AppGuard 4.x 32/64 Bit - Releases

Same, seemed like I was clicking on nothing.

 

Also, the toaster message remained on the screen. I think it should go away immediately after clicking on the link, or say something like saving settings.

 

So you're saying that you've seen the number go down with this latest version of AppGuard? Will you send me some screen shots?

 

I agree. Don't want to hold up the release for this though.

 

When is the projected release date?

 

Hopefully first thing next week. The change to close the toaster message when that link is clicked is a one-liner, but if we go through another build there is some test overhead no matter how small the change. If we find we have to make a build for any other reason, it will be in there.

 

Absolutely that number went down. Will post screenshots if this happens again, might take 2 or 3 days for it to occur again though.

 

Ok, thank you for the info!

 

Unit/module test (development) - System/integration test (dev) - Functional acceptance test (user) - Regression test (user) - (Cross)Platform compatibility test (operations) - Production acceptance test (oper)

A lot of manhours for disabling/removing one line of code

 

I guess we better make any request, or offer any advice we may have as early as possible from now on.

 

What does Prevented process <Firefox> from writing to <c:\windows\cryptoguard\bcd6a129> mean.
Why does writing to cryptoguard require preventing.

 

It blocked it per AG policy. Web applications are not permitted to write to the system space. It's dangerous to allow web applications to write to the system space. The cryptoguard folder is located in the system space. You could make an exception, but i'm more interested in knowing what the purpose of the cryptoguard folder is before doing so. I think it belongs to HMPA if I remember correctly. I also have HMPA installed, and have the same folder.

 

Yeah, it's not intuitive knowing when web apps writing to system space crosses a (danger) line. Should I simply presume AG is all knowing and knows best. Maybe HMPA needs data from Firefox ?
How can I tell if the blocking event is preventing a legitimate operation. e.g.

03/06/15 14:08:54 Prevented process <Firefox> from writing to <c:\windows\cryptoguard\bcd6a129>.
03/06/15 14:07:02 Prevented process <Firefox> from writing to <c:\windows\cryptoguard\bcd6a129>.

 

1) In reference to posts #2799, #2800, #2821 Have you been able to reproduce this bug?
2) Some time ago I read that even if Event Log tickboxes were unchecked in Alerts tab AdGuard was still logging into event log. Has this been fixed?

Thanks for any info. Also sorry, I can't test those betas. I need more stable environment than usually.

 

See this: HitmanPro.Alert Support and Discussion Thread

 

I've added appguardagent to power apps before reading about folder exception. #2915
Still getting....with agagent added to pw apps.
03/07/15 12:42:59 Prevented process <Firefox> from writing to <c:\windows\cryptoguard\bcd6a129>.
03/07/15 12:40:56 Prevented process <Firefox> from writing to <c:\windows\cryptoguard\bcd6a129>.
03/07/15 11:53:15 Prevented process <Firefox> from writing to <c:\windows\cryptoguard\bcd6a129>.
03/07/15 11:51:31 Prevented process <Firefox> from writing to <c:\windows\cryptoguard\bcd6a129>.
03/07/15 11:48:17 Prevented process <Firefox> from writing to <c:\windows\cryptoguard\bcd6a129>.
So, this is a known issue and the suggested work around is ?
Do I want to allow Firefox writing to cryptoguard....admittedly, I have no idea what / why communication is trying between FF and HMA
____________________________
I'm getting this at some frequency
03/07/15 12:50:43 AppGuard was unable to query its license for an extended period. The function call has failed, or returned a false condition. Error: 0
03/07/15 12:50:42 Protection level is set to <off>.
I simply reset protection lv to Lockdown. What's going on ?
Does Lockdown or HMA or antiexecutable prevent license query ?

 

You should never have to add AppGuards own executables as power apps.

I think you will have to ask the developers of HMPA why FF is trying to write to the cryptoguard folder.

I don't think that has anything to do with HMPA. I have been having the same problem with the license query issue. I reported it to Barb, and she said she was going to look at the server to see if she could discover the problem.

 

Hi C_E
Okay, I've removed appguardagent from power apps. I was only testing ag added to pw app based upon.
<< Typically only other security software products should be added as power applications and only if AppGuard is indicating that it is blocking the security product's operation >> Seemed like AG was blocking FF communication with HMPA
So, I'll have to pursue folder exception #2915 and or Firefox writing to cryptoguard
and Barb will see our license query issue here.
Thanks.....what have you done about Firefox writing to cryptoguard

 

I'm not having a problem with Firefox writing to the Cryptoguard folder at the moment. I'm using HMPA build 155 with AG beta 4.2.6.1 on Windows 7X64 Ultimate.

 

Okay... OK so, same bug since Sept. By Ignore you mean within AG = Ignore Message or just simply Ignore.
HMPA dev states #4315
<<If you get attacked by crypto-ransomware, CryptoGuard won't be able to help you as AppGuard is interfering with the rollback mechanism. Can you make an exclude to C:\Windows\CryptoGuard\ folder in AppGuard?>>

 

Hello pegr
back at AG ... let me see if I follow #4318
OK I've added Read Write Exception for C:\Windows\CryptoGuard\ via Settings and to User Space I've added c:\programdata\blue ridge networks\appguard Yes
Q: c:\programdata Yes is already in User Space. Why do I also need c:\programdata\blue ridge networks\appguard
*....will above satisfy with 4.1 or do I need 4.2 beta

 

It's C:\Windows\CryptoGuard\ that you need to include in the user-space definition, not C:\programdata\blue ridge networks\appguard.

Have a look at section 2.2 in the getting started guide in post #5 on page 1 for a more detailed explanation, but ignore the remark about Windows and Program Files folders not being allowed. Don't know if the change has been made in the 4.2 beta, but try it in 4.1 and see if it works.

 

Nope, C:\Windows\CryptoGuard\ not working in 4.1....so, C:\Windows\CryptoGuard\ works in 4.2 beta ?
So, C:\Windows is allowed for User Space but, it's unknown what version allows ..
Well, hopefully Bard will chime in ... Thanks for your help.
EDIT <<AppGuard 4.2 beta allows Windows folders to be included in the user-space definition. I don't know when the change to allow this was made so not sure about AppGuard 4.1.>>#4323

 

Aha! I'm still on AG 4.1 with 155
So, with 4.2 and 155 you're not seeing AppGuard Activity Report info re cryptoguard....and you have not added Exception nor User Space.

 

I made HMPA a power app, and I made surfright a trusted publisher with the following settings: Guarded No, Privacy Off, Memory Off, Install Allow.