AppGuard 4.x 32/64 Bit - Releases

Discussion in 'other anti-malware software' started by Jryder54, Oct 29, 2013.

Thread Status:
Not open for further replies.
  1. syrinx

    syrinx Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    427
    I haven't read through all the posts here, so it's possible that it was discussed before but I've noted a small quirk in the GUI Tray menu. On Windows 7 (32) as an administrator when programs are launched as a different user (limited user) the appguard protections appear to be applied as per event log reports reflecting blocks. However the tray menus for guarded execution and privacy mode do not show options to suspend protections for those apps running as a limited user. Running the same app (can test this with notepad.exe on guarded list) from the original user shows them. It hasn't caused me any issues as I have yet to find a reason to suspend protections for one program while it is running. I could understand the limit for an AppGuardGUI running inside a limited user account, just not from an administrator account. Is this intentional?
     
  2. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I think you have to login as an Administrator, and then go to parental controls in AppGuard under the advanced tab. Then select the LUA account in question, and make changes to permissions as needed. I only have an Admin account on this machine so that's why there is no LUA in the screenshot.
     

    Attached Files:

  3. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,280
    Location:
    UK
    I too think the existing terminology is fine, but the way default file and folder permissions are customised within the GUI is over-complicated and a potential source of confusion. Both the User Space tab and the Folders section of the Guarded Apps tab are problematic in this respect.

    The User Space tab is problematic because setting the Include flag to Yes/No gives the impression that the user is changing the definition of which folders lie in user-space. This is potentially misleading as it is really about changing the default guarded apps launch protection of system-space and user-space folders and files listed, and not about user-space inclusion and exclusion.

    The Folders section of the Guarded Apps tab is problematic because it gives the impression that it is associated with guarded apps. This is potentially misleading as it is really about changing default read/write access permissions of system-space and user-space folders and files listed, and not about associations with guarded apps.

    The GUI needs reorganising to better reflect this. What about changing the GUI as follows: Move the Folders section from the Guarded Apps tab and integrate it into the User Space tab, renaming the User Space tab to "Folders" (or something similar). Each file or folder entry listed within the renamed "Folders" tab would have a pair of flags:

    Type (existing flag) = Read Only / Read/Write / Deny Access
    Guarded (rename of Include flag) = Yes / No​

    Advantages:
    No need to consider user-space inclusion and exclusion.
    No need to consider folder and file access in the same context as listing of guarded apps.
    Folders and files only need to be listed once in a single tab to change default permissions.
    Easier to understand and operate, with no risk of confusion.​

    Disadvantages:
    None that I can think of.​
     
  4. reyes

    reyes Registered Member

    Joined:
    Dec 8, 2013
    Posts:
    48
    Location:
    INDIA
  5. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    I am getting this on my Windows 8.1. x64 machine as well, but not on Vista x86 or Win7 x64.
     
  6. syrinx

    syrinx Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    427
    I checked it as you suggested, they were all selected. I even tried setting both the administrator which I run from (where AppGuardGUI is running) and the limited user I tested the 'run as' to super user in that window- no change.

    Update1:
    I decided to Enable Privileged Mode and test that as well, still won't show the menu items for those apps running as a limited user.

    Update2:
    First I disabled the above changes, all users set to SuperUser=No to disable parental controls. Unchecked Privileged Mode.
    I created a second administrator account and ran a program as that one, still no menu items for it. So not related to using a limited user account, but any secondary logon?
     
    Last edited: May 8, 2014
  7. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    If those rights were already checked, and the menu items still were not showing for those apps then I think you are experiencing a bug. I would contact BRN at AppGuard@BlueRidgeNetworks.com for support, and inform them that you have already tried as I have suggested. Good luck getting this sorted out, and please let us know the outcome.
     
  8. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I would recommend renaming Parental Control to, " User Account Privileges, or User Account Control".
     
  9. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    Does AppGuard protect against unwanted/unauthorized "driver" installs like NVT's Driver Radar Pro does? Or, do the two programs do different things and can be used together to complement one another other?
     
  10. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Yes it does.

    Pete
     
  11. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,703
    Location:
    North Carolina, USA
    Hello,
    I am honestly not being impatient as far as news about 4.1... I am setting up my wife's new laptop and originally was going to wait to install AppGuard on it when version 4.1 was available (stable or beta). Since it seems the release has obviously been pushed to a later date, I was hoping an updated status could be posted. If 4.1 is still a bit away and not going to be seen soon, I will go ahead and install the current stable build on my wife's system. If it will be released in the near foreseeable future, I would rather wait until 4.1 is available to install.
     
  12. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    AG does not block driver installs with it's default settings on my machines. For example: if I plug in an external drive that I have never used before the drivers for that drive will install with AG's protection in Medium, and Locked Down Mode. I'm not sure what configuration changes would be needed. I'm pondering that one might need to add the driverstore folder, or drivers folder to the userspace tab with the include flag set to , "Yes". They are located at the following paths on Windows 7: C:\Windows\System32\DriverStore, and C:\Windows\System32\drivers. Do not try this though because I have never tested this! It may cause a BSOD. Even if AG can be configured for this purpose then it would just block the driver installs instead of prompting the user to allow, or deny them so you might have to disable AG when installing drivers. This would be a good question for BlueRidge Networks. I have always wondered about this myself.
     
    Last edited: May 9, 2014
  13. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    This is VERY interesting! I'd love to hear some additional comments from others.
     
  14. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I'm going to send Barb an email, and ask her to take a look at the thread regarding our driver questions.
     
  15. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I just sent her an email. Hopefully she will have time soon to answer our questions.
     
  16. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    Anxious to hear from her, too. However, even though I'm not sure about its impact on resources, I've been thinking of possibly adding NVT's Driver Pro (freeware).
     
  17. Barb_C

    Barb_C Developer

    Joined:
    Jan 7, 2011
    Posts:
    1,234
    Location:
    Virginia
    It seems like perhaps it is a bug. We're changing the ways updates are done in version 4.1 so hopefully it will not be an issue, but something we'll test for. Thanks!
     
  18. Barb_C

    Barb_C Developer

    Joined:
    Jan 7, 2011
    Posts:
    1,234
    Location:
    Virginia
    Would you send a description of what you're seeing to AppGuard@BlueRidge.com and we'll look into it.
     
  19. Barb_C

    Barb_C Developer

    Joined:
    Jan 7, 2011
    Posts:
    1,234
    Location:
    Virginia
    It will probably be a couple of weeks for the beta to come out. Sorry for the delay.
     
  20. Barb_C

    Barb_C Developer

    Joined:
    Jan 7, 2011
    Posts:
    1,234
    Location:
    Virginia
    Cutting, thanks for alerting me to this topic. I have forwarded the question to our lead developer. I don't believe that AppGuard stops plug and play drivers from being installed, but if the driver is being installed via a msi install package or other executable, they would be blocked.
     
  21. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    5,703
    Location:
    North Carolina, USA
    Hello,
    Thanks for the update! No rush (just wanted a status update), just take your time and keep releasing the quality, bug-free software that you always do!
     
  22. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Thank you for your prompt response Barb! That was super fast. :thumb:
     
  23. YES

    Yes, AppGuard does block install new drivers from protected programs and from user space, while NVT DP blocks loading of drivers, no matter from what folder they come

    See previous, could be used together, but AppGuard alone should be sufficient protection
     
  24. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    So where does post #1337 (above) fit into all of this?
     
  25. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Well, many drivers are installed from plug, and play devices. Barb already mentioned above that she does not believe AG blocks plug, and play driver installs. Maybe it could be configured to, but I dont' know how. I have some ideals I could try, but i'm afraid of the adverse effects it may cause. I do believe AG would protect from driver installs from malicious means from the user space. Drivers that are contained within a malicious executable would of course be blocked because the executable would be blocked, but I think this is a different situation than TomAZ's original question. Doesn't Driver Rador Pro give control over all driver installations?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.