AppGuard 3.x 32/64 Bit

Sorry, not at this time.

 

I've just got round to trying AppGuard again and I'm pleased to report that the latest release is working well on my 32-bit Windows XP Pro system.

The previously reported problems that I experienced with earlier AppGuard versions appear to have been resolved with the final release of 3.1.6.0.

 

Hi, Barb_C
When can we expect right click feature ?

 

I was wondering the same thing.

 

It's great if Appguard recognizes windows update package. Hope this would be improved soon.

 

Agreed. I've just had to put it into install mode to apply Windows "Patch Tuesday" updates.

 

It should have been improved with the latest version. What kind of blocks were you getting before putting into install mode? Were you running in Locked Down mode? Are you running on XP?

 

I've noted the feature request, but I can't promise a delivery date. Sorry.

 

AppGuard was running in High mode on Windows XP Pro SP3. On my system, this month's "Patch Tuesday" updates consisted of the following: -

1. Security Update for Microsoft Office 2007 System (KB2584063)
2. Security Update for the 2007 Microsoft Office System (KB2553074)
3. Security Update for Windows XP (KB2570947)
4. Security Update for Microsoft Office 2007 System (KB2553089)
5. Windows Malicious Software Removal Tool - September 2011 (KB890830)
6. Update for Windows XP (KB2616676)
7. Security Update for Microsoft Office 2007 System (KB2553090)

After the first two updates failed (AppGuard blocked access to the Windows Installer as I recall), I switched to Install mode after which the remaining five updates installed successfully. I was then able to manually download the first two updates again and install them using Install mode.

 

Thanks for the details. We'll look into it.

 

I have a suggestion, name your setup file to reflect the current build number. Maybe I'm anal but I despise downloading something to the Downloads folder where a previous file with the same name already resides. As we all know, the latest version is renamed with the trailing (#).

 

We'll consider this.

 

Apparently Microsoft is still using unsigned files when installing on XP. That is why the first two updates failed. Hopefully we won't see these on Vista or Win7.

 

I thought it might be something like that. Thanks for looking into it.

 

I've very recently installed the Norton Antivirus 2012, and I got this message popped up by the Appguard from today:

09/29/11 18:45:31 Prevented process <cceraser.dll> from launching from <c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_19.1.0.28\definitions\virusdefs\20110928.032>.

 

Just installed Appguard.

But when I try to open KeyNote which loads a text editor and text files, it won't allow me to open it and I get this message:

09/30/11 12:14:42 Prevented process <keynote.exe> from launching from <j:\program files\keynote>.

If I turn APpguard to Medium and not High, then keynote loads ok.

So what is the solution to keep AppGuard on High and still have Keynote load?

And why is it blocking Keynote.exe? For what reason exactly?

Maybe this has to do with keynote.exe and some other programs being located on my J: drive which is a TrueCrypt container? Not only keynote.exe refuses to load, but some other programs too from J: drive.

 

Unfortunately I had to remove and uninstall AppGuard, a real shame too.

But it was not liking all my portableapps on my TrueCrypt container partition and even when I added some of the apps to the allow list, the apps still would get blocked. Everything outside the TrueCrypt container partition ran fine however, so it seems that AppGuard doesn't like apps running from a TrueCrypt container partition. Shame indeed.

 

Your J: drive is in extended user space which is why AppGuard is preventing you from launching programs.

To solve this, click on Customize... and add the J: drive to the list of folders in the User-Space tab with the Include option set to No. You should then be able to launch programs from your J: drive.

 

Appguard has prevented Sandboxie from deleting Sandboxie Contents and I had to browse to Sandboxed directory to manually delete it. How could I configure Appguard to solve this?
http://i172.photobucket.com/albums/w20/abels1/2011-10-01_000041.jpg

 

Did this...but some apps load fine and some are still getting blocked all the time, even if I add them individually to the allow list! No idea why, and I don't have the experience and patience to try to figure this out and messing around with it, so I had to uninstall AppGuard unfortunately.

It seems AppGuard has a problem with extended user space TrueCrypt containers. But in all fairness to AppGuard, I have come across problems before with other HIPS and security programs when it comes to my apps running from the TrueCrypt container. It seems to confuse a lot of security programs for some reason.

 

Agreed. I've had similar problems in the past with TrueCrypt. It's a shame that AppGuard isn't working for you. Perhaps Eirik or Barb can suggest something.

 

It's a real shame too, because I really liked AppGuard. But yeah, especially Truecrypt containers, many security applications don't cope very well at all with it.

 

You could try making the sandbox folder an exception folder. Refer to the help section "User Interface->Configuration Interface->Guarded Applications".

 

Hi TheMozart. Sorry that you're having the problem. Is AppGuard preventing the applications from launching after you've excluded the TrueCrypt container directory from user space? If so, I'll get our lab to try and reproduce. If the apps are able to launch, but are being blocked from preventing operations (writing to system space or the registry), then they may not be "well behaved" enough to be guarded - remove them from the Guard List. You could also send a copy of your events to AppGuard@BlueRidgeNetworks.com.

 

You could try one of the following:

1. Exclude this directory from user space (refer to the help section on "User Interface->Configuration Interface->User Space" - be sure to change the "Include" column to "No").
2. Add Norton to the trusted publisher list (if the dll is digitally signed). Refer to the help section on "User Interface->Configuration Interface->Trusted Publisher List."