*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Changed "Exit" to "Exit GUI" on main menu of OSArmorDevUI
+ New option: Prevent installutil.exe from loading .DLL files
+ New option: Prevent resgvr32.exe from loading DLLs
+ New option: Prevent odbcconf.exe from using {REGSVR} to load DLLs
+ New option: Prevent pcalua.exe from using -a to run processes
+ New option: Prevent AppVLP.exe from running processes
+ New option: Prevent SyncAppvPublishing.exe from running processes
+ New option: Block execution of SyncAppvPublishing.vbs
+ New option: Prevent rundll32.exe from using Control_RunDLL (shell32.dll)
+ New option: Prevent runscripthelper.exe from using surfacecheck
+ New option: Block PowerShell "-version 2"
+ New option: Block loading of .inf files via advpack.dll,LaunchINFSection
+ Option "Prevent pubprn.vbs from executing inline scripts" is enabled by default
+ Improved Block suspicious command-lines
+ Improved Block execution of .reg scripts
+ Improved Prevent regedit.exe from silently loading .reg scripts
+ Improved Block "WindowStyle Hidden" on command-line (PowerShell)
+ Improved Block "ExecutionPolicy Bypass" on command-line (PowerShell)
+ Improved Prevent wscript.exe from changing script engine
+ Improved Prevent cscript.exe from changing script engine
+ Improved Prevent ieexec.exe from loading remote files
+ Improved Prevent msiexec.exe from loading MSI files maskes as PNG files
+ Improved Block execution of .msi installer scripts
+ Improved Prevent AtBroker.exe from using /start switch to run processes
+ Improved Prevent schtasks.exe from creating tasks
+ Improved Prevent regsvcs.exe from loading .DLL files
+ Improved Prevent regasm.exe from loading .DLL files
+ Improved Prevent odbcconf.exe from loading .rsp scripts
+ Minor fixes and optimizations
+ Fixed some false positives
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed a typo on Exclusions.db and CustomBlock.db
+ New option: Block "ExecutionPolicy Unrestricted" on command-line (PowerShell)
+ Improved Prevent regsvr32.exe from loading .sct files
+ Improved Prevent rundll32.exe from using Control_RunDLL (shell32.dll)
+ Improved Block loading of .inf files via advpack.dll,LaunchINFSection
+ Improved Block "ExecutionPolicy Bypass" on command-line (PowerShell)
+ Improved Block suspicious command-lines
+ Improved Block suspicious Svchost.exe process behaviors
+ Minor fixes and optimizations
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Improved Block execution of .wsf scripts
+ Improved Block suspicious command-lines
+ Disabled /silent and /verysilent uninstallation
+ Improved Prevent important Windows services from being disabled
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed a typo on the Configurator GUI
+ Block loading of .inf files via InstallHinfSection\LaunchINFSection
+ Improved Block suspicious command-lines
+ Improved Block suspicious Svchost.exe process behaviors
+ Improved Block execution of suspicious scripts
+ Improved support for multiple alerts
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Improved Block suspicious command-lines
+ Improved Block suspicious processes
+ Improved Block suspicious Svchost.exe process behaviors
+ Block execution of unsigned processes on user space
+ Block unsigned processes to run with high or system privileges
+ Block processes executed from netsh.exe
+ Block possible UAC bypass attempts [method 1]
+ Block possible UAC bypass attempts [method 2] (disabled at the moment, need to complete this)
+ Block execution of ftp\tftp\telnet.exe
+ Block suspicious process elevation attempts
+ Block InfDefaultInstall.exe if executed by unknown processes
+ Some rules have been moved to their appropriate section
+ Added text-link to reset statistics on Main GUI
+ Configurator GUI can be maximized and is resizeable
+ Added a dark-gray frame on the notification window
+ Removed Block ALL autoelevate system processes
+ Removed Block known system files used for UAC-bypass
+ Show parent process integrity level on log file
+ Show process md5 hash on log file
+ Minor fixes and optimizations
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed Block suspicious processes
+ Block "tricks" used to run UAC-bypass system processes
+ Block unsigned processes to run with high privileges
+ Block unsigned processes to run with system privileges
+ Renamed and improved UAC-bypass mitigation rules
+ Renamed Block execution of unsigned processes on Common AppData (\ProgramData\)
+ Readded Block execution of ALL "autoelevate" system processes
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Improved showing of main GUI via tray icon -> Show/Hide Window
+ Improved Block suspicious Svchost.exe process behaviors
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Show System File: True\False on log file
+ Show Parent System File: True\False on log file
+ Improved detection of parent processes
+ Improved detection of UAC-bypass attempts
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Added "Windows Live Mail" on Anti-Exploit tab
+ Added "PotPlayer" on Anti-Exploit tab
+ Added an Help\FAQs file (tray-icon -> Help\FAQs, Main menu -> Help -> Help\FAQs, GUI "?" top-right border icon)
+ Renamed Block system processes from cleaning Windows Eventlog
+ Minor fixes and optimizations
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Improved Block suspicious processes
+ Improved Block suspicious command-line strings
+ Improved Block processes located in suspicious folders
+ Added self-protection against process termination via kernel-mode driver
+ Kernel-mode drivers for self-protection are co-signed by Microsoft
+ Only Task Manager can terminate OSArmorDevSvc.exe and OSArmorDevUI.exe
+ Save and restore window size of Configurator GUI
+ Instead of playing the beep sound it now plays a WAV sound when something is blocked
+ Events are now saved as topmost on the log file
+ Minor fixes and optimizations
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Fixed a typo in the Help\FAQs file
+ Fixed detection of parent processes in particular situations
+ Improved Block suspicious command-lines
+ Improved Block suspicious processes
+ Minor fixes and optimizations
+ Fixed some false positives
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
Witaj gościu. Dziękujemy, że przeglądasz nasze forum ale czy wiesz, że zakładając konto możesz w pełni korzystać z dobrodziejstw jakimi są promocje i konkursy. Nie zobaczysz tu też żadnych reklam a rejestracja zajmie Ci tylko chwilę.
Ta strona wykorzystuje ciasteczka (cookies) w celu: utrzymania sesji zalogowanego Użytkownika, gromadzenia informacji związanych z korzystaniem z serwisu, ułatwienia Użytkownikom korzystania z niego, dopasowania treści wyświetlanych Użytkownikowi oraz tworzenia statystyk oglądalności czy efektywności publikowanych reklam.Użytkownik ma możliwość skonfigurowania ustawień cookies za pomocą ustawień swojej przeglądarki internetowej. Użytkownik wyraża zgodę na używanie i wykorzystywanie cookies oraz ma możliwość wyłączenia cookies za pomocą ustawień swojej przeglądarki internetowej.
