Here is a new v1.4 (pre-release) test40:
http://downloads.novirusthanks.org/files/osarmor_setup_1.4_test40.exe
*** Please do not share the download link, we will delete it when we'll release the official v1.4 ***
So far this is what's new compared to the previous pre-release:
+ Joined "Prevent Base Filtering Engine (BSE) from being disabled via cmdline" and "Prevent Windows Firewall from being disabled via command-line" in "Prevent important Windows Services from being disabled"
+ Added Windows Defender, Security Essentials, Windows Update, Security Center to "Prevent important Windows Services from being disabled"
+ Block cmstp.exe from loading .inf files (AppLocker bypass)
+ Improved detection of PowerShell malformed commands
+ Advanced -> Block execution of processes on Public Folder (C:\Users\Public) -> Enabled by default
+ Advanced -> Block execution of processes on All Users folder -> Enabled by default
+ Advanced -> Block execution of .msc scripts outside System folder -> Enabled by default
+ Advanced -> Block reg.exe from hijacking Registry startup entries -> Enabled by default
+ Advanced -> Prevent attrib.exe from setting +h or +s attributes -> Enabled by default
+ Advanced -> Prevent wevtutil.exe from cleaning Windows Eventlog -> Enabled by default
+ Advanced -> Prevent important Windows Services from being disabled -> Enabled by default
+ Advanced -> Block reg.exe from disabling UAC (User Access Control) -> Enabled by default
+ Improved "Prevent important Windows Services from being disabled"
+ Block execution of regini.exe
To install it, first uninstall the previous build, then reboot (not really needed but may help), and install the new build.
Let me know if you find any FP with the 8 options enabled by default in Advanced tab.
@AtlBo
Will check Dismhost.exe and Dism.exe soon.