispam.com/atc/
Because as for such forum, you cannot really afford to have spambots.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#13 OnlineSolutions

OnlineSolutions

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 10 December 2007 - 07:45 AM

I've had a look at it and I must say - there are some nice options present. :)

Thank you, miekiemoes! If you have any wishes, questions or suggestions - you are welcome.

Little note...

* - available only for registered users (conditions may be changed in the near future)

So I assume that it may not be free anymore in the future?

No, this means that we will provide this features in the future without any registration (at this moment this features available only for registered alpha-testers).

About the spambots, phpbb is the ideal target for spambots. Ever considered to use Advanced Textual Confirmation?
http://bbantispam.com/atc/
Because as for such forum, you cannot really afford to have spambots.

Thank you for the advise, we will use analogical idea in near future.




Member of UNITE
Support SpywareInfo Forum - click the button