AppGuard 4.x 32/64 Bit - Releases

It's not enough to right click and select "Run as administrator" on the installation program while using a standard account, correct?

 

Yes It is

 

Generous discount

 

Still trying to learn how to setup Appguard, I have many questions but here goes my first. The Sandboie folder should be added to the Gaurded Apps or User Space tab and are was that referring to Sandboxie Container or the Sandboxie Program Files folder? Reason I ask to clarify is because I see someone stated Guarded Apps and someone else stated User Space. Thanks!

dja2k

 

Guarded apps can't write to system space so Sandboxie container has to be added to user space in AppGuard or moved to user space in SBIE settings to allow guarded apps to write to the container.

That's all.

Adding SBIE processes as guarded or program folder to user space will cause real issues as AppGuard will then place restrictions on how SBIE works.

Cheers

 

If I have appguard set at medium do I need to disable any HIPS or behavior blockers in any antivirus I add? Also, is there a list of known conflicts (if any) listed somewhere?

thanks

 

The number of. conflicts with AppGuard have reduced dramatically with version 4 as a result of changes to the way memory guard works now but you won't know till you try I suppose. Of the stuff I've tried I e had no issues though. Most will be able to be resolved with tweaks to exceptions if required. Might also want to consider if you need HIPS/BB with AppGuard

Cheers

 

Instructions for setting up Sandboxie can be found in section 2.2 here: https://www.wilderssecurity.com/showpost.php?p=2298875&postcount=5

As chris1341 said, whatever you do don't add any Sandboxie processes as Guarded Apps. It's only the sandbox container folder that you need to move from System-Space to User-Space.

 

Thank you for the reply.

 

How would Appguard fit in with my setup? I'm really interested in protecting my internet facing apps and "shoring" up Sandboxie. Could it replace OA HIPS protection?

Are there any problems with Appguard and Steam? Can it offer protection while using Steam? I'm pretty sure I installed Steam on my data hdd but I'm sure there is DRM is on my system partition.

How is Appguards protection different from SRP and EMET? Be gentle as most of these types of protections are new to me. I'm just looking to keep up with today's threats.

 

For steam I followed some advice in the Appguard 3 thread. I have my games installed to G:\games with steam and origin installed in that directory. I set a user-space exception to appguard like so
.

Then I made a administrator user account called gaming and changed the permission so my normal user account can't access it. I set for all child directory to inherit these permissions and haven't had a problem with it (so far).



Whenever I run steam I have a shortcut that runs it as gaming user account. "C:\Windows\System32\runas.exe /user:gaming /savecred G:\Games\Steam\Steam.exe" (Quotes not needed)
I trust steam enough to have it run unguarded and I would suggest not running it guarded as it may cause conflicts. Anything that would run this way anyway would not affect my user account (probably). Steam's anti-cheating mechinism may flag any attempt to modify steam as cheating anyways.
For emet check out this thread https://www.wilderssecurity.com/showthread.php?p=2256369#post2256369

O and be sure to move any saved games to the new user account. Some get covered by steam. Some are located in the "my documents" and some are in the %%appdata%% directory. You can use game save manager to find most to all game saves. http://www.gamesave-manager.com/
I also added EA and Valve in the Publisher Tab as guarded=no, Privacy=no, memory read and write= no. Install=yes.
You can do this with Origin game client as well.

 

Thanks for the clarification!

dja2k

 

I see user-space contains C:\Users, but my libraries i.e. documents, pictures, etc. are on D:\. Does this mean I can safely add D:\ directory to the user-space? Thanks!

dja2k

 

Yes, it is recommended to add all drives other than C drive as user space.

 

Should be by default, right?

 

Yes, indeed. Also I would like to see import/export settings feature. Its very useful when doing version upgrades. I have quite a lot of rules in my AppGuard.

 

Ok got it thanks!

dja2k

 

I mean afaik it is by default, the import export can be achieved by keeping the AppGuardPolicy.xml in the program files or is it appdata..not sure but that file has your rules.

 

Yes an import\export rules function so you can sure your Rules with me cause I am barely understanding how Appguard works. Okay I have my Firefox profile on my R:\Ramdrive, so I am guessing that the Firefox folder in the Ramdrive should be added to user-space as well since by default it would've been on C:\Users. Is this correct? My SBIE container folder is in my Ramdrive too, so maybe I should just add all of R: as well.

 

Yes, you should add you Ramdrive as user-space. You may also want to provide read/write permission for your sandboxie folder (not the one in program files).

 

That would be added in the Guarded-Apps under folders options correct? Also I assume I can add My Documents to Guarded-Apps folders and Deny Access? Same for My Downloads but set to Read\Write? I don't know if I am correct on these though. Thanks for all your help thus far.

dja2k

 

Thank you Jryder54 for your very detailed post. So using my standard user account with Appguard and Steam/Origin is a no go? Or are you just creating the new admin gaming account to simplify and isolate itself from other accounts?

Does this new account not need setup (tweaked) like my other accounts since it will only be running from a shortcut? For example I disable a lot of unnecessary items and that list will grow as I become more familiar with Windows 8. I don't need to log in that account correct?

Also, will the Appguard devs be working on a simpler solution to deal with Steam and Origin?

 

Yes, that's where you make the permissions. myprivatefolder folder is created by AppGuard. I tried to delete it, but it comes back on reboot. You can place some confidential data or other important documents in that folder. No guarded apps will be able to read/write that folder. So your data remains private and secured if placed inside it.