NoVirusThanks OSArmor

[Lenny_Fox]

When I tested OSA, the startup delay increased a lot compared to Windows Defender with ConfigureDefender and SimpleWindowsHardening.

Old OSA handled MSI installers by blocking MSIEXEC, this had the consequence that the advanced rules like allowing only specific vendors (based on signature) was not possible. This advanced feature probably will be available in future paid features.

So I wil keep Microsoft software with following two freebies to increase protection:
- ConfigureDefender on High+ (adds advanced reputation checks and services to Microsoft Defender, reducing zero day risk of EXE's, TMP's and MSI's)
- SimpleWindowsHardening (reducing the risk of scripts, by blocking scripts to run in user folders as standard user)

It makes sence that OSA becomes shareware, because it was the super configurable version of NVT EXE RADAR PRO for FREE. Software developers have to pay their bills also (moving from freeware to shareware). With 30 day trial each can determine by themselves whether the license is worth the cash.

 

[NoVirusThanks]

Finally, OSArmor v1.5 and its new website has been released:
Prevent Malware & Ransomware Infections on Windows PC | OSArmor

Here is a coupon code with 20% discount (valid for 50 orders): MWT20

This is the final changelog:

[12-Oct-2020] v1.5.0.0

+ Improved method to detect when Desktop has fully loaded
+ Added option to password-protect power options with Admin Credentials
+ Added option to update Exclusions.db from a remote URL
+ Added option to update CustomBlock.db from a remote URL
+ Added option to update OSArmor settings from a remote URL
+ Added option to automatically check and download new product updates
+ Added option to change connection settings using a proxy server
+ Added option to HTTP POST process-blocked events to a remote URL
+ Improved the pre-filled text of exclusion rule when button "Exclude" is clicked
+ Automated the product activation via setup.exe command-line parameter /LICENSEKEY=
+ Improved setup installation script (no more freezes)
+ Added many new internal rules to block suspicious behaviors
+ Added option to send blocked process events to Event Viewer
+ Fixed Block execution of unsigned processes on Temp folder
+ Fixed get of user Temp folder in specific situations
+ Fixed saving of UTF-8 unicode data in the .log file
+ Added new usable variables in CustomBlock and Exclusion rules
+ Added variable %RULENAME% in CustomBlock to name your custom rule
+ Added possibility to detect unsigned processes in CustomBlock and Exclusion rules
+ Updated FAQs (Helpt.txt) with new questions and answers
+ Updated program main icon and code to change system tray icons (pixel-perfect)
+ Updated default WAV sound used for alerting of process-blocked events
+ Added option "Don't show this notification again" on "process blocked" window
+ Manage list of processes present in the "Ignored notifications" list
+ Improved retrieval of Signer on Windows XP in particular situations
+ Improved Block rundll32.exe from using RegisterOCX
+ Improved block of Microsoft Edge
+ Improved anti-exploit module for Microsoft Edge (Chromium-based)
+ New options to block Windows Store, Cortana, System Settings, System Security UI, etc.
+ Added Prevent changing of windir via command-line
+ Added Prevent rundll32.exe from using -localserver
+ Added Prevent SettingSyncHost.exe from using -LoadAndRunDiagScript
+ Added Prevent RunDll32.exe from loading ctor.dll, LaunchSetup
+ Added Block execution of curl.exe
+ Added Prevent dctask64.exe injectDll/invokeexe/executecmd64
+ Added Block execution of sxstrace.exe
+ Added Block execution of winrs.exe
+ Added Block execution of ExtExport.exe (Internet Explorer)
+ Added Block execution of instnm.exe
+ Added Block processes executed from conhost.exe
+ Added Prevent cmd.exe from using "/c start" or "/r start"
+ Added Block processes executed from VirtualBoxVM.exe
+ Added Block processes executed from vmware-vmx.exe
+ Added Block execution of addinprocess/32.exe
+ Added Block execution of addinutil.exe
+ Added Protect Microsoft PDF Reader
+ Added Block execution of MicrosoftPdfReader.exe
+ Changed End User License Agreement (EULA)
+ Improved compatibility with Windows 10 2004
+ Fixed some false positives
+ Minor improvements

It took some more weeks than expected, but we are very happy with the results.

You can download and test OSArmor for 30-days without limitations in functionalities.

On the new website we tried to include as many information as possible (more will be added soon).

So guys, sorry for the very long delay, I hope you will like the new version!

As always feedbacks, critics, and comments are welcome =)

 

[Digmor Crusher]

Thanks Andreas, will give it a spin.

 

[EndangeredPootis]

Nice to see the price set isnt too shabby.

 

[Moonhorse]

Any chance for paysafecard ? Do fastpring have this option for paying?

I dont have online bank account, i have only used g2a for some coupons in the past

Goodluck though

 

[NoVirusThanks]

@Lenny_Fox

Old OSA handled MSI installers by blocking MSIEXEC, this had the consequence that the advanced rules like allowing only specific vendors (based on signature) was not possible. This advanced feature probably will be available in future paid features.

We will add better support for handling MSI executions:

We're working on adding support to use variables like %MSISIGNER% to match signer of a MSI file and %MSIPATH% to match MSI file path, so users can write custom block rules and exclusion rules by matching these new MSI-specific variables (e.g: you can block any MSI file, except the ones signed by a defined list of signers of your choice or you can allow MSI executions only in specific folder and signed by only specific vendors). We plan on adding also option to block execution of unsigned MSI files in Configurator -> Advanced tab. If you have other requirements or ideas please let me know.

@Moonhorse

I have asked FastSpring that but unfortunately they do not support it.

I'll ask if they plan on adding support for it soon and in case I will update you.

 

[NoVirusThanks]

Released NoVirusThanks OSArmor v1.5.1:
Download OSArmor for Windows 7, 8, 10 (32 & 64-bit) | OSArmor

Changelog:

+ Added variable %MSIFILE% in CustomBlock and Exclusion rules
+ Added variable %MSISIGNER% in CustomBlock and Exclusion rules
+ Improved the pre-filled text of exclusion rule when button "Exclude" is clicked
+ Added Block regsvr32.exe from loading DLLs in user space
+ Added Block rundll32.exe from loading DLLs in user space
+ Added Block rundll32.exe from loading DLLs on SMB share
+ Added Block rundll32.exe from loading COM Server payload
+ Added Block execution of unsigned MSI installers
+ Fixed some false positives

If you have the auto-update option checked your OSA version will be upgraded automatically.

Else you can install this new version "over-the-top" (a reboot is not required).

 

[Gandalf_The_Grey]

I got mail today:

Dear Subscriber,

We have released OSArmor v1.5.2, here are more info:
https://www.osarmor.com/changelog/

You can download the latest version from this link:
https://www.osarmor.com/download/

What's new? Read below:

+ NVT License Manager is not installed if OS is Windows XP
+ Updated method used to save the custom password
+ Custom password must now be at least 6 characters in length
+ Added option to select update frequency "every X minutes" on Enterprise features
+ Added support for HTTP redirects (max 3 redirects) on Enterprise features
+ Added support for ftp:// URLs on Enterprise features
+ Fixed Block execution of Windows Event Viewer
+ Fixed Block execution of .msc scripts outside System folder
+ Fixed all reported false positives
+ Minor improvements

Here are two new videos:

Testing OSArmor with Recent Maldocs (October 2020)
Recent Excel Maldocs Blocked by OSArmor (October 2020)

Best regards,

NoVirusThanks Team
https://twitter.com/novirusthanks
https://www.facebook.com/NoVirusThanks/

 

[blackice]

Auto update worked great, but put an icon on my desktop. Which, worst case is like a notification for the update.

 

[paulderdash]

Auto update worked great, but put an icon on my desktop. Which, worst case is like a notification for the update.

I wasn't sure it auto-updated (forgotten )!
Anyway - didn't get a chance, because I updated manually on receipt of the email.

 

[NoVirusThanks]

//Everyone

Here is a 50% off coupon code: XMAS50

Pricing for OSArmor Personal, Business & Enterprise | OSArmor

It is valid until 25 December 2020 for all OSArmor versions (Personal, Business, Enterprise) and is permanent (applies to all next renewals).

New version should be released soon (mainly OSA Configurator has been rewritten with search rules, grouping, security profiles, etc).

@blackice

It will be fixed on the next version, thanks for reporting it =)

 

[JB007]

Hello,
This coupon is ver exciting but I'm not sure if I purchase OSArmor or not because I have used the free version during some months and also the paid trial but I never got any block ; so I don't know if OSA would be useful to me alongside my main AV , Kaspersky Total Security.

 

[oldschool]

so I don't know if OSA would be useful to me alongside my main AV , Kaspersky Total Security.

No, because you have powerful protection already in KTS.

 

[silversurfer]

Hello,
This coupon is ver exciting but I'm not sure if I purchase OSArmor or not because I have used the free version during some months and also the paid trial but I never got any block ; so I don't know if OSA would be useful to me alongside my main AV , Kaspersky Total Security.

As already said by @oldschool Kaspersky Total Security provides similar kind of protection modules like System-Watcher and Application-Control!
That means in this case for sure it's redundant to purchase another software as real-time protection...

 

[JB007]

No, because you have powerful protection already in KTS.

As already said by @oldschool Kaspersky Total Security provides similar kind of protection modules like System-Watcher and Application-Control!
That means in this case for sure it's redundant to purchase another software as real-time protection...

Thanks @oldschool and @silversurfer for your explanations and sorry for NVT OSA team which loses a future customer.

 

[plat]

Just a notice: If you currently have OSArmor installed and activated with your key, flashing your motherboard BIOS will likely invalidate your activation! It is necessary to de-activate your device and then re-enter your license key.

You can access the customer portal on the FAQs page and follow the instructions.

Frequently Asked Questions (FAQs) | OSArmor

Find answers to common questions about OSArmor software. Should you have a question that is not present in this page please do not hesitate to contact us with your inquiry and we will reply as soon as possible.

www.osarmor.com

In my case, no means to de-activate showed up so I had to un/re-install OSA (keeping the settings at the prompt) and then re-enter my key.
According to developer, this will be fixed in later version/s, not the current v. 1.5.2.

NoVirusThanks OSArmor: An Additional Layer of Defense

Osarmor?I have to catch up :)

www.wilderssecurity.com

NoVirusThanks OSArmor: An Additional Layer of Defense

Thanks for the purchases guys! @paulderdash Yes licenses are auto-renewed by default after 1 year (if they have not been canceled by the user). All...

www.wilderssecurity.com

 

[blackice]

Just a notice: If you currently have OSArmor installed and activated with your key, flashing your motherboard BIOS will likely invalidate your activation! It is necessary to de-activate your device and then re-enter your license key.

You can access the customer portal on the FAQs page and follow the instructions.

Frequently Asked Questions (FAQs) | OSArmor

Find answers to common questions about OSArmor software. Should you have a question that is not present in this page please do not hesitate to contact us with your inquiry and we will reply as soon as possible.

www.osarmor.com

In my case, no means to de-activate showed up so I had to un/re-install OSA (keeping the settings at the prompt) and then re-enter my key.
According to developer, this will be fixed in later version/s, not the current v. 1.5.2.

NoVirusThanks OSArmor: An Additional Layer of Defense

Osarmor?I have to catch up :)

www.wilderssecurity.com

NoVirusThanks OSArmor: An Additional Layer of Defense

Thanks for the purchases guys! @paulderdash Yes licenses are auto-renewed by default after 1 year (if they have not been canceled by the user). All...

www.wilderssecurity.com

Happened to me last night.

 

[pxxb1]

Was it the1.4.3 version that was the last free one?

 

[gery79]

As already said by @oldschool Kaspersky Total Security provides similar kind of protection modules like System-Watcher and Application-Control!
That means in this case for sure it's redundant to purchase another software as real-time protection...

correct

 

[NoVirusThanks]

@pxxb1

Yes

//Everyone

To welcome the new year here is a 40% off coupon code: WELCOME2021

Pricing for OSArmor Personal, Business & Enterprise | OSArmor

It is valid until 10 January 2021 for all OSArmor versions (Personal, Business, Enterprise) and is permanent (applies to all next renewals).

PS:

New version is on its way, remained only to fix the fingerprint issue when BIOS is updated.

If you have other suggestions or issues please let me know.