Skip navigation.
Home

Autorun Manager (OSAM) - utility which helps to find malware/rootkits at startup

|

Hello!

We developed a free utility (Online Solutions Autorun Manager - OSAM) that helps to find malware/rootkits at computer's startup. It may be very useful for malware analysts, helpers and other users.

Here is an overview and download link.

I hope to find here a beta-testers for our software and get some feedback and suggestions to improve it! If you have any questions feel free to contact me.

Interesting, I will test it

Interesting, I will test it soon.

Fabio Assolini
MIRT Hunter www.castlecops.com
ASAP Member

first, I read it's features

first, I read it's features from official web site,
then I tested it .
it's seem prefect .
I'm happy of this useful software,
thanks alot .
another incredible feature : it's entirely free ;) and there is no need to any payment .
I suggest it to everyone who likes malware analysing and defensing ...

-p0i50n

not bad

even though there is Eset SysInspector and Autoruns, which offer similar functionality and don´t have to be installed.

Thank you for your

Thank you for your feedback!

That's a problem: not a "similar functionality" in some ways of using. At this moment there is only one way to get this point - deep working with this software to see all functions step-by-step. Some functions not striking if you just scanned and then closed software in one minute. We will make a compare article in near future and some tutorials (stories of using in difficult cases) to show many parts of "hidden" powerful functionality.

About installation: we have a portable version, that also available on download page. It needs no installation, just unpack and use (SFX archive).

Also, if you have any suggestions for improvement or new functions - it's very interesting!

P.S. And you are right, SysInspector is very good too.
--
Best protection against malware and rootkits
http://www.online-solutions.ru/en/

The portable version does

The portable version does not work here.

Any error messages?

Any error messages or what is not working? Probably, you'll need a .dlls (the second archive for portable version), see downloads section (at the bottom of page).

--
Best protection against malware and rootkits
http://www.online-solutions.ru/en/

Re:Any error messages?

The dlls solved the problem. They should be bundled or it´s not a portable version then.
As for the added functionality, you´re right. It did find vanquish rootkit. But so did SysInspector. I will test it more thoroughly and I´m looking forward for the comparison :)

It's portable :)

On some computers these .dlls are already installed with other nowaday software made with MSVC.

--
Best protection against malware and rootkits
http://www.online-solutions.ru/en/

New beta-version of OSAM is released. Now with driver!

Hello!

The new beta version of OSAM: Autorun Manager is released - v1.0.0.6426. Now it is possible to delete [malware] objects using driver. The "OSAM" can be downloaded here.

--
Best protection against malware and rootkits
http://www.online-solutions.ru/en/

I downloaded this about 10 min ago


Not workin for me.

Ok I just ran it through a debugger and I see a call to LoadLibrary failing for c:\program files\online solutions\osam\osamloc.dll among other things.

V.

It detects file/registry monitor activity

Hello!

It detects file/registry monitor activity and stop working if found. Sorry, we forgot to disable this function before releasing. Thank you for your report!

Could you say, what monitor applications you have started? (With what application it conflicts at this moment).

--
Best protection against malware and rootkits
http://www.online-solutions.ru/en/

Im not

running any monitor applications (not sure what that means). I have spybot installed and punkbuster so maybe its one of those.

V.

Could you contact us?

Hello!

Could you contact us to solve this problem? Today we have tested compatibility of OSAM and Spybot v1.xx (don't remember, but latest version from the vendor's site) and PunkBuster. No any conflicts.

I seen on your screenshot something like TCPView or TDIMon. Probably, you have started any other monitors like RegMon or FileMon?

Please write to tsdep@online-solutions.ru to understand and solve this problem.

Thank you!

P.S. We disabled this detection for next builds. But we need to understand what software is incompatible with such types of detections.
--
Best protection against malware and rootkits
http://www.online-solutions.ru/en/

Yeh

I was only running tcpview. i tried it with tcpview off also.

V.

When it will be fixed

Hello again,

Probably, this problem will be fixed in near 2-3 days (with other bugfixes if any serious bug will be found). Or it will be fixed with next beta-release that will be in 1-2 weeks (adding some new functions).

And sorry again for this small problem.

--
Best protection against malware and rootkits
http://www.online-solutions.ru/en/