Discussion in 'other anti-malware software' started by TheRollbackFrog, Dec 9, 2016.
Not a decent GUI, no GUI. And I wouldn't hold out hope
If there ever is a turn of events it would be a decent one certainly.
So much for empty babble over expectations of it from me, but do you still use FIDES and which combo, (MemProtect I use) is an ideal addition to round out granular security control from your standpoint.
Really doesn't impact system energy any longer going back to the Layered Approach given much better suited coding and hardware these days.
I use FIDES with MZWritescanner
Because the current version is expired, the developer uploaded a new version today.
("Demo driver will stop working in 2019. A follow up demo version will be available then which will work for another year.")
pumpernickel_demo.exe (Digital signature of the driver: April 2, 2018)
Paid users are unaffected?
Only users of the demo version. It has several "limitations" and this is one of them.
Did refresh FIDES files. I'm back in the game again.
How do you enable balloons?
Or is this only for the beta version?
I am currently using FIDES stable demo.
A beta-version is not needed. Launch Tray.exe with the additional parameter -showballoon ("Tray.exe -showballoon") and a balloon/notification will appear on the desktop (and it will be mentioned in the Notification Center)
Got it. I made a bat file so it can run that way at startup.
@shmu26 For reference, if there is ever a time when you want to silence any alerts (no balloons or toasts), there is also a parameter "nopopups" which alternatively you would place where "showballoon" was placed.
If an item is under [BLACKLISTREAD] does that automatically stop it from modifying, or does it also need to be put under [BLACKLISTMODIFY] ?
It depends on the rule.
= Applications can't read files in this directory, but they are able to "see" them and are even able to delete them.
If you have such rules they should be put in both categories [BLACKLISTREAD] + [BLACKLISTMODIFY]
= If it is written like this, files (and the directory) are now protected and placing the rule in [BLACKLISTREAD] should be enough. But it shouldn't harm to place it in both
Thanks, @mood. That's an interesting difference between rules.
Can you make a block rule for recycle bin with the path
And is this useful, or are processes blocked by default from reading recycle bin data?
Or maybe FIDES does not support the character $ since it has a different meaning in Excubits?
use this in black list
That was a good idea. I tried your rule, and when I access recycle bin by explorer, I get Windows error messages, and FIDES shows in the log:
R: C:\Windows\explorer.exe > C:\$Recycle.Bin
But the strange thing is that despite all this, Recycle bin opens anyways, and I can see files and restore them.
put rule in [BLACKLISTMODIFY]
i think then you unable empty it
It seems to me that processes cannot read the content of files in recycle bin. They can only get basic info about the file, such as name and size. Correct? If this is so, the security risk is much smaller.
with below rule just explorer can not delete move rename file other exe can
but explorer.exe can read it if no block in block read section like na me size location
Separate names with a comma.