Appguard & Avast 6 Free

Hi,

I have been reading some threads here about Appguard. I have a XP Home System and Win7 starter Edition I'd like to protect.

On both machines, Avast 6 free is installed, that offers some kind of malware protection (it stops for example executables from USB sticks).

Do I need also Appguard and do both work fine together ? I don't like much BSOD...

Thanks for your advice(s).

 

You don't need Avast, only second opinion/on-demand scanners like Malwarebytes' Anti-Malware, SUPERAntiSpyware or Hitman Pro. AppGuard provides maximum realtime proactive security.

 

Not sure about avast! free but on the Internet Security (version 6) suite I had a number of issues with Appgaurd on a friends machine (Vista HP 32 bit).

Appguard prevents certain types of activity in User Space. One of avast's shields appeared to be re-directing browser activity via a User/appdata temp folder that Appgaurd did not like. Adding exceptions to Appgaurd eventually got IE working but I could not get Firefox going for him at all.

He likes avast! so stuck with that.

It's a different OS with all the variables of software configuration inherant in any comparison but my mileage for what it is worth. The Appgaurd trial is free but with a PITA pop-up at each reboot but would let you check it out. Seems to uninstall OK other than files in the Program Data and Program Files folders if you have issues. Also support is good if you need it.

To answer your other questions he was trying Appgaurd because he recognises, as do most I think, that while avast! is light, fast and good at preventing more established malware it is lacking in zero day protection. I'm sure as version 6 matures and the behaviour blocker and sandbox benefit from their huge user base it will improve but I would not use it on its own yet.

For me Sandboxie properly configured is the Alpha and Omega of security products and apparently works OK with avast! if you want to try an alternative to Appgaurd. Many many others out there I'm sure.

Cheers

 

Thanks for you answer, and for the others.

I think I could disable the malware Analysis of Avast 6 and let Appguard come in.

 

Regular AVs have some issues with AppGuard (at least the ones I've tried). This is due to the design of AppGuard and not due to poor coding.

I too would suggest you use AppGuard with a second opinion scanner such as Malwarebytes Anti-Malware or Hitman Pro. AppGuard with settings at max is close to impossible to penetrate for malware. You need the second opinion scanner to determine whether a file is safe or not before you set AppGuard in 'install-mode'.

 

I go along with this. I ran AG with Avast for about a year. I only used two of it's shields and thought it was great at the time. Resource numbers looked great but after uninstalling, web surfing became alot faster. Avast had serious loading issues with pages like Comodo forums. At the time, I blamed Comodo forums for it but as it turned out, it was Avast. After many tries in the past unsuccessfully, I managed to get MSE to work on my setup. I used it for about six months with no issues. About a month ago, after one def update, it went bonkers on the CPU. I uninstalled it and went without an AV for a week. For the last three weeks, I've been using Prevention free. I was leary about it to start with, but for my old laptop it works perfect for I want it for. My personal opinion, you don't need a full time AV with AppGuard. Just an occasional scan with Malwarebytes or Hitman Pro.

 

That's very interesting because I find most AV to cause some slowdown at times, each having its own area of slowdown (some while browsing, some while scanning a compressed exe, etc.). . At the same time, it seems Appguard blocks silently a lot of legitimate applications or behaviors, I would rather not lose (a working machine) on one hand what I earned on the other (speed).

 

I agree that it does do this. Less now than in the past but those for now are easily fixed by spending a little time on each situation.

 

Thanks. When I look a the screen capture on their website, I saw that you can "hide" messages from the log window, but is hiding the same as allowing the given behavior ?

Also, I don't really find on their Website if it's compatible with win7, Vista, XP (I once saw a software that was working ok with 7 and XP but no with Vista !).

 

Oops, finally found the info about supported os in the support page.

 

Agreed. I think that is one of the reasons why more and more people turn towards AppGuard; it's low overhead is truly amazing.

As you mention, the drawback is that AppGuard blocks legitimate applications if not configured properly to your own needs (which takes some time to do).

 

No, it's still blocked. Which alerts you see depend on the way you customize it through the Alerts tab in Customize. Allowed apps/actions are customized through the User-Space and Guarded Apps tab

 

Ok, thanks for the confirmation. I guess I now have to test it and see how it works. If I only could remove all AV from my HP 210 mini that would be great, because it's far from powerful !

 

I've been running appguard without an AV for over a month. I use mbam for occasional scans and to ckeck downloads. Running safe and light.

 

I find that AG alone is enough. I'm not the occasional scan kind of guy but I do force myself into doing it. I really like MBAM, have license for it but can't run it real time which is what I would like to do. For some reason, it often causes a restart of the BFE service which then turns the CPU into toast until the next reboot. So instead of having it installed always, I take a snapshot, install, scan and roll it back. I have done occasional scans with Hitman, but really thinking about dumping it. My last scans took longer than Avast or Mse did when I used them. I really like having an AV-less laptop even though I am running Prevention free which is almost AV-less, lol. I used Prevention's white list and scans are short. Prevention also does not slow down my old laptop and for what it's worth, it registers itself with Win 7 action center, lol.

 

Just a question : what is this "Prevention (free)" software you are referring to ? Thanks.

 

I agree. This is the way I'm using it. I only have a third party firewall running along side.

 

I found it here at Wilders, give me a minute to find the link...

Here it is, number 17
https://www.wilderssecurity.com/showpost.php?p=1812034&postcount=1

 

I have 2 examples I don't know how to handle :
- Prevented process <Processus hôte pour les services Windows> from writing to <c:\windows\prefetch\searchfilterhost.exe-77482212.pf>.
- Prevented process <chrome_canary_installer.exe> from writing to <c:\windows\inf\setupapi.app.log>.

How do I allow these applications to perform as they should ?

Thanks.

 

For the first one, I added the Prefetch folder as an Exception folder for Guarded Apps.

The second one and with the latest version of AG, I don't get anymore. Anywho, if you want it to write to setupapi.app.log, browse to the path in the Exception Folders again but just select only the file setupapi.app.log instead of the entire inf folder.

 

Thanks, will try that !