Introducing EdgeGuard Solo Beta (zero-day malware defense)

Thanks for that.

BTW many software are doing this without any problems( atleast any obvious probelms) IMO.

I do agree that you will find less malware to do so now a days.

 

We have features in our master scrum list to protect user documents from eavesdropping compromised applications (eavesdropping).

The current drive-by download protection prevents ransomeware executables from launching from user-space. However, this does not prevent a compromised application from stealing information or encrypting it for ransome. The future features are intended to mitigate these and other risks.

Cheers,

Eirik

 

I see. Well already the drive-by protection is very good through the idea of write-protecting the user profile directories. In the future you can see how to proceed from there. For now i find AppGuard quite helpful and very light! (always a good combination!). And it's "set and forget" and very easy to explain to non geek uses. Just 3 windows, no cryptic messages, if something gets blocked he should look at status to see what it was and get very suspicious and run AV scanners. That's probably all someone needs to be told...

 

So what about the download link? It,s down ATM.

 

EDIT: i must recheck what i had written in this post tomorrow, without shadow defender, just in case.

 

My link still works...

 

Ok, rechecked. I have an issue with Opera when ran in Sandboxie. Opera Mail initialization failiure and impossibility to save bookmarks. (i think we all know why). The unsandboxed Opera runs fine.

 

It does not work for me, neither in IE nor in Opera. It,s just dead.

 

I have to rectify my previous statement about the registry. It appears that running under shadow defender had side-effects... Now that i run it without shadow defender, the HKCU Run and Run Once keys are blocked... Same appears for HKLM Run/Run once.

 

There is a definite conflict with SandBoxIE and AppGuard where EdgeGuard Solo and SandBoxIE got along fine. I hope there is a workaround.

 

Can anyone post the SHA1 value of AppGuardSetup-EULA.exe?

Thanks

 

Hi Eirik,

I just downloaded the appguard. Very nice indeed. Thank you.

I would like also to see the addition of Fuzzfas implemented, but I also have a second request: Is it possible to add extra directories or drive letters (d, e, f, etc.) to the user space protected by the drive-by- download protection?
This way we can use it as an anti-executable application.

Panagiotis

 

MD5 14E32E2528989A6D987A105B78928D80
SHA-1 E50310EDD8B8F83EBEB4359A3BF90E1BB03D7405

 

e50310edd8b8f83ebeb4359a3bf90e1bb03d7405

 

Interesting. We'll take a look at that. Thanks

 

Thanks

Eirik, I found a bug. If the user environment variables are not at the default positions Appguard cannot protect from drive by download attacks.

Examples:
If "my documents" instead of
C:\Documents and Settings\useraccount\Documents
is placed at
D:\My documents

And if TEMP and TMP instead of
%Userprofile%\Temp
are placed to
D:\Temp

ps. where can I download the administrator documentation?

Panagiotis

 

pandlouk and Eirik, Thanks

 

Will it work on Vista?

 

Also will it work on standard user accounts?

 

AppGuard supports 32-bit XP SP2/3 and 32-bit Vista SP0/1. It also supports standard user accounts.

 

It will also install (unlike the first EdgeGuard Solo) and run fine in Windows 7. Nice. I didn't expect that.

Thanks.

Later....

 

The only problem I've noticed when its running on Windows 7 is that its Agent will crash when clicking on Ok/Apply after adding an application to guard.

 

Eirik,

Downloaded AppGuard.
Up and running very nicely at this time.

Thank you,
Dan

 

My request was actually meant to be exactly that, but i guess it was late night so i wasn't writing comprehensibly.

 

c:drive is protected by default