- Apr 27, 2018
- 172
Im not a NVT Radar/OsArmor customer as i have VoodooShield, but i do like your product a lot!
& i must agree with the others, support for XP has to stop.
& i must agree with the others, support for XP has to stop.
NoVirusThanks OSArmor
- Thread starter Evjl's Rain
- Start date
- Jul 6, 2017
- 2,392
Why?? I do not agree, there are still companies that use Xp. and people who use Xp because they do not have anything else and do not know that Linux exists.& i must agree with the others, support for XP has to stop.
Well in my case I have broken two PCs do not know why, and now I'm using Xp and Xubuntu Because my machine does not go with W7 or W10.
I also respect Andreas if he does not want to continue giving support to Xp.
- Apr 27, 2018
- 172
Not sure that is true.Why?? I do not agree, there are still companies that use Xp. and people who use Xp because they do not have anything else and do not know that Linux exists.
Well in my case I have broken two PCs do not know why, and now I'm using Xp and Xubuntu Because my machine does not go with W7 or W10.
I also respect Andreas if he does not want to continue giving support to Xp.
even my brothers laptop is win7 with a slow 720p screen, celeron & 3gb ram.
Businesses who use XP still are already not thinking about security, so a security application that supports XP or not, truly is not a thought of theirs.
- Jul 6, 2017
- 2,392
Well, if it's true ... I've run out of two PCs overnight. and this one I'm using was given to me by my brother who forgot it in the back room ... with 1GB of ram. now I have increased it to 2 gb of ram. ddr 400 that are slower than the horse of the bad
- Jan 25, 2018
- 300
Let me congratulate you, your'e a great programmer and you know how to fix bugs very quickly.
We are happy at using your beta programs, thank you for protect us.
These are the types of companies and people a security software shouldn't want themselves associated with. Not only does it show a lack of IT knowledge and proactive security measures, but it also probably indicates they don't even have enough money to buy your product.
Not a single second of development manpower and resources should be spent supporting legacy operating systems.
- Jul 6, 2017
- 2,392
Not long ago I saw in a post office that they had Xp and a state employment office as well. Now I do not know if they had Internet access or not. In any case, Xp is not recommended, I agree with that.
Those tired old govt. offices really don't care about security so that's not surprising. The only proper way to secure an XP machine is to yank out the ethernet card to put hot glue in the ethernet port. I've dealt with some XP machines in recent months, and that's how we secure them in situations where firms simply can't afford replacement. Those machines will never talk out again, ever. The 'work around' is you setup bi-directional sync from the XP machine to a Win10 machine, then use the Win10 machine to talk out if it is required.
Reported false positives are still there, i attached new logs, see previous post for context. Thank you for all your work!
- Feb 21, 2015
- 456
Got this two when updating IDM put to exclude for now.
Date/Time: 12/05/2018 12:41:01 PM
Process: [3876]C:\Windows\SysWOW64\net.exe
Process MD5 Hash: B9A4DAC2192FD78CDA097BFA79F6E7B2
Parent: [1728]C:\Users\xxx\AppData\Local\Temp\IDM_Setup_Temp\IDM1.tmp
Rule: BlockNetNet1Execution
Rule Name: Block execution of net\net1.exe
Command Line: "C:\Windows\System32\net.exe" start IDMWFP
Signer:
Parent Signer: Tonec Inc.
User/Domain: xxx/xxx
System File: True
Parent System File: False
Integrity Level: High
Parent Integrity Level: High
Date/Time: 12/05/2018 12:41:00 PM
Process: [3632]C:\Windows\SysWOW64\net1.exe
Process MD5 Hash: 2041012726EF7C95ED51C15C56545A7F
Parent: [1896]C:\Windows\SysWOW64\net.exe
Rule: BlockNetNet1Execution
Rule Name: Block execution of net\net1.exe
Command Line: C:\Windows\system32\net1 stop IDMWFP
Signer:
Parent Signer:
User/Domain: xxx/xxx
System File: True
Parent System File: True
Integrity Level: High
Parent Integrity Level: High
Date/Time: 12/05/2018 12:41:01 PM
Process: [3876]C:\Windows\SysWOW64\net.exe
Process MD5 Hash: B9A4DAC2192FD78CDA097BFA79F6E7B2
Parent: [1728]C:\Users\xxx\AppData\Local\Temp\IDM_Setup_Temp\IDM1.tmp
Rule: BlockNetNet1Execution
Rule Name: Block execution of net\net1.exe
Command Line: "C:\Windows\System32\net.exe" start IDMWFP
Signer:
Parent Signer: Tonec Inc.
User/Domain: xxx/xxx
System File: True
Parent System File: False
Integrity Level: High
Parent Integrity Level: High
Date/Time: 12/05/2018 12:41:00 PM
Process: [3632]C:\Windows\SysWOW64\net1.exe
Process MD5 Hash: 2041012726EF7C95ED51C15C56545A7F
Parent: [1896]C:\Windows\SysWOW64\net.exe
Rule: BlockNetNet1Execution
Rule Name: Block execution of net\net1.exe
Command Line: C:\Windows\system32\net1 stop IDMWFP
Signer:
Parent Signer:
User/Domain: xxx/xxx
System File: True
Parent System File: True
Integrity Level: High
Parent Integrity Level: High
Last edited:
- Aug 23, 2012
- 293
Here is a new v1.4 (pre-release) test65:
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test65.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Block rundll32.exe from using RegisterOCX
+ Improved Block suspicious command-lines (50+ new internal rules)
+ Improved Block loading of .inf files via InstallHinfSection\LaunchINFSection\etc
+ Fixed "Restore to Default" and disabling of "Block reg.exe from hijacking Registry startup entries"
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
@Stas
Thansk for sharing, it should be fixed now.
@Carphedon
Add these 3 rules in Exclusions.db:
I will discuss soon if we will include them internally.
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test65.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Block rundll32.exe from using RegisterOCX
+ Improved Block suspicious command-lines (50+ new internal rules)
+ Improved Block loading of .inf files via InstallHinfSection\LaunchINFSection\etc
+ Fixed "Restore to Default" and disabling of "Block reg.exe from hijacking Registry startup entries"
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
@Stas
Thansk for sharing, it should be fixed now.
@Carphedon
Add these 3 rules in Exclusions.db:
Code:
[%PROCESS%: C:\Windows\System32\netsh.exe] [%PROCESSCMDLINE%: netsh.exe interface ipv6 add route ????::/? "*" ????::? store=active]
[%PROCESS%: C:\Windows\System32\cmd.exe] [%PROCESSCMDLINE%: C:\Windows\system32\cmd.exe /c echo 10.?.??.?? |findstr -r .*\..*\..*\..*]
[%PROCESS%: C:\Windows\System32\cmd.exe] [%PROCESSCMDLINE%: C:\Windows\system32\cmd.exe /c echo 192.168.1.??? |findstr -r .*\..*\..*\..*]I will discuss soon if we will include them internally.
- Aug 23, 2012
- 293
Here is a new v1.4 (pre-release) test66:
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test66.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed some false positives
+ Improved Block processes located in suspicious folders
+ Improved Block execution of malformed PowerShell commands
+ Block execution of scp\ssh\sftp.exe (located on C:\WINDOWS\System32\OpenSSH\)
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test66.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed some false positives
+ Improved Block processes located in suspicious folders
+ Improved Block execution of malformed PowerShell commands
+ Block execution of scp\ssh\sftp.exe (located on C:\WINDOWS\System32\OpenSSH\)
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
- Aug 23, 2012
- 293
Here is a new v1.4 (pre-release) test67:
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test67.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test67.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
- Jan 25, 2018
- 300
features that OsArmour need are; a personal password to acccess into main menu and rest of the options.
Another Nvtoa feature it need lock itself in the bacground to avoid the termination process into taskmgr.exe
And it need the searchbar with definitions to save time by configuring parameters.
Thank you very much for giving us this great program, 2 months using it.
Another Nvtoa feature it need lock itself in the bacground to avoid the termination process into taskmgr.exe
And it need the searchbar with definitions to save time by configuring parameters.
Thank you very much for giving us this great program, 2 months using it.
- Aug 23, 2012
- 293
Here is a new v1.4 (pre-release) test68:
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test68.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ New option to "Use only your own Custom Block rules"
+ Extended process and parent process cmdline to 8192 chars (max for Windows)
+ Block execution of IQY Excel Web Query files (Main Protections, enabled)
+ Block rundll32.exe from using InstallScreenSaver
+ Block msdeploy.exe from using RunCommand
+ Block execution of jjs.exe -scripting (related to Java)
+ Block execution of jsc.exe /outrelated to Java)
+ Updated Help/FAQs file with two new Q&A
+ Fixed all reported false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
Here is a screenshot:
//EDIT
* Will reply to posted questions tomorrow, just wanted to post this update *
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test68.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ New option to "Use only your own Custom Block rules"
+ Extended process and parent process cmdline to 8192 chars (max for Windows)
+ Block execution of IQY Excel Web Query files (Main Protections, enabled)
+ Block rundll32.exe from using InstallScreenSaver
+ Block msdeploy.exe from using RunCommand
+ Block execution of jjs.exe -scripting (related to Java)
+ Block execution of jsc.exe /out
related to Java)+ Updated Help/FAQs file with two new Q&A
+ Fixed all reported false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
Here is a screenshot:
//EDIT
* Will reply to posted questions tomorrow, just wanted to post this update *
- Nov 10, 2017
- 3,250
Awesome program! cant wait to download it tomorrow
Nvm i can see the link...
Nvm i can see the link...
@NoVirusThanks
I miss and auto-update feature in the final version (optional)
I miss as well the popup behaviour, to manually accept or block the detections of OsArmor (optional)
When the final version will be released?
I miss and auto-update feature in the final version (optional)
I miss as well the popup behaviour, to manually accept or block the detections of OsArmor (optional)
When the final version will be released?
- Jun 20, 2011
- 1,005
I also like this program very much, it is really great, but when will the final version be?
- Jun 2, 2018
- 96
Does it make sense to use both OSArmor and EXE Radar Pro?
Yes it does. I do it.
Similar threads
