bjm_

Level 5
Verified
I have Voodooshield. Is OS Armour a similar product ?
The protection of OS Armor depends on rules and it is monitoring the behaviour of processes.
It monitors the system for suspicious processes/processes in suspicious folders and suspicious command-lines.

If you have an Anti Executable installed, try to execute "unknown" applications and you will get an alert about the execution.
OS Armor wouldn't give a peep. Only if one of its rules gets triggered.

If applications like: java.exe/mmc.exe/mstsc.exe are about to launch other (legitimate or whitelisted) applications, the Anti Executable wouldn't give a peep.
OS Armor would block it, if the according options are checked ("Block any process executed from mmc.exe (unchecked by default)", etc.)

If you want to have full control, use an Anti Executable.
But OS Armor provides an additional layer of protection. It has no complex configuration ("zero-configuration") and right after installation it is protecting without annoying prompts. (credit mood)
-----------------------
OSA "Anti-Exploit" protection isn't a real anti-exploit like HMPA or Windows Exploit Guard, it doesn't act in the memory, it is just a simple post-exploitation mechanism to prevent the listed apps to be compromised. (credit Umbra)
OSA is just a simple nicely made anti-exe with built-in rules, its scope is to prevent exploited processes to do more damages. It is a post-exploitation software. (credit Umbra)
 
Last edited:
D

Deleted member 178

Using OSA alone is good prevention already, if advanced settings and Custom Blocks are used you can make OSA an SRP-hybrid.

Using OSA alongside any anti-exe/SRP, as a complement is also good prevention.
You won't need to make too many rules in the others.

Pick your poison.
 

plat1098

Level 5
Verified
Yes, I recall an earlier version too. I de/reinstalled it, the sidebar scrolled just fine. Something along the way broke it on here, no clue what. Also, and this is really minor, it seems you only have to single click on the UAC for the Configurator. If you double-click, you get two system sounds clashing together. lol.
 

rockstarrocks

Level 17
Verified

South Park

Level 1
I had been using OSA 1.4 with no problems for months on my old Windows 7 laptop with Webroot. However, on my new Windows 10 1803 Home 64 laptop with Windows Defender, OSA 1.4.2 sometimes stops working on system start-up and can't be re-enabled except by uninstalling and reinstalling. I have removed it for now. Attached are the error messages from Windows in case the vendor wants them.

If I continue using just WD for now and always browse with Firefox or Edge w/ uBO enabled, should I consider myself reasonably safe? I'm a careful user and not click-happy.
 

Attachments

Raiden

Level 9
Content Creator
Verified
Hello
Do you know if OSA + ESET is a good and useful combination ?
Yea they can work well together. When I was using EIS I was using OSA along side it. That being said, if you are making full use of HIPS within ESET you really don't need OSA, as the HIPS can do what OSA does. I was to lazy to configure HIPS to I just ran HIPS in smart mode and ran OSA along side it :D

So really it's a bit of an Yes/No answer. Yes you can run OSA along side Eset, provided that you aren't configuring HIPS, but if you are then OSA isn't needed IMHO.(y)
 
Last edited:

JB007

Level 15
Verified
Yea they can work well together. When I was using EIS I was using OSA along side it. That being said, if you are making full use of HIPS within ESET, you really don't need OSA, as the HIPS can do what OSA does. I was to lazy to configure HIPS to I just ran HIPS in smart mode and ran OSA along side it :D

So really it's a bit of an Yes/No answer. Yes you can run OSA along side Eset, provided that you aren't configuring HIPS, but if you are then OSA isn't needed IMHO.(y)
Thanks @Raiden :emoji_ok_hand:
I'm also very lazy:LOL:
 

NoVirusThanks

From NoVirusThanks
Developer
Verified
Here is a new v1.4.3 (pre-release) test1:
https://downloads.novirusthanks.org/files/osarmor_setup_143_BETA_build1.exe

* Please do not share the download link, we will delete it when we'll release the official v1.4.2 *

So far this is what's new compared to the previous pre-release:

  • Disallow the UI from being respawned when the PC is rebooting or shutting down
  • Support %PROCESSMD5HASH% in CustomBlock.db and Exclusions.db
  • Improved Block processes with known fake extensions (i.e .pdf.exe)
  • Enabled by default: Prevent msiexec.exe from loading MSI files maskes as PNG files
  • Improved Block suspicious Explorer.exe process behaviors
  • Improved internal rules to block suspicious process activities
  • Fixed some false positives
  • Minor improvements
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.

Let me know if you find any issue or FPs with this new beta build.
 

NoVirusThanks

From NoVirusThanks
Developer
Verified
Here is a new v1.4.3 (pre-release) test2:

* Please do not share the download link, we will delete it when we'll release the official v1.4.3 *

So far this is what's new compared to the previous pre-release:

  • Improved parsing of command-line string
  • Minor improvements
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.

Let me know if you find any issue or FPs with this new beta build.
 

Similar Threads

Similar Threads