Here is a new v1.4 (pre-release) test47:
Zaloguj lub Zarejestruj się aby zobaczyć!
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Changed "Exit" to "Exit GUI" on main menu of OSArmorDevUI
+ New option: Prevent installutil.exe from loading .DLL files
+ New option: Prevent resgvr32.exe from loading DLLs
+ New option: Prevent odbcconf.exe from using {REGSVR} to load DLLs
+ New option: Prevent pcalua.exe from using -a to run processes
+ New option: Prevent AppVLP.exe from running processes
+ New option: Prevent SyncAppvPublishing.exe from running processes
+ New option: Block execution of SyncAppvPublishing.vbs
+ New option: Prevent rundll32.exe from using Control_RunDLL (shell32.dll)
+ New option: Prevent runscripthelper.exe from using surfacecheck
+ New option: Block PowerShell "-version 2"
+ New option: Block loading of .inf files via advpack.dll,LaunchINFSection
+ Option "Prevent pubprn.vbs from executing inline scripts" is enabled by default
+ Improved Block suspicious command-lines
+ Improved Block execution of .reg scripts
+ Improved Prevent regedit.exe from silently loading .reg scripts
+ Improved Block "WindowStyle Hidden" on command-line (PowerShell)
+ Improved Block "ExecutionPolicy Bypass" on command-line (PowerShell)
+ Improved Prevent wscript.exe from changing script engine
+ Improved Prevent cscript.exe from changing script engine
+ Improved Prevent ieexec.exe from loading remote files
+ Improved Prevent msiexec.exe from loading MSI files maskes as PNG files
+ Improved Block execution of .msi installer scripts
+ Improved Prevent AtBroker.exe from using /start switch to run processes
+ Improved Prevent schtasks.exe from creating tasks
+ Improved Prevent regsvcs.exe from loading .DLL files
+ Improved Prevent regasm.exe from loading .DLL files
+ Improved Prevent odbcconf.exe from loading .rsp scripts
+ Minor fixes and optimizations
+ Fixed some false positives