AppGuard 4.x 32/64 Bit - Releases

You have to use the main GUI and untick "Automatically resume protection after 20 minutes." You can modify this time also on the Advanced tab.

Other security software should be added to Power Apps if AppGuard blocks something and it causes the security soft to malfunction.

Block events that do not break anything should be ignored.

 

Download AppGuard Personal 4.3 User Guide.

 

User added <c:\users\bjms\documents> to private folder list.
---------------------------------
Prevented process <Firefox> from accessing to <c:\users\bjms\documents>.
Prevented process <Firefox> from accessing to <c:\users\bjms\documents\desktop.ini>.
Prevented process <Firefox> from accessing to <c:\users\bjms\documents\contacts\desktop.ini>.
----------------------------------
Did not realize calling Firefox calls Documents\....
Afaik I don't have documents\desktop.ini or documents\contacts\desktop.ini
?

 

You should see them if you go into Folder Options and uncheck "Hide protected operating system files"

 

normal. ignore.

 

Yes.... Thanks

 

Yes, Normal & Ignore. Curious, why call browser calls Documents.
Prevented process <Internet Explorer> from accessing to <c:\users\bjms\documents>.
Does call browser, call any other...?
AG default is \documents\myprivatefolder(empty), so I added \documents to see what happens.

 

Q: restore earlier AppGuardPolicy/appguardpolicy
I have earlier copy of AppGuardPolicy and appguardpolicy saved.
Just tried to paste/move earlier to current (x86) and Roaming.
AG Customize does not change. TamperGuard Off.
Is there trick to import earlier Customize.

Update: maybe just Roaming appguardpolicy

 

What happened with Lockdown mode?
Lockdown mode is the most secure protection level and security level there is, and yet it was abandoned? Why?

 

it is still there, only available via tray icon.

 

see page 9 here > Download AppGuard Personal 4.3 User Guide.

 

IMPORTANT FACT :

if Appguard is installed while Rollback RX monitor the System partition, it cant guard apps on non-system partition not monitored by RX .

however i dont know if it can guard the apps if the non-system partitions are also monitored by RX

 

I have RollBack Rx along with AppGuard installed, and I successfully guarded DNS Jumper that is in my D://. It launched without any errors coming from AppGuard, although it blocked, obviously, the operation to change DNS.

Edit: I was wrong. DNS Jumper successfully changed the DNS server. The blocked message in the log probably applies to the registry operation.

 

Does D:// is under RX monitoring?

 

No. Only C: is under monitoring by RollBack Rx.

 

uhm...ok, so i wonder what causes my issue. I will wait the next build.

 

Does AG block executing of .js files in user-space?

 

Yes. It blocks *.js files executed in User Space. However, it doesn't block javascript code -- otherwise things like browsers wouldn't work. There is a difference between a *.js file and javascript code.

 

Yes, I'm aware of that, thanks. But I didn't know you .js file are executable in Windows until I just read advice on disabling their execution via Group Policy.

 

Q: anyone add KeePass (or similiar) to Guarded Apps

 

You could -- and see if AppGuard blocks any actions that result in KeePass breakage. The only reason to add KeePass to Guarded Apps is if you are paranoid about an exploit involving KeePass -- which is extremely unlikely.

 

I was thinking Memory Guard for KeePass open (data) in memory.
Upon call KeePass master password dialog >
Prevented <CTF Loader> from writing to <\registry\user\s-1-5-21-nnnnn-1004\software\microsoft\windows\currentversion\run>.
Prevented process <KeePass> from writing to <c:\windows\cryptoguard\328af9a1>.
Head scratch why KeePass wants to write to empty C:\Windows\CryptoGuard folder (Alert 3.5 installed with service Stop).
So, thought I'd ask if KeePass was logical as Guarded App.
KeePass saved creds work okay and Ignore quiets AppGuard.
Note: have not tried to add new KeePass creds.

Edit: just had > Prevented process <Firefox> from writing to <c:\windows\cryptoguard\9ad97749>.

 

c:\windows\cryptoguard Is in System Space and you have HMP.A installed.
You have to make this an Exception Folder (Read/Write)

 

D'Oh!, I forgot, I've been resting 3.1. Recent install 3.5 (and I forgot Exception).
Hmm, even with Alert service stopped..?
Thanks!
So, is KeePass (or similiar) logical as Guarded App..?...OnOnOn...?

 

Guys where can I find 4.4.4.1 Appguard Version ?