NoVirusThanks OSArmor: An Additional Layer of Defense

Discussion in 'other anti-malware software' started by novirusthanks, Dec 17, 2017.

  1. sun88

    sun88 Registered Member

    Joined:
    Aug 27, 2009
    Posts:
    69
    Test 37 working fine.
    Win 10 Pro 1703 x64
    Emsisoft Anti Malware
    HitmanPro.Alert
    NoVirusThanks SysHardener (I unticked the Orange and Red boxes)
    NoVirusThanks OSArmor
     
  2. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,535
    It worked. Thanks!
     
  3. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,254
    Been super busy for a bit. Just installed test 37 here tonight. Will report back any findings. Thanks!
     
  4. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,477
    Location:
    U.S.A. (South)
    Dunno how you managed to set a great timer period for the alert box (I always modify on ERP/others) but this one is spot right on the button!

    Well done with that too.
     
  5. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,617
    Location:
    Italy
    @novirusthanks

    Problem with Self Defense (basic)

    _______________________________________

    OSA Uninstall without User Confirmation:

    http://sendvid.com/eq34ujm2

    unins000.exe/silent

    same problem:

    unins000.exe/verysilent

    Sorry for the length of the video after the uninstallation.:)
     
    Last edited: Feb 27, 2018
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    25,640
    The [space] is missing, so it seems to monitor "unins000.exe /silent" but not "unins000.exe/silent" and a silent uninstall is therefore successful.

    (Silent uninstall = confirmation dialogs are suppressed, but the uninstallation progress window is being shown
    Very silent uninstall = now the uninstallation progress window is also suppressed)
     
  7. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,535
    During Vivaldi browser update...

    Date/Time: 28/02/2018 00:08:19
    Process: [17716]C:\Windows\System32\taskkill.exe
    Parent: [8332]C:\Users\x\AppData\Local\Temp\CR_903E5.tmp\setup.exe
    Rule: BlockTaskkillExecution
    Rule Name: Block execution of taskkill.exe
    Command Line: taskkill.exe /F /PID 14620 /PID 5348 /PID 3144 /PID 15544 /PID 21944 /PID 10804 /PID 256 /PID 2036 /PID 10596 /PID 1488 /PID 13896 /PID 1656 /PID 12880 /PID 12336 /PID 11328 /PID 1836 /PID 12648 /PID 19468
    Signer:
    Parent Signer: Vivaldi Technologies AS

    Date/Time: 28/02/2018 00:10:14
    Process: [19076]C:\Windows\System32\taskkill.exe
    Parent: [20860]C:\Users\x\AppData\Local\Temp\CR_903E5.tmp\setup.exe
    Rule: BlockTaskkillExecution
    Rule Name: Block execution of taskkill.exe
    Command Line: taskkill.exe /F
    Signer:
    Parent Signer: Vivaldi Technologies AS
     
  8. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,535
    Is this enabled by default?

    2018-02-28_00h14_19.png
     
  9. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,477
    Location:
    U.S.A. (South)
  10. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,128
  11. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,535
  12. jacemace

    jacemace Registered Member

    Joined:
    Sep 10, 2009
    Posts:
    76
    little update - using version 1.4 - osarmordevui still doesn't always show the osarmor ui shield in the taskbar - so I restart it with process hacker and it shows.
    osaarmor hasn't blocked any processes yet.
    I was wondering what boxes to tick in the advanced tab of the configurator - some boxes have exclamations that claim false positives can occur.
    In the advanced tab there are highlighted sections called - block specific locations, block processes related to, smart powershell & cmd rules, block scripts execution, other useful block-rules and attack mitigation rules.
    Not sure which boxes I should check.

    Thanks.
     
  13. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,617
    Location:
    Italy
    True.:thumb:
    The correct syntax of the command would be that.
    The video shows that it works the same.
    ;)

    In the original video (9.11 MB) you can see the prompt commands better.

    Download:


    http://www.filedropper.com/osauninstallwithoutuserconfirmation
     
    Last edited: Feb 28, 2018
  14. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,422
    Make sure you are using the latest build, test37. They are all called 1.4, you need to look at the installation file to see which build you have.
    On the advanced tab, it depends a lot what your other security software is already doing.
    yellow means it might cause issues, red means it is likely to cause issues, so use with caution.
    If you are adventurous, just enable everything, see what issues arise, and then disable (or make exceptions) accordingly. Many of the rules accept exceptions, such as blocking cmd.exe, for instance.
     
  15. guest

    guest Guest

    Those kind of Softs are made to be used "as is" by most users, then if you know what you are doing, you can enable/disable some options based on how you want your system behaves.
    In your case, if you don't know, do some research first about the option (what it block) then if you feel confident , enable it and see what will happen.
    Unlike AVs, software like OSA and other SRPs is all about "Trial & Error".
     
  16. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,823
    Location:
    Under a bushel ...
    Hadn't heard of NVT SysHardener. Looks new.

    Are it and OSArmor mutually exclusive? Would they be a good combo?
     
  17. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,477
    Location:
    U.S.A. (South)
  18. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,422
    There is not very much I saw in SysHardener that you can't do in OSA, but SysHardener has an advantage that the protections are enforced by Windows itself, they are not dependent on real-time protection from an additional software.
     
  19. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,477
    Location:
    U.S.A. (South)
    Good point!
     
  20. JoWazzoo

    JoWazzoo Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    241
    Location:
    Ether
    But if you accept what SH does it is two or maybe 3 clicks. Click Run App. Click do it in SH. Done.

    In OSA it will take you a while to wander around, figure out what is what (unless you have been using it for some time) and make the same changes. In my opinion, I am using them together and not for the same thing.

    Note to @guest :

    "Unlike AVs, software like OSA and other SRPs is all about "Trial & Error"."

    :confused:

    In my experience using a dozen or so AVs I have experienced a lot of T & E. :thumb: For example, run one and it IDs a good guy as a PUP that IT decides to immediately Kill. Another allows you to selectively Quarantine. Another allows you to selectively Delete. And of course, one AV treats everything by any other vendor as a PUP (exagerating a bit) while the next does not.
     
  21. guest

    guest Guest

    When i mentioned trial & error is was more about the user toying with the settings and rules, rather than the software automatic actions. ;)
     
  22. JoWazzoo

    JoWazzoo Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    241
    Location:
    Ether
    OIC!! :thumb: Yep - An inexperienced user using OSA out of the box gets a lot of security. Gotcha.
    This is also the case with some AVs where there is essentially nothing settable by the user - e.g. Bitdefender Free.
     
  23. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,823
    Location:
    Under a bushel ...
  24. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    8,477
    Location:
    U.S.A. (South)
    Sorry if this is already been asked or suggested but here goes.

    Is it outside the realm of expectations or program plans for a future release where OSA could implement an internal BROWSE feature for the EXCLUSIONS panel for sake of some time saving and searching?

    And if I missed an import feature for manual exclusions could someone point that out?

    Filling in fields manually is never been a cup of tea on this end but it's quite ok if this is not expected at some later date/release.

    Just saying for ease of convenience.
     
  25. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,254
    Same problem with not showing in the taskbar. Matter of fact, I opened it from a command line and it says protection is disabled.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.