NoVirusThanks OSArmor monitors and blocks suspicious process behavior and is aimed at preventing infections by malware, ransomware, and other common threats. For complete protection consider Malwarebytes.

NoVirusThanks OSArmor monitors and blocks suspicious process behavior and is aimed at preventing infections by malware, ransomware, and other common threats. For complete protection consider Malwarebytes.

It works by analyzing parent processes and prevents scenarios like MS Word running cmd.exe or powershell.exe and can prevent ransomware from deleting file shadow copies via vssadmin.exe. It also blocks processes that have double file extensions like invoice.pdf.exe for example, as well as blocking malware spread by USB.

NoVirusThanks OSArmoris simple to use requiring no configuration but you can choose specific areas for monitoring through the Configurator by simply checking/unchecking a selection. It is designed to run silently in the background while protecting your system without eating up a large amount of memory. This tool is capable of blocking even those threats not detected by your selected security solution making it an additional defense layer against malware, ransomware, etc.

NoVirusThanks OSArmor Features:

Basic Anti-Exploit
-Analyze parent processes and child processes blocking exploit payloads

Protect MS Office Apps
-Prevent WINWORD.EXE or EXCEL.EXE from executing malicious processes

Monitor Applications
-Monitor Adobe PDF Reader, MS Office, OpenOffice, Web Browsers, etc.

Block USB Malware
-Prevent execution of processes started via autorun.inf from USB devices

Block Command-Lines
-Block processes with command-line strings commonly related to malware

Protect Shadow Copies
-Block system processes (vssadmin.exe, etc.) from deleting shadow copies of files

Block File Download
-Block specific command-lines related to download of remote files

Block .COM & .PIF
-Block execution of processes with .COM or .PIF obsolete file extensions

Filter System Processes
-Block wscript.exe, mshta.exe, etc., if they match our rules of bad behavior

Block Bcedit.exe
-Prevent important and critical system modifications from Bcedit.exe

Block Schtasks.exe
-Block the execution of schtasks.exe (commonly used by malware)

Block Bitsadmin.exe
-Prevent Bitsadmin.exe from downloading (/download) remote files

PowerShell Rules
-Block execution of encoded or malformed commands via PowerShell

Svchost & Explorer
-Block suspicious behaviors related to Svchost.exe and Explorer.exe

Block RegisterXLL()
-Prevent calling of Application.Excel RegisterXLL() via command-line

Block Remote Scripts
-Prevent Regsvr32.exe or Mshta.exe from loading remote scripts

 Download