AppGuard 4.x 32/64 Bit - Releases

Is anyone else experiencing a brief pause when clicking on the Customize button before the GUI opens? This only started to occur after they released the beta, and I have never experienced this before. It's not a big deal, it's kind of a small glitch. I just think it's odd.

 

Can't say I've noticed this :-/ how long are you talking? It's still 'pretty much' instant on my end.

 

Hi CE, I do. And for me is no bid deal either but would nice not to have.

 

You can learn all you need to know about Powershell by doing a Google search. I don't mean that in a snarky way. Powershell is a tool mostly for Network Administrators, Data Base Administrators, and is useful for Developers. Very very few Home Users need it. It is often used by hackers to infiltrate the System so it's best to block it from running if you don't use it. I recommend you add it to the user-space with the Include Flag set to "Yes" This will block Powershell from running.

 

Just a little over a second.

 

Yeah, it's not a big deal; I just wonder what change they made that is causing it.

 

@kreto - see post #3994 for paths to be included.

 

@Barb_C

I think not having Lock-Down Mode on the Main GUI is probably a good move.

I prefer to right-click the Tray Icon to enable Lock-Down Mode.


However, Lock-Down Mode should NOT be completely removed from AppGuard.

 

I second this opinion. Please don't vanish away Lock-Down Mode when right-click. In fact I am getting used to.

 

thanks Cutting_Edgetech you just save for a some hours on google
and thanks for post nr paulderdash
kreto

 

Hi
trying to install appgurad but it goves in to remove mode and during remove it says start rollback
i have tried disable security apps one by one cleaned junk reboot.....and it´s is still the same
any ideas what to do? (win 10)

thanks kreto

 

@Barb_C

Idea...

Add right-click option in AppGuard tray icon menu to Add Running Process to Guarded Apps list.

It will generate list of running processes and user can select which one(s) to add to Guarded Apps.

Just something to consider...

 

BRN should exclude processes that will cause problems.

Their user interface is a disaster as it stands...

 

I totally agree with you Pete. AG is a policy hips, some wants all kinds of "protection" to add to what they want (and easy) and still expect that they can't screw up their system.

 

Really ? Ease-of-use cannot be improved ? Really

Right-click on blocked User Space process in Activity Report - add to Guarded Apps would smash system ?

I think not.

NVT ERP, Emsisoft, HMP.A, etc, etc - all keep user "ergonomics" in mind so user can easily configure soft.

Ease-of-use = optimal user experience with the soft.

I've seen this a million times... fanboys blindly defend a soft, despite a need for improvement.

Golden Rule: The security soft with high protection and can be used with least hassle wins...

 

I happen to agree with this. Only real issue I have with stable or the Beta is event ID information or lack of. Knowing exactly what is being blocked in the background is not only useful but necessary should it be a legit function hampered by the blocking. The changes with the Beta as far as removing lockdown mode from the main UI I personally think is a smart move. Making configuration easier for average to medium knowledge users would in effect attract more business, but offsetting the financial/time spent would be a task.

 

Or to put another way, AppGuard might still own us. The sickest way happens when software developer(s) are put into users owning them. It happens!
None of those software you mentioned are not much making money I guess, though the latter is not exactly a hips.

To ask something in hips things has always killed the software. So please just keep AppGuard basically a main stream software (well not exactly of course) but anyways something like Sandboxie is, today, not when tzuk was owned.

And you did ask something like from running processes rather than from some activity log I think?

 

@Barb_C

Here is perfect example:

Add C:\Users\HJLBX\AppData\Local\Temp\Hitmanpro_x64.exe to Power Apps.

During scan and malware removal (malware testing) AppGuard Activity Report shows "Blocked C:\Users\HJLBX\AppData\Local\Temp\Hitmanpro_x64.exe" from writing to <C>."

Now one cannot know what is blocked from the Activity Report entry.

Is it important or is it something that can be ignored ?

HitmanPro is a security soft, therefore one should not adopt the attitude "Nothing appears to be broken" so I will ignore it; HMP might have been blocked from making important and required changes to <C> that are not immediately apparent.

Then again it could be something innocuous.

Can't make any kind of determination with AppGuard logging...

Besides, HitmanPro is in PowerApps - so there should be no blocking of HitmanPro whatsoever by AppGuard.

Addressing these sorts of issues are primarily what I mean when I say that AppGuard's usability needs to be improved.

More detailed explanations in the Help file about how AppGuard works, unexpected behaviors and what blocks can be ignored - plus bugs\issue fixes - will go a long way in reducing the number of Lock Down mode support requests.

 

I agree with this.

 

@Barb_C

Here is another example:

Set AppGuard to Install Mode.

Install Kingsoft WPS.

During installation, AppGuard blocks C:\Program Files (x86)\WPS Office\10.1.0.5486\wtoolex\wpsupdate.exe from writing to c:\windows\tasks\wpsupdatetask_hjlbx.job.

That .job file is required for WPS automatic updates; it uses the Task Scheduler.

 

Yes, AppGuard also blocks Hitman Pro from updating even though I have always made Hitman Pro a Power App. AppGuard also blocks Webroot Secure Anywhere from running something in the user-space sometimes that it uses to update. I think it would be best Webroot change how WSA updates though in that case. Appguard is still the most user-friendly policy based Security Software I can think of. Policy based software is usually not user friendly. It usually requires some knowledge on the user's part.

Yes, you can't always say that it's ok to block whatever as long as it does not seem to cause an obvious problem right away. It can be causing problems the user is not aware of, or it may start to cause problems own down the road. Security software is one of those things that you don't want to ever see in your AG Activity Report. It all depends on what is being blocked.

Edited 1/31 @ 8:36

 

Barb informed me today That AG will remember the last path browsed when adding items to the user-space, and adding Power Apps now. That will greatly cut down on my time configuring AG.

 

The point of Power Apps is that AppGuard is not to interefere - in any way whatsoever - with HitmanPro's operation.

At least that is what any user - novice to advanced - would expect based upon the description of Power Apps in the AppGuard help file.

NOTE:

HitmanPro does not use anything outside of its designated file path to update or to remove malware... so there should be no blocking. Even if there is, there should be logging sufficient for user to figure out - at the very least - what specifically has been blocked - so that they can report the details to BRN and they can fix it.