AppGuard 3.x 32/64 Bit

No, it doesn't require constant tinkering. Depending on what other software you are running and what blocking messages you are seeing, there may be a small amount of initial configuration required. After that it largely takes care of itself during normal operation, automatically and silently blocking any behaviour by untrusted programs that contravenes the policy without bothering the user.

You do usually have to put it into Install mode though to install new software or apply software updates. One of the strengths of AppGuard is that it will prevent drive-by downloads and unintended software installations.

 

Pegr, Thanks again! Another great response.

 

@ bwb1,No tinkering,set it and forget it.The only time you may have to tinker with it is when installing new programs as you may have to lower its protection level with a simple right click from the AppGuard tray and No worry's if you forget to set back its protection level as AppGuard will turn it back on at the preset time.

 

Thanks all, I will give it a go, and considering it's low price should be all good.

 

Thanks to you also, Dark Shadow! I may never have to come back on here again with all the help.

 

Your welcome Barb and no we may always need you here,besides your part of the wilders family now.

 

What settings, if any, is everyone using regarding MBAM (not Pro/real-time, just on-demand)?

 

Thanks!!!! That means a lot.

 

All I did was to add mbam.exe as a PowerApp and add Malwarebytes Corp to the Publishers list.

 

None needed.

 

Just to confirm, by adding no Power App exclusions for MBAM, AG will not prevent MBAM from reading, or accessing anything that would limit MBAM's accuracy on quick or full scan? I ask because I run only AG and no AV, so I rely on MBAM and HMP to detect any issues via on-demand scans.

 

I've run MBAM on-demand scans alongside AppGuard for a long time now and I've never seen an AppGuard alert in relation to MBAM. There is no need to make exceptions unless you are seeing alerts that indicate that AppGuard is preventing a program from operating normally. The AppGuard messages panel is the best guide as to what exceptions (if any) need to be made.

The purpose of PowerApps is to completely exempt executables on the PowerApps list from all AppGuard protection. PowerApps can be launched unguarded from guarded applications which could be exploited as a way into System Space. PowerApps are a potential attack vector and should be used sparingly, only as a last resort when necessary to resolve a problem with other security programs running alongside AppGuard.

You can add Malwarebytes to the Trusted Publishers list if you want to but this is only necessary if you are going to run digitally-signed MBAM executables from User Space with the AppGuard protection level set to High.

 

Thanks pegr, very much appreciated!

 

You're welcome.

Kind regards

 

ok i am trialing appguard,to work as a replacement for an av product,i am perfectly happy with its anti-executable like capabilities,but i just wanted to know how to I configure it protect a a pdf exploit or an excel macro virus ?

 

hey, currently using Windows 8 Professional here and installed Appguard as well. The MBR Guard doesn't turn on. When you enable it and then restart it's still turned off...Is that a known issue??

Also my lovely Deepfreeze doesn't even install due to incompatibility...

 

Isnt this just a HIPS style product.?
Why would i pay for this when there are free options available.
I dont see anything in this product which i cant get elsewhere for free.
If malware gets past this then your kaput as there is no other form of protection.
I really would sooner install CIS then this.
Also you need to disable it to perform any downloads.
It seems to be a waste of space and time and i would recommend other free programs like comodo or online armor over this overpriced product.
Regards.

 

malware will never ever get past it. Period. You can actually declare that as a fact. Set it to High or Locked Down and you'll be safe. That's it...I could go more in Detail but thats basically how it works...

you are right that you could reach similar protection in different ways. You could use Nprotect MBR Guard + Software Restriction Policy for example. But Appguard is all that together with many opportunities to customize. It also protects the registry etc. Personally I feel quiet naked without it so I'll Keep using it in Windows 8 as well.

It would be quiet nice though if they fixed my issue with the MBR Protection which is not working on Win8 ...

 

Is there a way for me to disable all Event viewer logging? I understand it's a silly thing to ask, I'm just wondering since I like to keep Event viewer as empty as possible.
Great work with this product, there's not a single application I've come across that makes me feel as secure as Appguard does, I'd struggle to live without it.

I'm also experiencing the problem above with the MBR guard and Windows 8, I just assumed this was because Windows 8 defaults to GPT however I'm not certain on this as I don't fully understand MBR/GPT.

 

Open the GUI, click on Customize... then uncheck all of the Alerts log checkboxes.

 

I've done that already, it doesn't stop event viewer logging so I'm not entirely sure what that feature does exactly.

 

Its actually more like an Anti-exe. Malware isn't going to be getting by this once in lock down. Just like arcanez said no malware will get through this software. It's really that good. It also isn't that expensive for a lifetime license. $30 I believe. The fact that nothing will install with it running is a testament of how powerful it is. There are other programs that you can use to emulate it but not all in one. I know that blue ridge says that you should use it concert with AV and firewall but it can be used by itself. I would use it in a layered defense though.

 

license is $20 actually and that is for 3 users which is a steal IMO!!

 

AFAIK you can't completely stop AppGuard from writing to the event log. You can suppress alerts that are reported via the GUI from being logged, but these are only a subset of the events that AppGuard generates.

Event logging has never had a noticeable performance impact on my Windows XP system. If the size of the event log is a concern, one option would be to clear down the application section occasionally. Another possibility is to use a light virtualization program alongside AppGuard to discard all system changes on reboot.

Kind regards

 

Thanks for the suggestion/explanation of the aforementioned options. I was just wondering if it was possible, the only reason being is that I like to open event viewer and be greeted with an empty page.