AppGuard 3.x 32/64 Bit

Just installed this wonderful program. Cannot get Media Center to run when it is put into the 'Guarded Apps' section even with everything to 'Off'. Anyone figured out how to get it to run while still in the 'Guarded Apps' list? Media Player works just fine.

Thanks,
Robert

Win8 Pro
AG v3.5.4.0 on High.

 

May I ask the AG veterans what settings I need to make to have appguard get along with the rest of my RT protection? eset,sbie,shadow defender,erp and winpatrol?
I haven't installed it yet fyi

 

high level

 

Will AppGuard protect against Hosts File tampering?

 

I'm not familiar with steam at all. I better let Barb make a recommendation for that one.

 

What other real time security applications will you be using with AG?

 

Yes, it will. All files and folders in system space are protected against write access by guarded applications.

 

@Pegr

Can you clarify this a bit more. . . particularly what you mean by "protected against write access by guarded applications." Does that include any type of intrusion attempt? Thanks.

Tom

 

Every system is different, so you will need to assess this for yourself, based on the blocked events that you see in the Events panel and whether or not AppGuard is preventing an application from working normally. I suggest leaving the protection level on the recommended default High setting for normal use. There's not much practical difference between High and Locked Down and you are less likely to encounter interference with other applications at the High protection level.

Most of the blocked events that I see are MemoryGuard related, or where a guarded application has unnecessarily attempted to update a file in system space. These can usually be ignored without breaking anything. With security applications though, you may want to play safe and make exceptions for MemoryGuard blocked events. Most applications shouldn't need access to the memory space of other running processes but security applications (and some utilities) might.

If MemoryGuard exceptions aren't sufficient then there is the option to add the blocked executables as Power Apps, but this should only be done when absolutely necessary as power applications are excluded from all AppGuard protection. I haven't needed to add any security applications as power applications on my system but I do have a few MemoryGuard write exceptions.

Regarding Sandboxie, the sandbox container folder needs to be in user space so that guarded applications can write to it. If it is in the default location of c:\sandbox, it has to be moved from system space to user space. If it is located on an alternate partition, it will automatically be in extended user space.

The following notes may help to give you some guidance regarding AppGuard customisation. Sections 2.2 and 2.8 are relevant to Sandboxie: -

AppGuard - New Getting Started Tutorial wanted

 

It means that if a guarded application tries to write to a protected file such as the hosts file for example, it will be blocked. I have seen an attempted hosts file update via the browser blocked on my system, so I can confirm that it works.

 

Hello,
I'm finally trying appguard on my main pc and i'm trying to configure everything just right so no problems will arise...can I ignore the alerts below?

I appreciate any help you guys can give me

here's my settings so far in appguard...
http://imgur.com/a/u6Ejt

and here's my issue regarding sandboxie, how can I remedy this?
http://imgur.com/MiBRflJ

 

By giving Guarded processes permission to write to Sandbox folder.

Simply add c:\Sandbox and give it read/write permissions and you should be fine.

In fact, this should virtually stop all your events in the log from appearing again.

 

Thanks, I knew I forgot something...another problem i'm having is chrome is very slow to start and loading pages since I installed AG, are there any tweaks I make to help speed things up?

 

When I combine the two I find that it's actually Sandboxie slowing down my browser. So I can't help you there. Sorry!

My solution was to remove Sandboxie because I like AppGuard better and it's more user friendly to my wife.

 

NP, so none of the logs above I need to be concerned with?

Like these
08/12/13 03:41:03 Prevented <Windows Task Manager> from reading memory of <WinPatrol System Monitor>.
08/12/13 03:41:03 Prevented <Windows Task Manager> from reading memory of <ESET Service>.

One alert said that AG was preventing chrome from reading chrome's memory could that be why it's slower?
where do I find past logs from AG?

AG is confusing as heck

 

You can safely ignore those events. I also have Chrome prevented from reading Chromes memory, but there is no drawback to this. It's as safe as can be!

 

AppGuard events are recorded in the Windows Event log. You can use the Windows Event Viewer to view them.

As I previously explained to you in post #2860 above, MemoryGuard events can usually be ignored. If it bothers you, you can make a MemoryGuard read exception for Windows Task Manager. You can use wildcards in ignore message rules and exceptions so by specifiying an asterisk (*) in the target, Windows Task Manager should then be able to read the memory of all applications.

Which protection level are you using, High or Locked Down? If you are using Locked Down, you can expect to see MemoryGuard read events.

BTW, it would be a good idea to make a MemoryGuard write exception for CleanMem.

AppGuard isn't really that confusing: you just have to take the time to get to know how it works. The help file is a good place to start. I also gave you a link to a short tutorial I wrote to help new users understand the customisation options. The AppGuard release notes are also helpful: http://www.blueridge.com/index.php/products/appguard-information

 

I appreciate the help guys, i'll fiddle with it later today

 

i am using avast free,sygate firewall, winpatrol, shadow defender (used on demand as needed), sandboxie, the usual builtin windows protection and each time i try and run a problem app or game, sygate pops up to ask for firewall permissions.

 

Garry, I was asking overkill what real-time applications he or she will be using with Appguard. My post for you was that you will have to get advice from Barb because I don't know anything about steam. Sorry! Since you mentioned it though; have you had any problems with AG conflicting with any of your other security products? I can help you with that unless it's Sandboxie. I do not use Sandboxie, and special exceptions have to be made for Sandboxie. It would be best you get advice from a Sandboxie user that has been using them successfully together. I do know the exceptions you will need for the rest of your security applications.

 

I wonder what happened to the next release of AG. Maybe they decided to skip 3.5, and release 4.0 instead. I thought we was going to see another beta release almost 2 weeks ago. Barb, when will we see the next release?

 

Hopefully later today.

 

Also BlueRidge developers have some vacation, is it ?

 

Yes, right after they release next beta....

 

Exactly where/how do you do this in AG?