AppGuard 4.x 32/64 Bit - Releases

Should the Sandboxie folder in the Guarded app tab be set to read/write?

 

Is AppGuard enough to protect against CryptoLocker?

 

Fyi, the timeout value was 15 min. after upgrading from v.3.5.

 

On protection level "Locked Down" it should not be able to run all. On "medium" it will not be able run, if it doesn't have a digital signature. If it has a digital signature, it will run guarded and with privacy mode enabled. If it runs guarded, it will be able to encrypt everything inside user-space, except those user-space folders which have been designated as "read-only" and "deny access" (private folders).

I don't know about digitally signed malware, so I cannot predict your chances of running into a digitally signed version of CryptoLocker.

 

Not trying to take this off-topic, but what if you add NVP ERP into the equation along with AppGuard?

 

Using now AppGuard 4, I see many blocked events in AG Activity Report.

All seems to work ok, but it's quite a list !
(many items make use of "rundll32.exe" and/or are part of my printer)

 

Maybe add canon to the publisher list?

 

Thanks for your reply but I added "Canon Inc." to the publisher list, AG continues to report all those events each time I use the printer. All Canon's DLLs are not signed if it count for something.

(also, with ERP I have to put setting to "Trust" mode)

 

I have the same problem with my Canon printer. Try adding the c:\programdata\canonbj\ijprinter\cnmwindows\canon mp250 series printer\languagemodules folder to the User-Space tab and set the Include flag to No.

 

It works, AG does not report any blocked event for my printer now.

Thanks much for your help pegr !

 

Hi Pete,

What exactly happens when you set a folder to "Deny Access?" Does it literally prevent any access from that folder so you can't read from it or write to it?

 

Indeed TomAZ,

if you deny access, you won't even be able to open the folder.

 

Yes, but only for guarded applications where the Privacy flag is set to On. Unguarded applications running from System-Space and Guarded Applications where the Privacy flag is set to Off should still be able to read from the folder.

 

You're welcome.

 

Hello, just got an unexpected email from Blueridge, with a new license for version 4.
My concern is regarding Sandboxie. I am using version 4.04
Settings are
C:\Sandbox in user space

memory guard exceptions
sbiesvc.exe - read/write
sbiectrl.exe - read
sandboxiepcss.exe - read/write

Guarded apps exception folder
c:/sandbox read - write

Will these settings work with Appguard 4 ?
Many thanks in advance

 

mick92z,

as of AppGuard 4.x memory guard exceptions are no longer needed (and no longer possible, because these settings no longer exist).

C:\Sandbox as user-space or C:\Sandbox with read/write permissions should be enough. I think read/write permissions are only necessary, if C:\Sandbox is not designated as a user-space folder, though it doesn't hurt. Your settings should be adopted if you install the new version of AppGuard on the same machine.

 

Does AppGuard protect here?

Cryptolocker Hijack program

 

@AaLF

Peter2150 and I have written something at #131 /ff

 

Anyone know if the little program I saw over at Softpedia (CryptoPrevent) would conflict with AppGuard?

 

Version 4 working great, Thank You

Congratulations to the Blue Ridge team, for such a wonderful new release

Keep up the good work