AppGuard 4.x 32/64 Bit - Releases

I will pm you about this issue.

 

This is some old news, but I thought I would post it anyways. Maybe some users are too busy to keep up with malware trends. I would recommend that all users add vssadmin.exe to the user-space if you have not already. If not, I would at least add it to the Guarded Apps List. Here is an explanation why it is a good ideal to do so. http://www.bleepingcomputer.com/news/security/why-everyone-should-disable-vssadmin-exe-now/

Also, if you have java installed on your machine then I would recommend adding java.exe, javaw.exe, and javaws.exe to the Guarded Apps List. If you encounter a threat that uses java, or java script on a webpage then you will be protected because AG protects all plugins in the browser. Here is where the danger comes in. If you open up an infected email attachment that uses java as the dropper then it will not be guarded because it will be opened up outside the browser. If you guard java the threat should be blocked, or contained depending on your AG settings. In cases of the threat being contained, the threat may still be blocked before it is able to do anything.

If anyone has any problems due to adding vssadmin.exe to the user-space, or due to guarding java then let us know on the forum. I Guarded all the java components I listed about for at least 4 months without any problems before I decided to get rid of Java all together. I don't need Java so I don't even have it installed on my machines anymore. I had been guarding vssadmin.exe for about a year without any problems. I just decided to move vssadmin.exe to the user-space 2 weeks ago instead of guarding it. I have not had any problems in doing so. The advice i'm giving is not that of Blue Ridge Networks so take my advice with a grain of salt. I'm just a user like you guys sharing a few items I use on my blocklist (items added to the user-space), and items I Guard so take it at your own risk. I have a really large blocklist I have been using. I may share it on the thread if it continues to work for me without any problems. I block a lot of Microsoft.Net executables also.

1/27/16 @ 8:25

 

To be clear - so add the System32 and SysWOW64 vssadmin.exe's as User Space, Include=Yes?
I don't have Java on my machine either.

 

Yes, exactly. If you are on 64bit machine you should add vssadmin.exe from the System32, and SysWOW64 folder. In the user-space tab select "Yes" from the drop-down box.

 

Just did all the above you said Cutting_Edgetech. Thanks......

 

Done. Also followed your earlier advice for powershell / powershell_ise.exe's.

 

Thanks - good tip. I see the powershell processes were already there.

 

This is a bug. I'll check into it.

 

We've seen this in the lab, but are having difficulty coming up with a reproducible scenario. If anyone can provide more details about how to make this happen, please let me know. Also is there an event in the Windows Event Log when this occurs?

 

Well then, guess I'm not special enough huh Wanting to test a product a user has paid for and used, should be an ability and one that could be used to further the products development.

 

How long have you been using AppGuard? What OS are you using?

 

Few months, W10

 

W10 says it all.

 

I'm failing to see how this is relevant to whether a user is entitled to test a beta or not.

 

i don't get your point, i have the beta and i'm on win10...

You have to email them and give your license key so they can check you are indeed eligible for the beta; then they will email you a beta link.

 

I was not officially told this, but after seeing this post below and guests response, I was inquiring to see if it was a closed Beta test for certain individuals. Although I'm not active here " I spend much time reading here", I wondered if this could be the case.

 

Thank you, the response I was looking for, a straight answer I figured a PM to Barb here would have been the route to take.

 

Sorry for the misunderstanding. I was just making sure you have used AG long enough to have a good understanding of how it works. Barb informed us that was a requirement to be part of the beta test group. I was going to email Barb for you to make sure the beta test period was not ending. I will email her tomorrow. You can email Barb at barb@blueridgenetworks.com If you are accepted she will give you a license, and password to use with the beta build. I think your current license will work also if you purchased it within the last year, or two.

I was just curious what OS you was using because we had some bugs reported by Windows 10 users before the beta test period began that could not be reproduced. I was hoping we would have more users testing with Windows 10 to insure the final release is not buggy on Windows 10.

 

i posted a small issue 2 times, not sure it was spotted, since i didn't get any feedbacks about it from Barb.

 

Thank you for the email address, sent her a message. As far as my knowledge of AG, I have run it long enough to understand. I tend to run appguard the way they meant it to be run,I use lock down mode, but not all the time. Only when necessary, like when I get on a Research binge that takes me into unknown parts of the web/websites, or running the VM. The rest of the time I set it at Medium. Rarely do I lower to install.

After digging a bit back, found that with VMware, there are rare exceptions where 0-Day Exploits could be used on Vmplayer, making the memory guard invaluable for placing VMware in guarded apps. Although not officially support by appguard for doing so, it works rather well, and how I ran mine. I could then throw the system in lockdown mode and fire up the VM with it basically being hardened. I understand that not all applications need to be placed into Guarded apps, just as not all folders belonging to the app need to be set in exclusions if a user runs into a problem with the app being guarded. I could go on, but think you now have an understanding of my understanding

 

hi
is there a post number (#xxxx)where is read about powershell
is there other good things to do in appgaurd like vssadmin,powershell,java (i and a total noob to appgaurd)
thanks

 

I read your message earlier today. I figured there was no reason for me to mention you to Barb since you already sent her an email yourself. I didn't want to waste her time having to respond to my email also. I was quite busy sending bug reports for AG during that time. I'm extremely thorough when I test a product. I try to make sure I check as much as possible to ensure the quality of the final release. I care a great deal about the security software I use.