AppGuard 4.x 32/64 Bit - Releases

Always meant to try this. One day.

 

LOL... I make mistakes with AG too - forget to always change this or that from Yes to No or Deny to Read\Write.

 

Pretty sweet. Not difficult to configure.

 

Does everything look alright in the screenshots..... @guest

 

There really is something wrong with this:
03/16/16 08:06:45 Prevented <AppGuard Agent Service (x64)> from writing to <\registry\machine\software\wow6432node\blue ridge networks\appguard>.

As usual, issues like this one (along with AG blocking even if it is Off) would only arise if the system is not restarted for a few days (i.e. only sleep/hibernate/shutdown was used).

 

i don't see anything special

 

Is M$ Edge browser supported by AppGuard ?

Never bothered to look into it.

 

It doesn't look very ridgy-didge to me.

 

I will let website admin know... Thanks @SweX

 

lol , indeed , i didn't pay attention at the typo, was focused on the sections architecture

 

Thank you for the report, we have fixed this.

 

Using Edge browser here with Appguard, appears to be working well.

 

I'm trialing the latest stable release of AG in a VM in Protected Mode - I'll try using Locked Down later on after using for awhile.

I see schtask.exe is blocked - is there no way to whitelist legitimate tasks? I'm not sure what 1/2 the stuff is in the task list, but I'd think tasks like System Restore, Registry Backup, Time Sync... should all be running.

I've been looking for a summary of suggested tweaks - does one exist? So far I've just added an exception folder for Sbie. I'll be trying combinations of:

AppGuard
EMET
MBAE free
Sbie
VoodooShield
NVT-ERP
Zemana AL free
Avast (HM - Aggressive) free
WSA
WFWC4
EAM

Plus
IE11, FF and Chrome - with various webinar plugins (gotomeeting, skype for Business, Webex, Zoom), flash, and a few security addons - uBlockO, etc
Foxit
Skype
SafeHouse Explorer
SyncBackFree
...etc...

 

Windows uses TaskEng.exe for legitimate tasks; schtasks.exe is just a command line utility to create jobs in Task Scheduler - so you don't need it. SchTasks.exe can be easily abused so it should remain in User Space unless you must use it.

AppGuard + NVT ERP + Sandboxie is a popular combo. Some add more like HMP.A, EAM\EIS, WSA, Adguard, WFC, etc.

I currently use AppGuard + NVT ERP + HMP.A + WSA + Adguard. It's pretty light; system is responsive - and well protected.

I think AG + WSA + Adguard is good too.

 

Likewise (except for EIS instead of WSA) on my primary laptop.
What's your view on VS as a replacement for ERP or AppGuard, or both? I am playing with it on my other machine.

 

You're welcome

 

Thanks for the clarification and setup suggestions - we'll see how the trialing goes. AppGuard seems pretty straightforward to use on defaults anyway - I think I'll just need to add a few more exception folders

Any issues using AG in a Standard User Account?

Also, I noticed disabling User Space from the task bar icon did not work - I needed to disable the folder in the User Space tab in the GUI or put AG in Install Mode

 

Should be no problem with SUA.

Perhaps you find bug with enable\disable User Space launches... If you think it is bug, then submit directly to AG Support - because Barb often misses bug reports here.

 

Great - thanks for the reply

 

Is there a file somewhere on the HDD that AppGuard manages, in relation to "Ignored Messages" entries? I think custom entries disappear upon upgrading. Not quite sure on this...

 

Yes. C:\ProgramData\Blue Ridge Networks\AppGuard\AppGuardPolicy.xml

 

@Barb_C - how goes it ?

 

We had a report from someone that has java installed and he is seeing AppGuard adding multiple (like 100s) of instances of Java to the policy. They are all the same 5 files over and over again. We have not been able to recreate it. Is anyone else seeing this? Would you mind checking your C:\users\<xxxx>\appdata\roaming\blue ridge networks\appguard\appguardpolicy.xml file and let me know?

There should be 5 policies for each version of java that you have installed (for instance If you have a 64 bit system and have both 32 and 64 bit java installed, you should see 10 policies in the policy (C:\users\<xxxx>\appdata\roaming\blue ridge networks\appguard\appguardpolicy.xml). There will also be the two wildcard policies (so at most 12 in all). I opened my policy file and did a search on java and saw that I had 23 occurrences. If you have more than that, will you send me a snapshot of the paths?

Before I get a bunch of reports about it, you will only see entries for "C:\program files\java" even though if you have 32 bit java installed you would think that there should be "C:\Program Files (x86)" entries. Don't worry, AppGuard knows to Guard the x86 version. I want to get this fixed so I have to stop explaining about it, but otherwise I believe it is harmless.

Thanks to all of you for your support of AppGuard!

 

Okay. I took some time off last week and I'm feeling refreshed! Thanks for asking.

 

It looks like you are correct. I have entered this as a bug into our system.