NoVirusThanks OSArmor: An Additional Layer of Defense

Discussion in 'other anti-malware software' started by novirusthanks, Dec 17, 2017.

  1. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    7,632
    Location:
    Hawaii
    Ditto what Peter2150 said. Thanks NVT!
     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,868
    Location:
    U.S.A. (South)
    Almost missed this new rollout busy programming actionscripts until my head spins. Automation at the local arena of your machine beats wrestling with bandwidth traffic :D Which is another reason OSA fully Rocks!!

    @novirusthanks :thumb:
     
  3. loungehake

    loungehake Registered Member

    Joined:
    Mar 9, 2015
    Posts:
    187
    Location:
    Wigan
    OSArmor version 1.4.1 seems to have had some fine tuning. Anyone else agree?
     
  4. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,538
    Could you explain in a little more detail?
     
  5. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    7,632
    Location:
    Hawaii
    I agree. I am a very agreeable person (except when I'm not).

    OSA was perfect when it was first issued. Right from day one it has been the mainstay of my security. With each successive version, including 1.4.1, it has become (in the words of Charlie Brown) even MORE perfecter. :thumb::thumb::thumb:
     
  6. loungehake

    loungehake Registered Member

    Joined:
    Mar 9, 2015
    Posts:
    187
    Location:
    Wigan
    There is not much detail to state. Prior to OSArmor version 1.4.1 my Windows 7(x64) systems which run on old and slow hardware were prone to hanging when running OSArmor to such an extent that OSArmor was unusable on those systems. This issue has not yet occurred with OSArmor 1.4.1 so I am assuming that the modifications in the latest version might by design or otherwise have had the desired effect from my particular point of view. I am writing this so the developers might be aware of the possibility of having fixed this flaw even if they did not have the direct intention of doing so. I know that a Windows 10 issue has been addressed.

    I have previously reported this issue three times but without any improvement being forthcoming. I am therefore assuming that the apparent fixing of it is coincidental with the addressing of the Windows 10 issue. I would have thought that the devs would want to be aware of obscure undesirable behaviour and the successful if unintentional fixing of it so that they might better understand their software. Anyhow, it is nice to have OSArmor protection on these systems.
     
    Last edited: Nov 6, 2018
  7. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,538
    Ah, so you are reporting a performance improvement on Windows 7 with version 1.4.1.
    Thanks.
     
  8. Wallofasgard

    Wallofasgard Registered Member

    Joined:
    Oct 9, 2015
    Posts:
    11
    Hi everyone...lately i've been searching for another layer of protection for my PC and i came across this app.May i ask if i can make custom rules wherein a user wont be able to execute .exe files from specified folder (like Download Folder,Documents,etc).Thanks for your help in advance.
     
  9. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    630
    Location:
    Germany
    What you want is probably EXE radar pro
     
  10. Wallofasgard

    Wallofasgard Registered Member

    Joined:
    Oct 9, 2015
    Posts:
    11
    Thanks.I am also considering that.Will check on that topic.:thumb:
     
  11. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,538
    You can make a custom block rule with wildcards:
    C:\Users\*\Downloads\*
     
  12. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    630
    Location:
    Germany
    Oh I forgot that, thanks :D
     
  13. loungehake

    loungehake Registered Member

    Joined:
    Mar 9, 2015
    Posts:
    187
    Location:
    Wigan
    In a manner of speaking, yes. I guess that the loss of a tendency to cause a system hang is a performance improvement. I do get a feeling that it runs smoother than previously. The improvements encourage me sufficiently to install on the Windows systems of friends and family without worrying doing so could cause me embarrassment.
     
  14. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    1,236
    Location:
    Europe
    \*\ works for any subfolder as well. So C:\Users\*\Downloads\* would also work for C:\Users\User\Desktop\Downloads\Installer.exe , not just C:\Users\User\Downloads\Installer.exe

    A better rule would be [%PROCESSFILEPATH%: C:\Users\User\Downloads\] in CustomBlock.db

    However, that only works for a single user. For many users, I imagine one would have to use regex

    Unfortunately, the regex seems to be bugged @novirusthanks

    I tried this [REGEX:%PROCESS%: ^C:\\Users\\[^\/\\[\]":;|<>+=,?*%@]+\\Desktop\\[^\/\\:*?"<>|]+\.exe$] and it doesn't work. The exclusion characters are taken from https://i.lensdump.com/i/AC4IKZ.png The regex should work, I put it in Exclusions.db so that I can run a file named asd.exe from C:\Users\User\Desktop , process is C:\Users\User\Desktop\asd.exe , yet it's still blocked by another one of OSArmor's rules despite the regex being in the exclusions, so something must be bugged, I use this site https://regex101.com and there it works with C:\Users\User\Desktop\asd.exe as test string
     
  15. Wallofasgard

    Wallofasgard Registered Member

    Joined:
    Oct 9, 2015
    Posts:
    11
    Thanks for your input guys.OSArmor is exactly what i need and total newbies like me can use it.I am still exploring the passive mode for now and i am loving it.:)
    If only it have the option to hide or password protect the GUI in the taskbar so that other users could not disable the protection intentionally,this app will replace at least 3 different apps that i am using now.:-* Overall i really love it.Thank you very much for your hard work novirusthanks.
     
  16. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,538
    In settings there is an option that only Administrators can change security settings.
    Put your other users on Standard (Limited) user accounts, you should do that anyway.
     
  17. Wallofasgard

    Wallofasgard Registered Member

    Joined:
    Oct 9, 2015
    Posts:
    11
    But i find it very awkward if standard users would ask me to allow their app to be executed because they can see the app icon in the taskbar but they cant modify its settings.:ouch: What i am afraid more is for them to force their way to use the admin account without me knowing.
     
  18. korben

    korben Registered Member

    Joined:
    Nov 5, 2009
    Posts:
    912
    Alongisde MinerOff - is it a good idea?
     
  19. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,632
    Has anyone tried OSA with KIS 2019? I use KIS (maximum settings, some tweaks, TAM enabled), so OSA is probably redundant, isn't it?
    I don't want to have an "overkill" security setup, but I wouldn't mind an additional layer of security if it is fully compatible with KIS.
     
  20. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,538
    I tried it, no visible conflicts.
    It is not redundant, because KIS with TAM will block all unknown script files, but for scripts that are fileless, you are relying on KIS detection. It is probably the best of all AVs in script detection, but it is still default/allow, so new scripts and obfuscated scripts might get through.

    Alternatively, you can tweak KIS Application Control to block script intepreters from executing. Then, you don't need OSA. But if you do that, you cannot make exceptions. That's a problem for some interpreters,such as cmd.exe, for instance.
     
  21. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,632
    Thanks for your interesting reply, @shmu26 I think I'll give OSA a try and see how it works alongside KIS.
     
  22. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,538
  23. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,632
    Interesting test. Thank you. I'm going to give OSA a try when I'm back home. Looking forward to it already.:)
     
  24. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,632
    @shmu26 I've just installed OSA. So far, so good. I'm currently using default settings for OSA alongside KIS. Are default settings for OSA OK or should the settings be "tweaked" here and there?
     
  25. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,538
    Default is good, tweaked is even better. You can experiment with it. It is pretty good at alerting you when something is blocked, and it lets you make an exception right from the alert window.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.