AppGuard 4.x 32/64 Bit - Releases

Discussion in 'other anti-malware software' started by Jryder54, Oct 29, 2013.

Thread Status:
Not open for further replies.
  1. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Just curious, has anyone tried appguard and Voodooshield together or would it be too much overlap?
     
  2. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Much appreciated :thumb:
     
  3. guest

    guest Guest

    i have this on my 2nd machine. it works very well. :D
     
  4. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Very cool! What tweaks did you make? I'm assuming add VS to power apps in AG?
     
  5. guest

    guest Guest

    exactly, same old way ;)
     
  6. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    That's an unbeatable combo :thumb:
     
  7. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Should I add shadow defender and any other security to power apps?
     
  8. guest

    guest Guest

    theoritically you dont have to, you are supposed to add them as Power Apps only if AG blocks or hamper them.
     
  9. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Okay thanks
     
  10. guest

    guest Guest

    Power Apps is made to give 100% compatibility but at expense of security since Power Apps are not restricted at all.
     
  11. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Hmm, I have Sbie container on non-system partition...but, no Sbie processes in AG Power Apps.
    A while back as per recommend, I set Sbie container to D: and added User Space d:\ Yes.
    Recommend has been huge compatibility help. Thanks

    Are you saying, also add Sbie Crypto, DcomLaunch, RpcSs, WUAC, SbieCtrl, Start, etc, etc, etc. as AG Power Apps...?
     
    Last edited: Dec 2, 2016
  12. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Um, is Customer ID different from e-mail associated with the license. I have License IDs and Passwords.
    I'm not recalling Customer ID...? Sorry.
     
  13. Lockdown

    Lockdown Registered Member

    Joined:
    Oct 28, 2016
    Posts:
    772
    Location:
    Wilders Security
    Customer ID would be found in the original purchase documents\e-mail. It is different than the e-mail associated with the license.
     
  14. guest

    guest Guest

    I have added no Power Apps at all :cautious:
    I only plan to add them if i encounter problems.
    I agree, i can't find the Customer ID too, and i looked through all emails from AG.
    But it can be found in the "License Portal", there you can see your Customer ID:
     
  15. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Okay, I'll try to find my Customer ID. Thanks

    Edit: with e-mail thru License Portal> reply from support@ > The following Customer accounts were found:

    Thanks!
     
    Last edited: Dec 2, 2016
  16. Lockdown

    Lockdown Registered Member

    Joined:
    Oct 28, 2016
    Posts:
    772
    Location:
    Wilders Security
    All that is needed to solve license issues is the License ID and the e-mail associated with the license. Having the Customer ID helps if you have multiple accounts with BRN.

    The license portal - while still up and available for use - is not really used by anyone except those on this thread.
     
  17. I have been running this combo for awhile myself, i call it "over lapping fields of fire" an old military term meaning the two compliment each other by closing would be gaps.
     
  18. guest

    guest Guest

    Exactly. VS will watch AG's back while it will be on install mode.
     
  19. guest

    guest Guest

    That is the purpose of the Power Apps function. ;)
     
  20. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Something strange just happened...I had locked my computer and stepped away for awhile and when I tried to login my windows user picture was at default and it gave me a message saying something regarding my SAM account (can't remember everything) I had to do a hard reboot and now everything is fine again but it may happen again and I know it's appguard causing it. I will take a picture of the message next time if it does happen again.

    Where does AG store logs, maybe it's saved somewhere?
     
  21. Lockdown

    Lockdown Registered Member

    Joined:
    Oct 28, 2016
    Posts:
    772
    Location:
    Wilders Security
    The Security Accounts Manager (SAM) is a service that is used during the logon process. The SAM maintains user account information, including groups to which a user belongs. AppGuard at default settings and configuration doesn't have anything to do with the SAM.

    AppGuard logs are found in the Event Viewer. You have to filter the logs for event "Blue Ridge Networks."
     
  22. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    This has NEVER happened to me until now so AG had to be the cause

    I found this

    SAM failed to write changes to the database. This is most likely due to a memory or disk-space shortage. The SAM database will be restored to an earlier state. Recent changes will be lost. Check the disk-space available and maximum pagefile size setting.


    SAM failed to restore the database to an earlier state. SAM has shutdown. You must reboot the machine to re-enable SAM.

    Blue Ridge Appguard

    Prevented <c:\windows\system32\lsass.exe | c:\windows\system32\wininit.exe> from writing to <\registry\machine\sam\sam\domains\account\users\000003e8>.
     
    Last edited: Dec 3, 2016
  23. Lockdown

    Lockdown Registered Member

    Joined:
    Oct 28, 2016
    Posts:
    772
    Location:
    Wilders Security
    @Overkill

    Would you please provide the following:

    1. Msinfo32 file. [WIN + R > msinfo32 > File > Export]
    2. Application Event Log [Event Viewer > Windows Logs > Application > Save All Events as > Application Event Log.evtx]
    3. System Event Log [Event Viewer > Windows Logs > System > Save All Events as > System Event Log.evtx]
    4. AppGuardPolicy.xml file from user’s profile directory. [C:\Users\User\AppData\Roaming\blue ridge networks\AppGuard\AppGuardPolicy.xml]
    5. Detailed steps to reproduce the problem. [What happened ? - numbered list of steps would be helpful]
    6. If it is a crash we ask for any mini-dump files. [Search in Windows Explorer for *.dmp and see if there was an lsass.exe mini-dump created]
    7. Add all files into an archive (zip should suffice)
    8. Contact me by PM

    NOTE:

    We need the System and AppGuard settings and configuration at the time the issue occurred; if you changed anything on the System or in AppGuard after the issue occurred, then please state what was changed. It will be a great help when sifting through the logs.
     
    Last edited: Dec 3, 2016
  24. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    I haven't changed any settings since it happened
     
  25. Lockdown

    Lockdown Registered Member

    Joined:
    Oct 28, 2016
    Posts:
    772
    Location:
    Wilders Security
    Thank you for that detail.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.