sepik

Level 3
Hello,
After installing the new version and rebooted, GData founds an active infection: Win32.Malware.Bucaspys.9MD1DU (Engine B)
Engine B is their in-house engine.
-sepik
 
  • Like
Reactions: oldschool

Windows_Security

Level 23
Verified
Trusted
Content Creator
@NoVirusThanks

Andreas,

Yesterday evening I installed your excellent program on a new laptop of a family member. I have some questions/requests

  1. In the advanced protections I see several options to only allow signed processes, but I did not see (or overlooked) LocalLow.
    Could you add an option to only allow signed processes from LocalLow also?

  2. There is an option to block reg files totally and block them executing silently. I would like to add another option.
    Coould you add option to only allow registry file (.reg) executions from safe folders (Windows and Program Files)?
    Combined with the block silent execution, this should be a safe (no risk on breaking something) hardening measure.

  3. You already have a block option for Internet Explorer (replaced in Windows 10 by Edge).
    Could you also add a block option for Windows Media Player (replaced in Windows 10 by Windows store Apps)?

  4. Could you add Edge-chromium in the anti-exploit section?
Thanks in advance

Kees


EDIT1: I got a change request from my family member also (quotes from the phone call)
He: "Kees, you said the guy was Italian who developed this software" - Me: Yes, why?
He: "So why does he design such an ugly icon" - Me: What do you mean?
He: "The yellowish glow on the icon clashes my other (white system tray) icons" Me: Okay ...
He: "Can you turn it into plain white with a checkmark?" Me: :cry::emoji_sob: (speechless)

EDIT2: It gets worse (called again today)
He: "Kees, don't bother I managed myself to turn the icon white" - Me: OK, great how?
He: "Just right click the icon and turn off protection" - Me: :sick::mad: (speechless)
 
Last edited:

JB007

Level 17
Verified
Hello
I'm using NVT OA since a few months but I have no proof of its effectiveness because I did not have any alarms.
So how can I test it?
 
  • Like
Reactions: oldschool

SFox

Level 2
Hello
I'm using NVT OA since a few months but I have no proof of its effectiveness because I did not have any alarms.
So how can I test it?
If there are no messages from the program, this does not indicate that the program does not work, but, on the contrary, may indicate that the program works :) For example, you can block the launch of programs from My Documents (it seems there is such an option) and try to run any portable exe-file from this directory.
 

plat1098

Level 10
Verified
Sometimes I wonder also, so this is a good question to raise. Usually, if I run PrivaZer, there's an alert from OSA naming the robocopy rule but PrivaZer seems to keep going, so I don't know if just one minor cleaning process was skipped or nothing was actually blocked, just the alert came up. Here, I d/l the newest, latest version of a trusted software that by its nature should trigger OSA based on at least one enabled rule, and it did. (specific rule is in snip). Now, I will whitelist it and it'll be executed without blocking until the next new version. :emoji_ok_hand:


hwinfo osa.png
 

oldschool

Level 37
Verified
Posted @ Wilders NoVirusThanks OSArmor: An Additional Layer of Defense

I always follow this thread (without logging in) so in case of problems I can check them.

We tested OSArmor 1.4.3 on Windows 10 Pro 1909 (64-bit) OS Build 18363.418 and it works fine:

OS_Build.png


Test_Built-in_Rule.png

Test_Custom_Rule_With_CmdLine.png

Test_Protect_Driver.png


Can you test OSA with default settings and describe how to reproduce the issue?

If other users are using/testing Windows 10 1909 builds, can you confirm if OSA works fine in your case too?

PS: We're still busy with a few projects, but will release a new OSA version asap (already mostly done).
* ERP v4.0 Beta (pre-release) test 32 at #7468 *
* OSArmor v1.4.3 (final) at #2573 *

NoVirusThanks EXE Radar Pro v3

Stable: v3.0 BUILD15-10032014 / Beta: v3.1_15052015_BUILD1
Command-line wildcard explained
 

blackice

Level 12
Verified

Umbra

Level 10
Verified
Despite my great love for NVT products, i heard from quite reliable sources, that NVT will mostly significantly reduce and eventually abandon the development of freewares like NVT, SysHardener or OSA. Their focus now is, obviously, making serious incomes (probably with SOB or tailored applications). This confirm somehow why their dev went silent for months and their freewares updated mostly when Windows 10 is upgraded.
Security Forums users are a niche market, and on top of that prefer enjoy freewares than paid ones. reason why several powerful tools are abandoned through the years (Trustfire, Malware Defender, Defensewall, Geswall, Online Armor, and recently Sandboxie, etc...).

One more reason for users to learn how to handle what security features Windows 10 offers, emphasize safe habits instead of relying in 3rd party tools.
 
Last edited:

blackice

Level 12
Verified
Despite my great love for NVT products, i heard from quite reliable sources, that NVT will mostly significantly reduce and eventually abandon the development of freewares like NVT, SysHardener or OSA. Their focus now is, obviously, making serious incomes (probably with SOB ) or tailored applications. This confirm somehow why their dev went silent for months and their freewares updated mostly when Windows 10 is upgraded.
Security Forums users are a niche market, and on top of that prefer enjoy freewares than paid ones. reason why several powerful tools are abandoned through the years (Trustfire, Malware Defender, Defensewall, Geswall, Online Armor, and recently Sandboxie, etc...).

One more reason for users to learn how to handle what security features Windows 10 offers, emphasize safe habits instead of relying in 3rd party tools.
I think several of their free tools are worth paying for. But it makes sense, you can’t eat good forum sentiments for dinner.