Discussion in 'other anti-malware software' started by max2, Jun 26, 2016.
How is AppGuard better ?
Can configure AppGuard to block vulnerable processes and file execution completely in Lock Down mode.
Some malware, even in SUA can bypass UAC - and infect your system.
Sorry what is SUA ? I feel stupid.
Also where can I download the trial version of AppGuard to try it ?
SUA = standard user account
LUA = limited user account
After July 1st, version 4.X will no longer be available; version 5.X will be offered.
Btw, SUA = LUA
LUA was the pre-win8 denomination if im not wrong.
The only thing I know about either a LUA or SUA is that both can be a pain.
I know and agree. There has been many years since I dropped LUAs/SUAs, better off with superb specialized extra protection.
i like my SUA (for now)
Well I can confirm SUA with UAC deny elevation of unsigned and parental control with Smartscreen require admin consent works really well.
Advantage of parental control is the option to allow programs on the fly (asks whether parent is around to grant access)
Me too. I never thought I will get used to using it, but now I really like it
means you are using the parental control as an anti-exe?
Yes, together with deny execute / traverse folder ACL for most vulnarable folders since parental control (as far as I know) only checks on executables (not dll etc).
i see, that is an original use of it, never imagined it this way.
Since Windows 8.1 you can use Windows Aps for skype, pdf, music, video and pictures stuff. So every program facing the internet can run in AppContainer (disabled IE and WMP). This reduces the vulnability of medium IL processes, hence increasing the strength of standard user.
When you use Office, the TrustCenter has a lot of options to harden Office (e.g. disable Macro's, Active-X, Plug-ins, external content, etc). Documents folder is the only trusted location and it has deny execute/traverse folder ACL for Everyone. The other user folders are only protected by Parental Control. Because they are not in the my Documents trusted location, Office opens them in protected view as if they were from the internet. I have upped the Internet Settings to high, protect system DLL's, safe search DLL order and block DLL's from network to make parental control stronger (it only guards executables). All these precautions makes it pretty hard to misuse Office applications.
i also disabled them with SMB and XPS things. For internet-faced 3rd party apps , i have them portable for most (VLC, etc.) , HMPA-ized and sandboxed
LOL, these comments bring back certain memories.
Separate names with a comma.