AppGuard 4.x 32/64 Bit - Releases

It turned out that the Terminal Services were disabled and that was causing the issue. A big thank you to you for reminding me about that prerequisite. I had forgotten about it.

 

It is a bug, but cosmetic only.

 

Hello,

I have a question. I have a partition on the same drive as my Windows partition that I install all of my games. This makes it easier when I make backups/images of my drives/partitions. The issue that I have is when Windows 8.1 Pro x64 Update 1 does its automatic system maintenance. I gets literally thousands of the following types of errors in the logs of AppGuard:

From the way I understand it, I have two options in this particular situation:

1. I can add the folder to user space set to "No" under Include
2. I can add the folder under Guarded Apps as an Exception Folder (Read/Write)

Either of these methods should solve my issue so my questions is this: Which of these two methods would be the proper, more secure way to handle this situation?

Thanks in advance for your help...

 

Hello,

I tried both methods and have probably answered my own question... Method 2 does not work since it is only for read/write access. I then assume that method 1 would be the proper, most secure method to solve this issue? Would adding the folder to user space with Include set to "No" be the correct thing to do in this case?

 

What you are experiencing is AppGuard's user space launch protection preventing some dll's to be launched from their location. Since the affected folders are on K:\ partition, AppGuard will automatically recognize this as user space. The correct method would be to exclude it from user space with the "Include: No" setting.

Read/Write access is necessary when guarded apps need to write to system space (most of C:\ except certain folders) in order to function properly.

 

Hello FleischmannTV,

Thanks for your reply. It confirms what I was thinking but wanted to verify.

 

Thanks from me too.

 

Hello,

I have another question concerning AppGuard and my games.

When I either launch my game console or a game directly, the DRM/licenses are checked before the game is allowed to run by the process "C:\ProgramData\Big Fish\Game Manager\Addons\gmActivator.exe". As you can see from the above logs, writing to the registry during this process is blocked causing the games not to load. I can make that process a Power App but I really do not want to do that. Is there another more secure method to allow that process to write to those registry keys without making it a Power App?

 

Add the full gmActivator.exe file path to the User Space tab and set the Include flag to No.

 

Hello pegr,

Thanks a lot! I should have known that but I guess I did not associate the writing to a registry key to be handled the same as a process being executed. This is one good bit of information that I have learned today...

 

You're welcome.

Kind regards
pegr

 

Windows update under one account, reboot into another.

First this is my observation today only, might include my subconscious medlings.

I have Windows 7 updates to download automatically, but let me choose when to install. I noticed 6 new important updates are available running in my standard user account. Set AppGuard to "Install and not automatically resume previous level". Started the install and was then after told a restart is needed. (Unplugged my cable to cable modem as an additional security option.) Restarted the computer.

Usually after Windows update I log into my admin account and so did now too. To my surprise AppGuard was shown in Locked Down mode!!! I put AG into Install mode and logged out from Admin and logged into the user account where I had initiated the install. Was then told new updates have been installed from the bottom right popup.

From now on based on this experience I will now reboot into same standard account where the AppGuard was put to install mode. Not sure if it is needed?

 

Yes. AppGuard remembers the settings for each user account. Do you think that it should behave differently with respect to the current protection level setting?

 

Oh I can't speak for anyone else except myself Barb. I would like to see some global setting for myself remembered. Like when I came back to my admin account, I noticed it was to medium, anyways much better than install when i left it over 20 mins. I can't see all the possible situations and usage for sure and running myself as a sole person my computer
I'll reboot from now on to the install software done account.

Best wishes.

 

I could use a little help. I'm trying to do something a little unconventional and AppGuard doesn't like it.

I'm trying to run a small "portable" app from my C:\Program Files folder, but AG keeps it from launching every time - doesn't think it's a legitimate program.

And although there is an "installed" version of this same program, I prefer using the portable one.

Of course, if I include it as a Power App, it works just fine. However, I'm wondering if there's a better solution?

 

Weird... AppGuard should ignore anything launched from system space. Perhaps the file is trying to launch by dropping another file somewhere in user space and executing it from there. Are there any events listed in AppGuard's Activity Report?

 

That's exactly what I've done, Pete. But I think something else is going on as Fleischmann suggested (even though the exe file is in the Program Files folder). Here's what's in the AG Actvity Report:

04/12/14 09:23:14 Prevented process <diskdefrag.exe | c:\program files\auslogics\auslogicsdiskdefragportable4.5.3.exe> from launching from <c:\documents and settings\tom\local settings\temp\rarsfx0\diskdefrag>.

 

Change your protection level to Medium. If its a signed executable then there wont be a problem, provided its not modifying anything in system space.

 

Try adding c:\documents and settings\tom\local settings\temp\rarsfx0\diskdefrag to the User Space tab and set the Include flag to No.

 

I just earned a 50% discount coupon for participating in Blue Ridge's survey. Can I use that coupon right now, to buy a 1 year's extension to my AG license? If so, how?

 

The license isn't an annual one. An upgrade fee is only charged for each major version so, on the current licensing terms and conditions, there will be nothing more to pay until 5.x is released. You can use the 4.x series for as long as you wish on your current license.

 

So I have a 50% discount with nothing to use it on. Ah well

 

I imagine that you'd be able to use the coupon to buy an additional license at a discount though if you wanted one.

 

I am not sure I will risk my email address to any survey, even if it be originated from the AppGuard purchase.