- Apr 10, 2017
Monitor and block suspicious processes behaviors to prevent infections by malware, ransomware, and other threats. This tool analyzes parent processes and prevents, for example, MS Word from running cmd.exe or powershell.exe, it prevents ransomware from deleting shadow copies of files via vssadmin.exe, it blocks processes with double file extensions (i.e invoice.pdf.exe), it blocks USB-spreading malware, and much more. It is lightweight, zero-configuration and runs in the background protecting your system.
An Additional Layer of Defense
This smart security application focuses on preventing a malware infection by applying smart and intelligent rules that block bad processes behaviors. This tool can block threats not detected by your installed security solution. Add to your system an additional layer of defense to prevent infections by malware and ransomware!
You don't have to configure anything, just install it and forget about it. We have already added more than 60 smart policies to improve your system security with this security application.
- Basic Anti-Exploit - Analyze parent processes and child processes blocking exploit payloads.
- Protect MS Office Apps - Prevent WINWORD.EXE or EXCEL.EXE from executing malicious processes.
- Monitor Applications - Monitor Adobe PDF Reader, MS Office, OpenOffice, Web Browsers, etc.
- Block USB Malware - Prevent execution of processes started via autorun.inf from USB devices.
- Block Command-Lines - Block processes with command-line strings commonly related to malware.
- Protect Shadow Copies - Block system processes (vssadmin.exe, etc) from deleting shadow copies of files.
- Block File Download - Block specific command-lines related to download of remote files.
- Block .COM & .PIF - Block execution of processes with .COM or .PIF obsolete file extensions.
- Filter System Processes - Block wscript.exe, mshta.exe, etc if they match our rules of bad behaviors.
- Block Bcedit.exe - Prevent important and critical system modifications from Bcedit.exe
- Block Schtasks.exe - Block the execution of schtasks.exe (commonly used by malware).
- Block Bitsadmin.exe - Prevent Bitsadmin.exe from downloading (/download) remote files.
- PowerShell Rules - Block execution of encoded or malformed commands via PowerShell.
- Svchost & Explorer - Block suspicious behaviors related to Svchost.exe and Explorer.exe.
- Block RegisterXLL() - Prevent calling of Application.Excel RegisterXLL() via command-line.
- Block Remote Scripts - Prevent Regsvr32.exe or Mshta.exe from loading remote scripts.
- Very Lightweight - The software application uses only a few MBs of memory, you will not even notice it.
- Free to Use - This software is completely free to use for anyone, at home and at work.
We've released the official OSArmor v1.4 (final) version:
- More than 250 built-in protection options to choose from
- Thousands of internal rules to block suspicious process activities
- Very effective in blocking MalDocs (DOC/XLS/RTF/etc) payloads
- Block execution of scripts, unwanted programs, powershell.exe or cmd.exe
- Options to mitigate UAC bypasses, whitelisting/device guard/applocker bypasses
- Block unsigned processes elevated with high or system privileges
We'll start to work on v1.5 from middle of July * See below for important features in the todo list *
Summary of important features not yet added (scheduled for next version v1.5):
- - Automatic update
- - Button to manually check for updates
- - Maybe encrypt the CustomBlock.db/Exclusions.db files so they are not in plain-text and create a GUI-helper to edit them
- - Move all protection options in a ListView so they can be easily sorted/categorized/searchable/enabled/disabled
- - Create pre-defined protection modes: Basic/Medium/Advanced/Custom
- - Add possibility to add custom apps in Anti-Exploit tab
You do not have permission to view link Log in or register now.