Discussion in 'other anti-malware software' started by Jryder54, Oct 29, 2013.
Does AppGuard give protection against BadUSB exploits?
Automatic update still doesn't work....
Windows 8.1 spring update 64 bit.
Tried a few times..... the time difference between the install attempt on the logfile and the time on the name of the screenshot is the time difference of my last attempt.....more than half an hour.
On Windows 7 x64 the automatic update works for me, on Windows 8.1 U1 x64 it doesn't even detect an update.
On the Windows 8 system, did you click on the "Check for Updates" button on the Advanced Tab? Otherwise, it will only check upon reboot or every 3 days.
What version do you have now? Will you check to see if there is a install log file in c:\programdata\blueridgenetworks\appguard? If so, will you please send it to AppGuard@BlueRidge.com?
Asking the developer about this... It was supposed to be fixed.
Arggg! Developer says it's fixed. QA says they tested it. Heads will roll! Just kidding. They're investigating.
It should have detected after reboot or after approximately 3 days. Did you restart AppGuard and not see a notification? Did you try the check for update button on the Advanced Tab?
Does AppGuard have any kind of conflicts with Shadow Defender?
The reason is that, I am thinking about purchase a Lic.,key for AppGuard.
And how is the AppGuard Beta different from the normal AppGuard at this point
Arggg! Someone (who will remain nameless) changed the fix at the last minute and actually broke the fix.
Just what I want to deal with on a Friday afternoon! And I thought we were in good shape. Oh well.
We're going to do a quick turn on this and hope to have the update shortly. I'll post when it is ready.
Okay, so sorry about the update issue. New update is posted.
Auto-update working now.....
When I check for the update manually it always says "Update not available".
is that -3 instead of -1
What version are you running now?
Yes the latest version should be 126.96.36.199.
I believe this is the second time the beta got an update? The previous one wasn't detected either, I had to download it manually.
There have been no reported conflicts with Shadow Defender.
Some of the new features in 4.1 are:
1.Automatic self-update: AppGuard will periodically check for new updates and prompt you when an update is available. Automatic Updates can be controlled on the AppGuard Advanced Page. At some point during the beta, we will provide an update so that you can test that feature for us. Automatic Updates can be controlled on the AppGuard Advanced Page.
2.Auto-Install Mode: With this setting, Trusted Publishers can trigger AppGuard to automatically lower the protection level to Install when the publisher's applications are launched from User-Space.
3.Toaster Messages to remind you:
a.When your trial is about to expire.
b.When you have lowered AppGuard protection more than 30 minutes (and the "Automatically Resume" checkbox is unchecked).
4.AppGuard will display a warning message box when it blocks an installation or executable. The number of these messages will be limited to three at any given time. There is a checkbox on the message that will allow you to choose to never see these messages again.
5.AppGuard will now record an event during startup when it locates a Guarded Application (a positive indication vs. only the negative indications that were previously provided).
6.Additional Trusted Publishers:
7.Additional Guarded Applications:
a.Cyberlink DVD Player
c.AOL Desktop Browser
[My apologies to those who suggested we include other applications. They were deemed by management to not be mainstream enough to merit the extra support that it would require on our end if we included them.]
8.Minor GUI enhancements:
a.The "Restore All Settings To Default" button is now located on the Advanced Tab and does not require Privileged Mode in order to use (but it will challenge you to make sure that you really want to restore the settings). If you have elected not to display the blocked launch warnings, that will be reset as well.
b.Trusted Publishers are now located on the User-Space tab in the customization interface.
a.An inaccurate event that indicated that AppGuard could not locate a Guarded Application on 64-bit Machines has been fixed.
b.The Opera Browser should now automatically be added to the Guard List if installed on the computer.
c.AppGuard will now work on Japanese and Chinese OSs.
d.When adding a program to the Guard List, AppGuard will now properly enumerate programs in the Start Menu on non-English Operating Systems.
I wonder if you have FW rules that are blocking the web site? I will PM you with some instructions that I'd like you to follow to see if we can track down the issue.
Hmm. I just retried the beta update and it worked. Now have .3 on board.
Barb_C Thank you! For the additional information and sharing your life knowledge!
She did My apologies and I stand to be corrected. Thank you for pointing this out!
Any good tutorials to watch on AppGuard?
I can also confirm that I have not experienced any issues between AppGuard and ShadowDefender in my tests on Win7.
What I meant is: if malware is delivered by some exploit, then both AG and white-listing apps should be able to stop it from running. However, if you do run the malware, AG can of course also stop certain malicious behavior, just like any other HIPS.
Just to say I'm late to the party but I installed .0 very recently and it upgraded to .1, .2 and now .3 without any issues on Win 8.1 x 64. YMMV.
That's not really accurate. Whitelisting apps don't by default block exploits that are delivered via a staged process and whitelisting can and has been bypassed by exploits.
AG is not like 'any other HIPS'. I'd be surprised if an exploit was successful in the first place as Memory Guard is excellent but if one gets hold with AG installed and got shell and privilege escalation it could write to system space, after that AG would do nothing about it. A classic HIPS may well alert in that scenario.
However, AG is not classic HIPS but rather is part of a different paradigm, more akin to Defensewall and Sandboxie. It prevents threat-gates writing to places where anything dropped can do damage. If AG is breached it will prevent or guard launches in user space only. If the breach reaches system space or the user inadvertently installs something in System Space it's game over for AG.
The 'trusted enclaves', user space vs system space approach is entirely sensible and user friendly IMO, but there is no point suggesting to potential users that it offers protection it clearly does not.
Heads need not roll
It is working now, I have successfully updated to v188.8.131.52.
Update worked great here on win 8.1 x64.
Separate names with a comma.