You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
63: New virtualuzation, service, firewall, filetype monitoring
- Now monitoring VirtualStore UAC compatibility virtualization file writes, which may be used as a persistence cloaking mechanism
- New monitoring of "ServiceManifest" key for services, persistence mechanism I found
- New domain-specific firewall monitoring
- New monitoring of "Show hidden files" and "Show file extensions" and "Show system files" settings, which malware sometimes disables to frustrate novice users
- Added vbe file monitoring, more filetypes coming soon as they are tested
- New Win10 1709 services exclusions
- More comments! Everybody loves comments
- Rearranged various areas
0 commit comments