AppGuard 4.x 32/64 Bit - Releases

Thanks for the help guys, but if it's debatable about needing to run a HIPS with AppGuard, then I'm going back to just AppGuard and Sandboxie.

 

DoctorPC there's something I don't understand about your post. If the people on your computers can handle the decisions necessary with a HIPS couldn't they deal with just a click on "Install" in AppGuard?

 

Deepguard is very simple.. 99% of the time it performs background tasks. Installations are fully allowed, it's only when the installation does 'funky' business that it is intruded upon, or when it is unsigned, etc. The dialog for Deepguard in those cases is a 'notification' of the problem with a 'close' button. Therefore the only interaction, unless you want to read it, and click the small 'add exception' words in the text, it's going to simply be 'close' and on with it.

Forcing all installations to be blocked seems a bit overkill, and a pretty big annoyance for the majority of system users I work with. They don't want to be blocked when installing the latest PDF reader, or Mozilla updates, and there really isn't any reason they should be blocked. Given the number of 'automated' updates from launchers like Uplay, Origin, Steam, Appguard will quickly become a major headache in those respects. I literally install/update 10-50 programs a day, and I work on machines that update/install hundreds in some cases! Deepguard largely ignores them unless something blatant is discovered.

Does that make sense?

 

Yes, thanks. I guess DeepGuard isn't like the other HIPS I've used, which require more tending than AppGuard does.

 

AppGuard and DeepGuard both provide highly effective protection, but they are not directly comparable IMO.

AppGuard is a standalone policy restriction program based on classifying applications as trusted or untrusted. It can be combined with a real-time AV or used by itself. AppGuard is highly compatible with other security products. Each major version released must be purchased separately but minor version upgrades are free.

DeepGuard is the behavioural monitoring component within F-Secure Anti-Virus and Internet Security. It is not available as a standalone program. As with any real-time AV, compatibility with other security products may vary. F-Secure is subscription-based with annual renewal.

If I were using F-Secure Internet Security, I probably wouldn't bother with AppGuard as DeepGuard would provide a similar level of protection. For anyone not using one of the top-rated Internet Security packages with a proven track record, AppGuard is well worth considering as an addition, especially for users of free AV solutions and users who prefer to secure their systems in other ways without using real-time AV.

 

Calling AppGuard overkill is kind of funny, especially in comparison with an Anti-Virus solution. They slow down your internet experience thanks to their horrid stream scanning, scan your hard-drives on every single access and if push comes to shove, they sometimes fail. I would call an AV overkill in terms of wasteful usage of system resources, even more so if you compare it with AppGuard.

 

I have been receiving These block Messages and I have no idea how to solve this. Appguard keeps blocking stuff from an old AMD Catalyst Driver package that is no longer installed on the Computer for months. This does only happen when the Computer is in idle stage and Appguard is set to medium (rundll32.exe). Whenever I get back to my Computer I have this blinking Icon in the System tray.

I reinstalled Appguard without success. Also I uninstalled everything related to AMD Drivers from my Computer but even then Appguard blocks stuff from that old AMD Driver package. I really have no clue what the hell is going on there. Need some help

 

Run cmd.exe as administrator and run this command:
pnputil.exe -e
See if the driver is displayed. If yes then note down the oemXX.inf and run the below command:
pnputil.exe -d oemXX

Also there's a registry entry which you can enable to display hidden drivers. After doing so, go to Device Manager and choose View Hidden Devices. That will display drivers no longer needed in transparent color. You can right click that driver and select Uninstall. If you didn't know about this before send me a PM, I can send you the procedure.

 

Well, I did not know about Windows 8.1 compatibility. But I guess the pnputil command still works.

 

I have set the device Manager to Show hidden devices and I had a greyed out entry in the graphics Card section which was a R9 200 series. I uninstalled that device since I no longer own that Card. However I am not sure if that solved the Problem. I will have to leave the Computer idle and see if Appguard keeps blocking stuff.

Yes, I use Windows 8.1 Pro x64

pnputil.exe -e works and it Shows some AMD related stuff but it's hard to figure out which one to select...

 

Appguard does still block stuff...so annoying

I might try to uninstall all AMD Drivers from the Computer once again and then run pnputil.exe -e and uninstall everything from there which is related to AMD. After that reinstall the current amd Drivers??

What do you think?

 

You can google search what are the essential AMD drivers, rest of them you can delete. I use Intel and I have just 2 drivers from Intel installed.

 

My guarded apps with Privacy mode on is able to write to protected folders(Deny). Apps like Firefox and Kingsoft Office is able to save html, doc files to myprivatefolder. Did anyone experienced this ?

 

I did experience this a while ago. On that occasion, I uninstalled AppGuard then manually deleted the AppGuardPolicy.xml files located within the user profile folders before doing a clean reinstall. After reinstalling AppGuard and reconfiguring it, the problem no longer occurred.

It might be worth trying that first in case the policy files that hold the settings have become corrupted in some way. If the problem still persists after a clean reinstall then report it to AppGuard Support.

 

Thank you pegr

 

This is strange. I had some custom rules to exclude certain user space(for Dropbox). After that guarded apps are blocked from writing to protected folders.

 

hi .. one thing i wanted to ask you is, why do you prefer Appguard over NVT ERP ?

 

Nvt does only know black and white so it either denies or allows a program completely.Appguard also knows a colour in between as it can allow certain programs but restrict them in a way so they aren't a threat to the system. Programs can be run guarded where nvt can only allow or deny Them afaik. Apart from that both programs work very differently.

 

That's right. If I am not wrong NVT works on the whitelisting approach ? Personally I use both AppGuard and SecureAPlus. Recently I raised an issue about IObit software which installed some software without my knowledge. AppGuard did not warn me because ASC was already installed in program files and so it was able to download the software and install it. If I had some kind of whitelisting app then definitely that would have blocked and raised an alert. Since they both work very differently you can try them both.

 

Probably a very dumb question. Is it required to add Windows 8 metro apps like reader and skype to AppGuard ? Are they vulnerable ?

 

Metro apps can't be guarded, as of yet.