Good point and summarazions. Thanks. Will try to test locking drivers, sounds like nice idea for additional protection. OK. I thinks if malware...
You can also use HxD. If you start as Admin you can access hdd and select the drive in raw mode. Its possible to access. But as mentioned here...
Exactly. If you dont execute suspicious/malicious applications, risk is low. To avoid accident execution you can make use of Boucer, AG, NVT or...
Even if they have admin rights I assume that they will not implement raw-level access. most ransoware is written poorly, they often fail with...
Depends on how its accessed. if it uses a driver then i would assume not. if its done through win api a driver should be possible. Does anybody...
Yes I have. OK, now I understand what you looking for. MemProtect is not right solution for you. Yes, there you need also rules which are...
You must specify parent and path to child. Having GUI you also needs to specify parent and path to child process. So it is not easier, it is just...
I asked Florian back then: He said GUI would not make configuration easier. Still have to choose the parent process and path. Dont know if he will...
Im sorry, it was not my intention. Ok then, I'll will compare and test it SecureFolders. On software levels this seems difficult, because when...
If [PARENTCHECK] is enabled the driver always logs parent process trying to call child. It has been discussed here some times ago: start with...
Exactly. "Admin Tool.exe" is called by Tray.exe. You must start Tray.exe and use this. As far as Im understanding "Admin Tool.exe" is responible...
You will receives a download link to full version. Normally needs some time, Florian manage order by hand, no auto-shop system. If you hav...
Asked Florian: As you said each is 10EUR, there will be a combos price if you order three out of {MemProtect, Pumpernickel/FIDES, cmdScanner,...
yes you can also buy just FIDES and MemProtect, write developer a e-mail. There is thread here, this should help. About basic configuration for...
@themorpethian Nice configuration :) Thanks for sharing this. You can try with this rules...
Your definition and explanation makes sense :) Thanks. I thinks this is artifact stub created maybe initially by the OS loader - before the...
@WildByDesign thanks for the tests. I can also confirm and did more test myself (dll injection tool, and also with code injection tool using exe...
If you already use NVT/NVT Driver/Appguard/Malwarebytes Pro/HMPA/ Sandboxie I thinks there is already overlap. I wouldnt add another one, you can...
yes, AppGuard have a service. In contrast: Excubit's drivers are just drivers, everything in kernel, you can use Tray application, but you must...
As @WildByDesign already writes: no, but Excubits have a CV certifiacte and from what I know from Florian he has account for Microsoft System Dev....
Its personal flavor I guess: For example I like for example Bouncer and Pumpernickel radical simplicity and how open the developer is. For me this...
Its a side nice effect: you can block process creation but MemProtect focus is not anti-exe so it will not block every possible way you can create...
No, not supported. Yes, but as far as i know with newer version he told he use modern kernel API not available in Windows XP. But on website...
All true, fully agree. I think no one here says Excubits tools are more advanced. They are "just yet" additional way to protect. I lso think not...
Exactly :) They go hybrid way. They have free toos, tools to license, but they have advertisments on their web page at every single page you...
Separate names with a comma.
