NoVirusThanks OSArmor

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
When I tested OSA, the startup delay increased a lot compared to Windows Defender with ConfigureDefender and SimpleWindowsHardening.

Old OSA handled MSI installers by blocking MSIEXEC, this had the consequence that the advanced rules like allowing only specific vendors (based on signature) was not possible. This advanced feature probably will be available in future paid features.

So I wil keep Microsoft software with following two freebies to increase protection:
- ConfigureDefender on High+ (adds advanced reputation checks and services to Microsoft Defender, reducing zero day risk of EXE's, TMP's and MSI's)
- SimpleWindowsHardening (reducing the risk of scripts, by blocking scripts to run in user folders as standard user)

It makes sence that OSA becomes shareware, because it was the super configurable version of NVT EXE RADAR PRO for FREE. Software developers have to pay their bills also (moving from freeware to shareware). With 30 day trial each can determine by themselves whether the license is worth the cash.
 
Last edited:

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
293
Finally, OSArmor v1.5 and its new website has been released:
Prevent Malware & Ransomware Infections on Windows PC | OSArmor

Here is a coupon code with 20% discount (valid for 50 orders): MWT20

osa.png


This is the final changelog:

[12-Oct-2020] v1.5.0.0

+ Improved method to detect when Desktop has fully loaded
+ Added option to password-protect power options with Admin Credentials
+ Added option to update Exclusions.db from a remote URL
+ Added option to update CustomBlock.db from a remote URL
+ Added option to update OSArmor settings from a remote URL
+ Added option to automatically check and download new product updates
+ Added option to change connection settings using a proxy server
+ Added option to HTTP POST process-blocked events to a remote URL
+ Improved the pre-filled text of exclusion rule when button "Exclude" is clicked
+ Automated the product activation via setup.exe command-line parameter /LICENSEKEY=
+ Improved setup installation script (no more freezes)
+ Added many new internal rules to block suspicious behaviors
+ Added option to send blocked process events to Event Viewer
+ Fixed Block execution of unsigned processes on Temp folder
+ Fixed get of user Temp folder in specific situations
+ Fixed saving of UTF-8 unicode data in the .log file
+ Added new usable variables in CustomBlock and Exclusion rules
+ Added variable %RULENAME% in CustomBlock to name your custom rule
+ Added possibility to detect unsigned processes in CustomBlock and Exclusion rules
+ Updated FAQs (Helpt.txt) with new questions and answers
+ Updated program main icon and code to change system tray icons (pixel-perfect)
+ Updated default WAV sound used for alerting of process-blocked events
+ Added option "Don't show this notification again" on "process blocked" window
+ Manage list of processes present in the "Ignored notifications" list
+ Improved retrieval of Signer on Windows XP in particular situations
+ Improved Block rundll32.exe from using RegisterOCX
+ Improved block of Microsoft Edge
+ Improved anti-exploit module for Microsoft Edge (Chromium-based)
+ New options to block Windows Store, Cortana, System Settings, System Security UI, etc.
+ Added Prevent changing of windir via command-line
+ Added Prevent rundll32.exe from using -localserver
+ Added Prevent SettingSyncHost.exe from using -LoadAndRunDiagScript
+ Added Prevent RunDll32.exe from loading ctor.dll, LaunchSetup
+ Added Block execution of curl.exe
+ Added Prevent dctask64.exe injectDll/invokeexe/executecmd64
+ Added Block execution of sxstrace.exe
+ Added Block execution of winrs.exe
+ Added Block execution of ExtExport.exe (Internet Explorer)
+ Added Block execution of instnm.exe
+ Added Block processes executed from conhost.exe
+ Added Prevent cmd.exe from using "/c start" or "/r start"
+ Added Block processes executed from VirtualBoxVM.exe
+ Added Block processes executed from vmware-vmx.exe
+ Added Block execution of addinprocess/32.exe
+ Added Block execution of addinutil.exe
+ Added Protect Microsoft PDF Reader
+ Added Block execution of MicrosoftPdfReader.exe
+ Changed End User License Agreement (EULA)
+ Improved compatibility with Windows 10 2004
+ Fixed some false positives
+ Minor improvements

It took some more weeks than expected, but we are very happy with the results.

You can download and test OSArmor for 30-days without limitations in functionalities.

On the new website we tried to include as many information as possible (more will be added soon).

So guys, sorry for the very long delay, I hope you will like the new version!

As always feedbacks, critics, and comments are welcome =)
 
Last edited:

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
Any chance for paysafecard ? Do fastpring have this option for paying?

I dont have online bank account, i have only used g2a for some coupons in the past

Goodluck though
 
  • Like
Reactions: Venustus and Cortex

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
293
@Lenny_Fox

Old OSA handled MSI installers by blocking MSIEXEC, this had the consequence that the advanced rules like allowing only specific vendors (based on signature) was not possible. This advanced feature probably will be available in future paid features.

We will add better support for handling MSI executions:

We're working on adding support to use variables like %MSISIGNER% to match signer of a MSI file and %MSIPATH% to match MSI file path, so users can write custom block rules and exclusion rules by matching these new MSI-specific variables (e.g: you can block any MSI file, except the ones signed by a defined list of signers of your choice or you can allow MSI executions only in specific folder and signed by only specific vendors). We plan on adding also option to block execution of unsigned MSI files in Configurator -> Advanced tab. If you have other requirements or ideas please let me know.

@Moonhorse

I have asked FastSpring that but unfortunately they do not support it.

I'll ask if they plan on adding support for it soon and in case I will update you.
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
293
Released NoVirusThanks OSArmor v1.5.1:
Download OSArmor for Windows 7, 8, 10 (32 & 64-bit) | OSArmor

Changelog:

+ Added variable %MSIFILE% in CustomBlock and Exclusion rules
+ Added variable %MSISIGNER% in CustomBlock and Exclusion rules
+ Improved the pre-filled text of exclusion rule when button "Exclude" is clicked
+ Added Block regsvr32.exe from loading DLLs in user space
+ Added Block rundll32.exe from loading DLLs in user space
+ Added Block rundll32.exe from loading DLLs on SMB share
+ Added Block rundll32.exe from loading COM Server payload
+ Added Block execution of unsigned MSI installers
+ Fixed some false positives

If you have the auto-update option checked your OSA version will be upgraded automatically.

Else you can install this new version "over-the-top" (a reboot is not required).
 

Gandalf_The_Grey

Level 84
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,421
I got mail today:
Dear Subscriber,

We have released OSArmor v1.5.2, here are more info:
https://www.osarmor.com/changelog/

You can download the latest version from this link:
https://www.osarmor.com/download/

What's new? Read below:

+ NVT License Manager is not installed if OS is Windows XP
+ Updated method used to save the custom password
+ Custom password must now be at least 6 characters in length
+ Added option to select update frequency "every X minutes" on Enterprise features
+ Added support for HTTP redirects (max 3 redirects) on Enterprise features
+ Added support for ftp:// URLs on Enterprise features
+ Fixed Block execution of Windows Event Viewer
+ Fixed Block execution of .msc scripts outside System folder
+ Fixed all reported false positives
+ Minor improvements

Here are two new videos:

Testing OSArmor with Recent Maldocs (October 2020)
Recent Excel Maldocs Blocked by OSArmor (October 2020)

Best regards,

NoVirusThanks Team
https://twitter.com/novirusthanks
https://www.facebook.com/NoVirusThanks/
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
293
//Everyone

Here is a 50% off coupon code: XMAS50

Pricing for OSArmor Personal, Business & Enterprise | OSArmor

It is valid until 25 December 2020 for all OSArmor versions (Personal, Business, Enterprise) and is permanent (applies to all next renewals).

New version should be released soon (mainly OSA Configurator has been rewritten with search rules, grouping, security profiles, etc).

@blackice

It will be fixed on the next version, thanks for reporting it =)
 

JB007

Level 26
Verified
Top Poster
Well-known
May 19, 2016
1,581
Hello,
This coupon is ver exciting but I'm not sure if I purchase OSArmor or not because I have used the free version during some months and also the paid trial but I never got any block ; so I don't know if OSA would be useful to me alongside my main AV , Kaspersky Total Security.
 

silversurfer

Super Moderator
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,264
Hello,
This coupon is ver exciting but I'm not sure if I purchase OSArmor or not because I have used the free version during some months and also the paid trial but I never got any block ; so I don't know if OSA would be useful to me alongside my main AV , Kaspersky Total Security.
As already said by @oldschool Kaspersky Total Security provides similar kind of protection modules like System-Watcher and Application-Control!
That means in this case for sure it's redundant to purchase another software as real-time protection...
 

JB007

Level 26
Verified
Top Poster
Well-known
May 19, 2016
1,581

plat

Level 29
Top Poster
Sep 13, 2018
1,793
Just a notice: If you currently have OSArmor installed and activated with your key, flashing your motherboard BIOS will likely invalidate your activation! It is necessary to de-activate your device and then re-enter your license key.

You can access the customer portal on the FAQs page and follow the instructions.


In my case, no means to de-activate showed up so I had to un/re-install OSA (keeping the settings at the prompt) and then re-enter my key.
According to developer, this will be fixed in later version/s, not the current v. 1.5.2.

 

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,868
Just a notice: If you currently have OSArmor installed and activated with your key, flashing your motherboard BIOS will likely invalidate your activation! It is necessary to de-activate your device and then re-enter your license key.

You can access the customer portal on the FAQs page and follow the instructions.


In my case, no means to de-activate showed up so I had to un/re-install OSA (keeping the settings at the prompt) and then re-enter my key.
According to developer, this will be fixed in later version/s, not the current v. 1.5.2.

Happened to me last night.
 

NoVirusThanks

From NoVirusThanks
Verified
Developer
Well-known
Aug 23, 2012
293
@pxxb1

Yes

//Everyone

To welcome the new year here is a 40% off coupon code: WELCOME2021

Pricing for OSArmor Personal, Business & Enterprise | OSArmor

It is valid until 10 January 2021 for all OSArmor versions (Personal, Business, Enterprise) and is permanent (applies to all next renewals).

PS:

New version is on its way, remained only to fix the fingerprint issue when BIOS is updated.

If you have other suggestions or issues please let me know.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top