1.5.0
- Improved method to detect when Desktop has fully loaded
- Added option to password-protect power options with Admin Credentials
- Added option to update Exclusions.db from a remote URL
- Added option to update CustomBlock.db from a remote URL
- Added option to update OSArmor settings from a remote URL
- Added option to automatically check and download new product updates
- Added option to change connection settings using a proxy server
- Added option to HTTP POST process-blocked events to a remote URL
- Improved the pre-filled text of exclusion rule when button "Exclude" is clicked
- Automated the product activation via setup.exe command-line parameter /LICENSEKEY=
- Improved setup installation script (no more freezes)
- Added many new internal rules to block suspicious behaviors
- Added option to send blocked process events to Event Viewer
- Fixed Block execution of unsigned processes on Temp folder
- Fixed get of user Temp folder in specific situations
- Fixed saving of UTF-8 unicode data in the .log file
- Added new usable variables in CustomBlock and Exclusion rules
- Added variable %RULENAME% in CustomBlock to name your custom rule
- Added possibility to detect unsigned processes in CustomBlock and Exclusion rules
- Updated FAQs (Helpt.txt) with new questions and answers
- Updated program main icon and code to change system tray icons (pixel-perfect)
- Updated default WAV sound used for alerting of process-blocked events
- Added option "Don't show this notification again" on "process blocked" window
- Manage list of processes present in the "Ignored notifications" list
- Improved retrieval of Signer on Windows XP in particular situations
- Improved Block rundll32.exe from using RegisterOCX
- Improved block of Microsoft Edge
- Improved anti-exploit module for Microsoft Edge (Chromium-based)
- New options to block Windows Store, Cortana, System Settings, System Security UI, etc.
- Added Prevent changing of windir via command-line
- Added Prevent rundll32.exe from using -localserver
- Added Prevent SettingSyncHost.exe from using -LoadAndRunDiagScript
- Added Prevent RunDll32.exe from loading ctor.dll, LaunchSetup
- Added Block execution of curl.exe
- Added Prevent dctask64.exe injectDll/invokeexe/executecmd64
- Added Block execution of sxstrace.exe
- Added Block execution of winrs.exe
- Added Block execution of ExtExport.exe (Internet Explorer)
- Added Block execution of instnm.exe
- Added Block processes executed from conhost.exe
- Added Prevent cmd.exe from using "/c start" or "/r start"
- Added Block processes executed from VirtualBoxVM.exe
- Added Block processes executed from vmware-vmx.exe
- Added Block execution of addinprocess/32.exe
- Added Block execution of addinutil.exe
- Added Protect Microsoft PDF Reader
- Added Block execution of MicrosoftPdfReader.exe
- Changed End User License Agreement (EULA)
- Improved compatibility with Windows 10 2004
- Fixed some false positives
- Minor improvements
|
|
|
|
|
1.4.3
- Disallow the UI from being respawned when the PC is rebooting or shutting down
- Support %PROCESSMD5HASH% in CustomBlock.db and Exclusions.db
- Improved Block processes with known fake extensions (i.e .pdf.exe)
- Enabled by default: Prevent msiexec.exe from loading MSI files maskes as PNG files
- Improved Block suspicious Explorer.exe process behaviors
- Improved internal rules to block suspicious process activities
- Improved parsing of command-line string
- Updated the Help File (Help.txt) with Q22
- Fixed some false positives
- Minor improvements
|
1.4.2
- During uninstallation, ask user "Do you want to remove all settings, log files and .DB files?"
- Improved internal rules to block suspicious process activities
- New rule: Prevent msiexec.exe from executing unsigned .tmp files (useful to mitigate "exe-to-msi" behaviors)
- Improved uninstaller scripts (both .sys files are now removed)
- Improved internal rules to block suspicious command-lines
- Fixed: If I move the taskbar on left, top or right, the notification dialog is not displayed correctly
- Added option to password-protect power options (Configurator - Password tab)
- Fixed some false positives
- Minor improvements
|
1.4.1
- Fixed compatibility issue on Windows 10 1809
- Fixed some false positives
- Minor improvements
|
1.4
- More than 250 built-in protection options to choose from
- Thousands of internal rules to block suspicious process activities
- Very effective in blocking MalDocs (DOC/XLS/RTF/etc) payloads
- Block execution of scripts, unwanted programs, powershell.exe or cmd.exe
- Options to mitigate UAC bypasses, whitelisting/device guard/applocker bypasses
- Block unsigned processes elevated with high or system privileges
- Really many smart protection options that you can enable with a click
- Added "Anti-Exploit" module to protect commonly exploited programs
- The Configurator has now 3 tabs: Main Protections, Anti-Exploit, Advanced
- Integrated a smart caching mechanism to improve performances
- Improved support for Fast User Switching and Logouts
- Added "Passive Logging" to just log the blocked event without blocking it
- Option to Enable internal rules for allowing safe behaviors
- Option to disable protection temporarily, for 10 minutes, 30 minutes, 1 hour
- Option to use only your own custom block rules (ignoring built-in protection options)
- Option to play a WAV sound when something is blocked
- Option to User must be in the Administrators Group to change protection
- Extended process and parent process cmdline to 8192 chars (max for Windows)
- Disabled /silent and /verysilent uninstallation
- Added basic and process-termination self-defense
- The program is now installed on Program Files
- You can now exclude a process from being blocked
- Added support for exclusions via Exclusions.db file
- Added support for custom block-rules via CustomBlock.db file
- Supports vairables (like %PROCESS%) on Exclusions and Custom Block rules
- Added a basic GUI application to create exclusions
- Added option "Disable Protection" on tray icon menu
- Added option "Manage Exclusions" on main GUI and on tray icon menu
- Added option "Custom Block-Rules" on main GUI and on tray icon menu
- Support Secure Boot (drivers are co-signed by Microsoft)
- Added a simple Help/FAQs file
- Fixed all reported issues on Windows XP
- Fixed all reported false positives
- Many bug fixes and optimizations
|
1.3
- Block processes with known fake extensions (i.e .pdf.exe)
- Prevent WMIC from using "process call create" via cmdline
- Block command-lines that match *\Start Menu\Programs\Startup\*
- Block command-lines that match shellcode-like patterns
- Block execution of any process related to UltraVNC (unchecked by default)
- Block execution of any process related to RealVNC (unchecked by default)
- Block execution of any process related to Nir Sofer (unchecked by default)
- Block execution of any process related to LogMeIn (unchecked by default)
- Block known Bitcoin miners command-lines
- Prevent wbadmin.exe from deleting backup catalog
- Block unsigned processes located on root folder (i.e C:\) (unchecked by default)
- Block SOAP WSDL requests via command-line
- Block execution of syskey.exe
- Block execution of cipher.exe
- Number of pre-defined rules increased to 60
- Do not delete the settings when the program is uninstalled
- Improved showing of main window from tray icon
- Fixed many false positives
- Improved internal rules
|
1.2
- Block processes named like *keygen* or *crack* (unchecked by default)
- Block execution of schtasks.exe is now unchecked by default
- Prevent Regsvr32.exe from using /i:powershell
- Fixed some false positives
|
1.1
- Block any process executed from java.exe and javaw.exe (unchecked by default)
- Block any process executed from mmc.exe (unchecked by default)
- Block any process executed from wmiprvse.exe (unchecked by default)
- Block any process executed from mstsc.exe (Remote Desktop) (unchecked by default)
- Block unknown processes executed from TeamViewer (unchecked by default)
- Block execution of any process related to TeamViewer (unchecked by default)
- Block execution of .wsf scripts
- Improved detection of suspicious processes
- Improved detection of suspicious svchost.exe behaviors
- Fixed hiding of the GUI window on PC reboot
- Fixed some false positives
|
