AppGuard 4.x 32/64 Bit - Releases

Is there a way to remove\deactivate Windows Command Processor from Guard List - which should stop it from running in Lock-Down mode ?

I deselect Windows Command Processor in the Guard List, but it still executes in Lock-Down mode.

Do I need to remove Microsoft from the Trusted Vendor list to accomplish the above ?

Obviously I am missing something here...

 

I have just bought AG, is there any new version planned ahead?, last released version was from april, how about the upcoming v5, is there any news, it's near end of the year.

 

I know this question is not directed at me, but I would welcome the ability to create hash and command line based exception rules.

 

I want to see the same as well. The hashing could be used to lock things down even more, and make AG a little more user friendly for some.

 

Sorry, but I don't follow you with this advanced computer language: what exactly is "the ability to create hash and command line based exception rules"?

 

BRN needs to improve the user-interface; bottom of it is that it just isn't very user friendly.

 

Built-in import-export feature?, better semantics such as for example include into guarded, auto-exclusion for windows update installation.

Question, how to properly allowing a batch file to running?, i have dnscrypt in which i need to spawn through a batch (*.bat) script.
Currently i have tried with adding the dnscrypt directory into user space and set include to "no". Is this the proper way in AG?.

 

I second this.

 

Why do I get these?

I'm using the Lock down mode.

 

The first one is due to Microsoft's brilliance in deciding to copy cleanmgr.exe and other components to the current user's temp folder in order to run Disk Cleanup (CleanMgr). The easiest way to prevent AppGuard blocking this is to make cleanmgr.exe a PowerApp.

As for Prevented <AppGuard Agent Service (x64)> from writing to <\registry\machine\software\wow6432node\blue ridge networks\appguard>, I've never seen that message and have no idea why AppGuard would be blocking itself.

 

So, this is not a work of malware. Thank God!

A bug, again, I think. Sometimes, if I don't restart or shutdown the computer frequently, and just use the sleep mode, I notice that AppGuard would act strangely, just like this error. Other anomaly I notice is that AppGuard would still work even after setting itself to Off. Seldom, AppGuard would consume CPU power in the background until I restart the computer.

 

The second one is strange. It says AG is blocking itself. What OS are you using?

 

Windows 10. That is actually the first time I've seen it. It's probably just another "hit or miss" by AppGuard. Everyday, I frequently put my laptop into Sleep mode when I'm away with my laptop. And that's when AppGuard would act strangely.
Also, I experienced the strange behavior of AppGuard even when I'm using my Windows 8.1 laptop.

 

I have never seen AG block anything from itself, and I have been using AG since it's first alpha/beta release. I think it's possible it could be a bug that only occurs on Windows 10. That's why I asked what OS you are using. I will notify Barb from AG, and see what she thinks.

 

BlueRidge Networks are looking into AG blocking itself from writing to the registry now.

 

Whatever happened to MBR Guard ? The last time I remember anything about it was mid to late 2013...

 

AppGuard blocks on my system Libre Office Portable: I installed it with AP in Install Mode but AP blocked it again. So I added Libre in Power Applications, but AP blocks it again. It's the first software with AP has this behavior.

 

Strange - I do not have that issue (Win 8.1 Pro 64-bit). All LibreOffice Portable executables (via PortableApps.com) added to Guarded Apps.

 

I also did it, but nothing changed. A bug ?

 

You could try adding the LibreOfficePortable folder to User Space Include=No (assuming your portable apps are in user space), but you shouldn't have to do that and it would remove protection.

 

Sorry, I forgot: I tried this too before posting: it doesn't work. Only Mode in which Libre Office portable works is AP in Install Mode. Note: no problem instead with Libre Office installed in the system. I believe that it deals with some Libre portable process.

 

Yes I've had same issues with some portable apps before. Had to move them inside Program Files and/or Program Files (x86). Then added them as guarded.

 

Tried: doesn't work.

 

Hello Guys,

I am using AG + SBIE + RAM Disk.

The sandbox folder path is set to R:\Sandbox, where R = RAM Disk and R:\Sandbox is an exception folder with Read\Write permissions.

For best protection do I need to add R:\Sandbox to User Space?

It seems to me that would be correct for optimum protection.

Thanks,

HJLBX