Hello, i am using Faronics AE 3.50 for a quite a few times. After a series of headache from adware and viruses, i decided to install Sandboxie for testing softwares and Faronics AE for further protection against adware and useless stuffs. Lately Faronics AE doesn't show the message like "You do not have the Privilage to run this application" something similar message , that usually pops up: when i try to run new application program. When AE is enabled, lately this message doesn't pop up and i don't understand why. I also have AnvirTask Manager and i remember disabling some programs from startup and i clearly remember AE as not being the one. So what could possibly be the reason.Any suggestion, i tried uninstalling and re-installing the program to no avail. AE doesn't seems to stop any new program from being run. A logfile from AnvirTask Manager is attached, could someone have a look.
HI Pinso If I remember correctly, last time I trialed Faronics AE, it was version 5 and it didn't play well with Sandboxie. In my personal opinion you would be better off dropping Faronics and take a look at NoVirusThanks Ex Radar Pro. I think it's a far better program, and it's inexpensive compared to Faronics. Pete
Well I've tried the new Faronics AE, and you get intrigued by the DLL protection. I've turned it on, and my machine behaves like a fishing boat tied to the dock. Just to painful.
VoodooShield offers a free version (great for your XP OS). Why don't you use Software restriction policies of your Windows 7 Pro, it is really simple 1. Enable SRP through Group Policy (type secpol.msc in run) 2. Create new rules (the default) 3. In "Security Levels" set default level to basic user 4. In "Enforcement" enable for all files, apply for all users except Admin 5. Apply this trick http://www.symantec.com/connect/downloads/msi-run-administrator-context-menu-vista >> Now execution is blocked in all folders outside Windows and Program Files. >> When you want to install something just choose run as admin (or run MSI as admin).
When I choose to enforce the rules for all files (including dll files) certain programs like Microsoft Office or Asus Xonar Essence STX Audio Center are no longer functioning. When I choose to enforce without DLL's they work fine. Is there any way to fix this so that I can use the enforce for all files (inclusing dll files) Option?
I have it with office 2007 and not problem. Which directory did you install MsOffice,did you install it for all users? You could apply this registry tweak with regedit, to minimize impact of not blocking dll's http://www.stigviewer.com/stig/windows_server_2008_r2_domain_controller/2014-04-02/finding/V-3479
Yes DLL monitoring will often cause problems, I remember when HIPS added this feature back in the days. Sometimes less is more.
You could add this https://www.wilderssecurity.com/thre...ct-folders-and-use-as-anti-executable.369503/ When the SAFE search path of DLL's is set, "only" exploits and shoot-in-the-foot errors can trigger dll-injection. This is the reason why some experts claim there is little real life value of adding DLL's to the setup (and the reason MS did not include it in the default). Their logic: SRP/Applocker should prevent should in the foot errors in the first place, when real life breech happens, it is problably due to an (in memory) exploit to which the SRP/AppLocker is also futile. I leave it to experts to comment on that.
I installed it to C:\Program Files\Microsoft Office 15. I also have an entry in C:\Program Files (x86)\Microsoft Office. I think I installed it for all users although there is actually just one account on my Computer.
Could try adding a path rule for C:\Program Files (x86)\* and set it to Unrestricted (see pic) and enable for all files again, then type gpupdate /force at run command and check whether office runs now. Sorry the picture looks to have "I" behind the ....(c86)\* but it is just the cursor which is also captured with the screen print
Even with the path rule that allows all files to be run inside C:\Program Files (x86) Office applications still fail to load and the asus xonar essence control Center doesn't detect the soundcard any more.
Thank you for your replies , i just uninstalled and created a new White List ( before i was importing the already created Active White List from my previous save, [can't explain the reasons]), and in effect it would prompt the user "You do not have the Privilage to run this application", from there i choose to accept or deny or accept and add to White List. It was pretty simple. But my problem is fixed.
VoodooShield is like Faronics Anti-Eecutable in its own right. Will i have problems, if i install VoodooShield side by side with Faronics.
Faronics is the company who made anti-executable a security category in itself, why add a second AE? I think it is redundant to run them side-by-side.