Faronics Anti-Executable Standard 5 is live with granular publisher control

Yes AppGuard is here to stay.I will admit it,I am a AppGuard FanBoy and I dont mind saying so.I just need a AppGuard FanBoy T-Shirt.

 

Are you sure you've downloaded version 5? I haven't tested it yet as I keep getting version 421.1111.292 which is for sure the old buggy one displaying your symptoms. I don't understand, somebody advertises the new version and the old one is downloaded instead....

 

I was getting v4.21 for a while after the announcement of v5, but now v5 is up.
http://www.faronics.com/downloads/download-files/?product=769

 

My question was really addressed to chris1341 as he has experienced the notorious behaviour of old versions. I've tried 4 different downloads (in the last 10 minutes) and they are all v421.

By the way how is v5 behaving on your system? (tell us the OS you are using please).

 

I've just downloaded from your link and I still get v421, probably not all servers have been updated.

 

Sorry, just trying to help.

So far so good. Xp Home SP3 32-bit

 

It was the new one, version 5. Yeah seems strange to advertise new version when the servers still hold the old one. I'll drop them a note to see if there are known issues or logs etc I can send them to investigate.

Could it be because I'm asking it to monitor dll execution? Why wouldn't this be necessary and on by default?

Cheers

 

Hey, don't get me wrong, you did very well indeed.

I'm not surprised, all versions work flawlessly with XP. My take is that most of their corporate clients use XP still.

@chris 1341
I'm disappointed, for a moment I thought perhaps you had the old version, if you got the same kind of behaviour as in the past it is most likely that it will behave similarly on my system.

You are right with dll execution, it made things even more sluggish, but these problems existed even before the reintroduction of this feature. I'm still pondering whether I should even bother testing it... Are you using XP, Vista, Win7?

 

Yeah, I keep trying this as the versions move on as I think it has real potential but I am continually disappointed. It was (reloaded pre-install image now, the one thing I can't take from any product is sluggishnes) Win 7 HP x64 this time and I might try it on the laptop or netbook, also Win 7 now, at some point but not top of my list.

The search goes on for something to pair with (or replace) AppGuard to ensure something lurking does not take hold while reducing protection when installing software. Voodooshield appears to do nothing to prevent scripts/dll's running and no 64 bit ExeRadar yet.

 

These features will be covered soon

 

Downloaded Faronics A-E version 5.0.
Installed and running on Windows 7 32-bit box, 2GB RAM, dual core processor. No freezes or lockups or slowdowns so far. Knock on wood.

It looks like it's working as advertised.

Rich [whose user name is Rmus] has been using this application since version 2.X and, from his screenshots posted throughout these forums, it looks like A-E has stopped a lot of malware from infecting his system.



Carlos

 

Nice, hope it keeps going for you. Anyone on Win7 x64 getting it to run smooth? Both you and djohn seem to be getting it going well on x32.

I thought Rmus was still using Version 2 from his excellent screenies in his extremely helpful posts, no?

Thanks

 

From his screenies, yes, I'm also assuming he's still at version 2.x

 

Exactly my feelings. I've managed to finally download V5, and overall there has been an improvement. As you mentioned, DLL execution monitoring is an option when installing V5 which I duly checked it off.

Rebooting was normal and opening the GUI there was the first surprise: clicking SETUP tab, DLL execution is unchecked although I had specifically check it during installation. When I tried to check it off again nothing would happen. Bad omen, from experience I clicked USERS tab, unchecked AE Admin role and rechecked it again (If one tries that, beware NOT to click apply as you will be left without admin rights, only an image will save you).

After doing this I was able to check effectively DLL execution within the SETUP tab.

I thought a bit convoluted (but not normal), so far speed hasn't been affected, then all of sudden there was a real tsunami of AE alerts asking to authorize DLL execution mostly from the OS. Okay, I thought the program seems to work after all.

When I finally tried to open up at random some of the programs from my start menu, most of them did without delay but required to authorize their DLL except that with some programs the machine would lockup hopelessly requiring a hard restart. After the third lockup, I was very happy to let Rollback Rx clean up the mess.

This program has the potential to replace an antivirus without having to worry about new signatures, updates, system resources, but for the last 4 years it has been working erratically in too many machines (mostly Vista and Win7) to be taken seriously.

 

it gave me trouble when i tried it last year,it lock my system down

 

I've running this new version of A-E on Win 7 32-bit without any glitches...so far.

I'm guessing that the differences between our installations might be based on the fact that when I installed on my PC, I left the DLL monitoring setting unchecked.
I noticed this setting was not ticked by default during the installation, thus I left it un-checked.

In fact, in the .pdf user-guide I noticed the screenies and that setting is not check-marked either. Although, my understanding is, that it would be advisable to check it for better protection but, if it's going to cause PC-lockups, then the trade-off is not worth for me.



Carlos

 

During installations checking the DLL adds them to the execution control list,formely called whitelist.This just builds the whitelist to allow all the DLL's.The option to monitor is all together different and monitors the whitelisted DLL.So I believe if one wants to monitor the DLL's, building a whitelist before hand will eleminate lots of pop ups to allow or deny execution of DLL's if monitoring mode is selected.Maybe faronics can chime in on this.

 

You know your reasoning makes sense that DLL checking when installing and 'Monitor DLL execution' are two different things. But why would you monitor the whitelisted DLL? Unless 'Monitor DLL execution' will monitor any DLL executing whether whitelisted or new.

 

yes that makes pefect sense that it monitors any changes in the whitelist and any new DLL.I hope the OP faronics will touch base at some point to address any questions and problems that some are having.

 

I'm guessing if by ticking "DLL Monitoring" setting creates such a burden on your computer CPU/Memory, then this setting hasn't been implemented correctly by Faronics.
Other applications similar to Faronics A-E [such as AppGuard] monitor DLLs by default and doesn't cause slows downs from everyday use of your PC.

I hope the Faronics representative [the OP I guess], can give us a little insight of why checking DLL monitoring on A-E causes more problems than it solves.



Carlos

 

When installing AE v5 here I checked DLL monitoring on install and also have "Monitor DLL Execution" checked in the GUI with no noticeable slowdowns whatsoever. Must be an OS thing. As Xp Home SP3 32-bit is working fine so far.
Edit: Boot up time is moderately slower but tolerable.

 

I was checking another installation of Faronics A-E version 5.0 on an exclusively testing PC I have [that one, running Win 7- X64-bit] and, apparently, the "DLL monitoring" bug problem is enhanced on X64-bit OSes. To compare this installation to my main PC, I selected/checked that DLL option [this main PC runs Win 7 - 32-bit] and I haven't seen any problems, slowdowns or bugs so far, with the DLL monitoring selected. Thus, I'm assuming it might be a X64-bit OS problem only.

I've sent e-mail to Faronics support inquiring about this problem but, since it's weekend already I might need to wait until early next week to get a response from them.



Carlos

 

I guess its a hit or miss with AE, perhaps OS dependent.Thats one thing I dont hear about AppGuard or experience slow downs..Dont even know it's there until it starts swatting away excutables.