New version of Bouncer/Türsteher is available :) Full versions and beta version is available. Beta is gone from beta-camp. Funny sidenote:...
No, use your individual download link. Worked for me. :thumb:
:thumb: I hope they will soon finalize MZW so it is part of full version
!*software_reporter_tool.exe>* Is it one of your first rule? Try to set it on top of whitelist rules. Your rule looks okay I think. If its not...
No, current beta does not "forgets" previously hashed files, the hash is in $FORENSICS-directory - after restart of driver MZW still know the...
Hidden function to enable "touched files" is Funny to see what is touched while running Windows session. But not meant for normal use I guess....
Yes, OSArmor seem easier to manage and perfect if you just want to run and use I guess. You can achive a lot of protection with MZW, but it can be...
Looks like they have released a new beta Did not have issue with network but will try the new version now. Maybe there is performance difference...
Depends on your configuration. If you have blacklisted C:\Users\Public\* to write executables anywhere (parent feature, see current beta) which...
Thanks for the explanation. Sure, depend on how many changes you make. I have a very strict configuration and except for updates there is little...
This is caching issue. If you have executed eg. Veracrypt, then veracrypt.sys is loaded in kernel. Windows keeps driver there; if you drop the...
Thanks for letting us know. Confirm, also test it and 16KB is the limit here. One thing to mention (cause I first had problem): you need a...
There is new blacklist online.
Also askd this. He is evaluating and there is good chance this gonna be implemented in MZwritescanner.
:thumb: if complexity is really gonna reduce this sounds great. Anybody know when a beta is planned?
New version work fine. Also the Stop-Click-Start button is nice feature and absolutely makes sense in some of my scenarios. Not a big feature, but...
:thumb:
Is this junk automatically started on Win10? So, only way to block is to set on blacklist?
64-bit version of Bouncer TrayApp and AdminApp are released fully signed and can be used along with full-version and demo. Also additional option...
Yes, have my own-custom configuration right now. I start with [#lethal] and [logging] in .ini-file, so you can call it learning mode. Then you see...
Seems to be normal google Chrome EXE-warning. Had the same, but just hit to move on and the binary executable was saved to my system. Did got any...
Open up admin cmd.exe. Type net stop pumpernickel sc delete pumpernickel Then extract new bundle. Go to driver directory for your system. Is it...
Same with my Chrome. Seem to be false positive, the executable signature is vaild, no changes in binary. Also chcked the content of the RARed...
Thanks for sharing info here. The only?! I guessing that most people will also find cscript.exe, wscript.exe, csi.exe and some others. Building...
I start experiment with this: no cmd.exe needed Dim $Obj_WMIService = ObjGet('winmgmts:{impersonationLevel=impersonate}!\\' & @ComputerName &...
Separate names with a comma.
