I just did a test with 7Zip that was already installed on my machine. If ValidateAdminCodeSignatures is set to 1, I can launch 7Zip just fine and...
Well I had better get posting then! ;-) Aaaah ok, then I will leave that option disabled. I use 7Zip all the time (and I am sure there are others...
Yes, its quite useful this. I have allowed the MS certificate for ALL their products as I figured, if their private key got hacked/stolen/leaked...
What are the requirements for getting the test Malware from the website you mentioned? Thanks for mentioning this! Can I just clarify, so you...
Luckily I am the only person using the machine that will have AppLocker enabled on it. I'm just curious to see how secure/locked down (yet still...
Thats helpful, thank you! Bit of an update. My Win10 Start Menu stopped working after enabling Executable based rules. Luckily its a known issue....
Thanks for the feedback. Re sysinternals. What I meant was, couldn't malware use some of the sysinternals to cause the machine to become...
Yes, this will be a clean fresh install using the official ISO media from Microsoft (I have verified the hash of the file). So I've been...
Great link, thanks. That's a different approach to what I have done. So what I did was delete the Program Files/Program Files (x86) rules and...
Thanks for the reply! So are you saying I should be more granular with what I allow to run in the Program Files folders? I thought by running as...
Hi All It's been awhile since I was last on this forum so I'm a bit rusty :) I've been lucky enough to receive a copy of Windows 10 Enterprise...
I've just added: *InstallUtil.exe *IEExec.exe *DFsvc.exe *dfshim.dll *PresentationHost.exe to my blacklist after reading the blog post. Thanks...
Yes. When I originally ran the script my hash file was much larger. After running hashfix the number of hashes was reduced dramatically. I'm not...
I've been running a fully hashed desktop at home for a few days now and its great so far! Parent checking has only been enabled for a day but so...
Woohoo, well done Florian. I have updated my Bouncer to the latest version. I forgot to add the new hash to the ini for the Admin Tool...oops....
I think we have much to learn to unlock the full potential of Bouncer! I honestly can't wait to see the future versions of Bouncer. I appreciate...
@WildByDesign: Thanks very much for the assistance! Always appreciate your posts. I have parent checking enabled now although in logging mode...
Looks like my hashing it working now!! Woohoo. I am running my entire machine with a hash list of about 23000 hashes and my blacklists are now...
I installed the new version last night after receiving it from Florian. The good news is that my blacklists are working again when I use path base...
Would it be possible to get the fixed full version so that I can test? I was running a relatively large hash list (23000 entries) so I'm sure this...
I have since disabled parent checking AND SHA256 hashing as there are too many issues with it currently. I know the developers working on...
I have rolled back to path based rules only. There are too many inconsistencies and bugs with the mixture of hash and path based rules. Its almost...
I'm going to try and explain this correctly because I have tried so many rules now that my head is spinning! I have now disabled PARENTCHECK and...
My one issue above with rules not working had to do with me saving the bouncer.ini using ANSI rather than UNICODE. This could be quite dangerous...
Looks like it could be a bug after speaking to the developer. I'm not sure how long the fix will take but if the hash list isn't too big it should...
Separate names with a comma.