- Jun 2, 2018
- 96
Many settings are duplicated. Do they do something different nontheless?
NoVirusThanks OSArmor
- Thread starter Evjl's Rain
- Start date
- ERP is Anti-exe, prompting the user to allow/deny all non-whitelisted processes/programs.
- OSA is kind of semi-SRP/pseudo-Behavior Blocker, it blocks processes based on its internal rules and user settings. It only prompts the user to exclude a blocked process.
- OSA is kind of semi-SRP/pseudo-Behavior Blocker, it blocks processes based on its internal rules and user settings. It only prompts the user to exclude a blocked process.
- Jun 2, 2018
- 96
Thank you 
I think NVT should combine several of his programs: The EXE radar, OSA, driver radar, registry radar ... probably some more fitting.
I think NVT should combine several of his programs: The EXE radar, OSA, driver radar, registry radar ... probably some more fitting.
- Jan 28, 2016
- 529
I've read quite a lot of this thread and also the OSArmor thread in the 'other place' but I still haven't been able to find out whether it is worth using in addition to Voodooshield or if there is too much duplication, or indeed if there are any compatibility issues. I've been using both of them for a little while and there don't appear to be any conflicts. Any feedback appreciated.
- Jun 20, 2011
- 1,005
maybe there are no conflicts but OSArmor is still in the testing phase, and I do not like programs in this phase, I will wait as soon as it becomes stable.
NVT is one of the few vendors that you can use a beta as if it was a stable.
I follow this vendor since day one, i almost never had severe issues while using their apps.
I follow this vendor since day one, i almost never had severe issues while using their apps.
- Aug 23, 2012
- 293
Here is a new v1.4 (pre-release) test69:
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test69.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed some false positives
+ Removed "Block execution of IQY Excel Web Query files" (executed directly via excel /dde, can't be filtered)
+ Added numbering of questions (Q) and answers (A) on Help\FAQs file, e.g. Q1 A1, Q16 A16, Q21 A21
+ New option: Prevent explorer.exe from executing exes with /c
+ Improved Block suspicious command-lines
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
All reported FPs should be fixed.
//Everyone
Summary of important features not yet added (scheduled for next version):
- Automatic update
- Button to manually check for updates
- Maybe encrypt the CustomBlock.db/Exclusions.db files so they are not in plain-text and create a GUI-helper to edit them
- Move all protection options in a ListView so they can be easily sorted/categorized/searchable/enabled/disabled
- Create pre-defined protection modes: Basic/Medium/Advanced/Custom
- Add possibility to add custom apps in Anti-Exploit tab
- Possibility to exclude a specific blocked event from being shown via the notification dialog
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test69.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed some false positives
+ Removed "Block execution of IQY Excel Web Query files" (executed directly via excel /dde, can't be filtered)
+ Added numbering of questions (Q) and answers (A) on Help\FAQs file, e.g. Q1 A1, Q16 A16, Q21 A21
+ New option: Prevent explorer.exe from executing exes with /c
+ Improved Block suspicious command-lines
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
All reported FPs should be fixed.
//Everyone
Summary of important features not yet added (scheduled for next version):
- Automatic update
- Button to manually check for updates
- Maybe encrypt the CustomBlock.db/Exclusions.db files so they are not in plain-text and create a GUI-helper to edit them
- Move all protection options in a ListView so they can be easily sorted/categorized/searchable/enabled/disabled
- Create pre-defined protection modes: Basic/Medium/Advanced/Custom
- Add possibility to add custom apps in Anti-Exploit tab
- Possibility to exclude a specific blocked event from being shown via the notification dialog
- Jan 29, 2017
- 1,201
While running ERP I have set OSA (test 68) on passive logging,,, but today I got an OSA blocking popup.
Rule: BlockIexploreExecution
I thought passive logging was a neutral monitoring. Am I mistaken?
Rule: BlockIexploreExecution
I thought passive logging was a neutral monitoring. Am I mistaken?
- Aug 23, 2012
- 293
Telos
You will still get the OSA blocking popup when in Passive Logging.
But the process will not be blocked in real.
You will still get the OSA blocking popup when in Passive Logging.
But the process will not be blocked in real.
- Jun 2, 2018
- 96
However, NVT specifically recommended the use of it's 3.1.0.0 beta for ERP. So this is only true for OSA, if at all.
BTW I have problem with the OSA blocking popup, using test 68: When I get a popup and another one from a different program opens, OSAs gets closed. It will also close when pressing keys.
Feature requests:
- Show log as you do in ERP.
- Make it also password protectable
- You have these exclamation marks in configurator, warning for possible problematic settings. Could you add a mouse-over text for all settings that gives a little context as to what they do? Like, why should I "prevent odbcconf.exe from loading .rsp scripts"?
Long term feature requests:
Combine all your great software into one.
Not always the best idea, look at Malwarebytes, it hasn't faired so well over the years. More features = bloated = more bugs and fixes = compatibility issues etc..
Another excellent example are people who use paid Bitdefender Total Security, then ignore the 80% of the features.
Those highlighted in bold are likely to be ignored and alt. software used instead.
Start.
Start.
- Complete Data Protection
- Advanced Threat Defense
- Multi-Layer Ransomware Protection
- Anti-Phishing
- Anti-Fraud
- Safe Files
- Secure Browsing
- Rescue Mode
- Anti-Theft
- Bitdefender AutopilotTM
- Bitdefender PhotonTM
- Battery Mode
- Global Protective Network
- Game, Movie & Work Modes
- Bitdefender VPN
- Webcam Protection
- Safe Online Banking
- Parental Advisor
- File Shredder
- Privacy Firewall
- Social Network Protection
- Password Manager
- Vulnerability Assessment
- Aug 23, 2012
- 293
Just a quick update:
Here is a new v1.4 (pre-release) test70:
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test70.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed some false positives
+ Improved Block suspicious command-lines
+ Improved Block processes located in suspicious folders
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
NulFunction
The features you suggested are scheduled for v1.5
Here is a new v1.4 (pre-release) test70:
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test70.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed some false positives
+ Improved Block suspicious command-lines
+ Improved Block processes located in suspicious folders
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
If you find any false positive or issue please let me know.
NulFunction
The features you suggested are scheduled for v1.5
- Apr 19, 2018
- 71
Can I exclude a process from being blocked? OSArmor blocks my automatic scheduled acronis backup which runs even if pc is off, it turns it on, makes a backup, then turns it back off. Using version 1.3, here's the details:
Date/Time: 6/16/2018 2:00:02 PM
Process: [21228]C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe
Parent: [3648]C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
Rule: BlockDirectJsVbsExecution
Rule Name: Block direct execution of javascript and vbscript code
Command Line: /dummy /dummy /script:"B39B3715-B5B5-40AC-B7B9-40E0E0A3A1F9" /uuid:"B39B3715-B5B5-40AC-B7B9-40E0E0A3A1F9" /run_mode:8
Signer: Acronis International GmbH
Parent Signer: Acronis International GmbH
Date/Time: 6/16/2018 2:00:02 PM
Process: [21228]C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe
Parent: [3648]C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
Rule: BlockDirectJsVbsExecution
Rule Name: Block direct execution of javascript and vbscript code
Command Line: /dummy /dummy /script:"B39B3715-B5B5-40AC-B7B9-40E0E0A3A1F9" /uuid:"B39B3715-B5B5-40AC-B7B9-40E0E0A3A1F9" /run_mode:8
Signer: Acronis International GmbH
Parent Signer: Acronis International GmbH
- Feb 21, 2015
- 456
- Apr 19, 2018
- 71
Because it's the official one on the site? I don't generally use beta versions, unless I really like the software in particular. That said, I'll try 1.4 and see how it goes
- Feb 21, 2015
- 456
v1.4 test70 is very stable with a lot more features.
- Mar 29, 2018
- 7,613
- Apr 19, 2018
- 71
So, I just installed 1.4 test 70, the problem is fixed, thx very much guys
- Jul 3, 2015
- 8,153
There are certain programs that are perpetually in beta, so the beta version is the preferred choice. NVT products are like that. It all depends on the dev.
- Aug 23, 2012
- 293
We've released the official OSArmor v1.4 (final) version:
* Make sure to first uninstall v1.3 and then install the new version
You can download it from our website:
Prevent Malware and Ransomware with OSArmor | NoVirusThanks
We'll start to work on v1.5 from middle of July * See below for important features in the todo list *
Thanks everyone for the help, suggestions and testing!
If you find any FP or issue please share them here.
* Make sure to first uninstall v1.3 and then install the new version
You can download it from our website:
Prevent Malware and Ransomware with OSArmor | NoVirusThanks
We'll start to work on v1.5 from middle of July * See below for important features in the todo list *
Thanks everyone for the help, suggestions and testing!
If you find any FP or issue please share them here.
Last edited:
Similar threads
