Faronics Anti-Executable Standard 5 is live with granular publisher control

Discussion in 'other anti-malware software' started by faronics, Apr 2, 2012.

Thread Status:
Not open for further replies.
  1. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Yes AppGuard is here to stay.I will admit it,I am a AppGuard FanBoy and I dont mind saying so.I just need a AppGuard FanBoy T-Shirt.
     
  2. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,851
    Are you sure you've downloaded version 5? I haven't tested it yet as I keep getting version 421.1111.292 which is for sure the old buggy one displaying your symptoms. I don't understand, somebody advertises the new version and the old one is downloaded instead....
     
  3. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,581
    I was getting v4.21 for a while after the announcement of v5, but now v5 is up.
    http://www.faronics.com/downloads/download-files/?product=769
     

    Attached Files:

  4. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,851
    My question was really addressed to chris1341 as he has experienced the notorious behaviour of old versions. I've tried 4 different downloads (in the last 10 minutes) and they are all v421.

    By the way how is v5 behaving on your system? (tell us the OS you are using please).
     
  5. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,851
  6. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,581
    Sorry, just trying to help. :gack:

    So far so good. Xp Home SP3 32-bit
     
    Last edited: Apr 5, 2012
  7. chris1341

    chris1341 Guest

    It was the new one, version 5. Yeah seems strange to advertise new version when the servers still hold the old one. I'll drop them a note to see if there are known issues or logs etc I can send them to investigate.

    Could it be because I'm asking it to monitor dll execution? Why wouldn't this be necessary and on by default?

    Cheers
     
    Last edited by a moderator: Apr 5, 2012
  8. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,851
    Hey, don't get me wrong, you did very well indeed.

    I'm not surprised, all versions work flawlessly with XP. My take is that most of their corporate clients use XP still.

    @chris 1341
    I'm disappointed, for a moment I thought perhaps you had the old version, if you got the same kind of behaviour as in the past it is most likely that it will behave similarly on my system.

    You are right with dll execution, it made things even more sluggish, but these problems existed even before the reintroduction of this feature. I'm still pondering whether I should even bother testing it... Are you using XP, Vista, Win7?
     
  9. chris1341

    chris1341 Guest

    Yeah, I keep trying this as the versions move on as I think it has real potential but I am continually disappointed. It was (reloaded pre-install image now, the one thing I can't take from any product is sluggishnes) Win 7 HP x64 this time and I might try it on the laptop or netbook, also Win 7 now, at some point but not top of my list.

    The search goes on for something to pair with (or replace) AppGuard to ensure something lurking does not take hold while reducing protection when installing software. Voodooshield appears to do nothing to prevent scripts/dll's running and no 64 bit ExeRadar yet.
     
    Last edited by a moderator: Apr 5, 2012
  10. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,024
    Location:
    Christchurch, UK
    These features will be covered soon ;) :blink:
     
  11. chris1341

    chris1341 Guest

    :thumb: :thumb:
     
  12. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA
    Downloaded Faronics A-E version 5.0.
    Installed and running on Windows 7 32-bit box, 2GB RAM, dual core processor. No freezes or lockups or slowdowns so far. Knock on wood.

    It looks like it's working as advertised.

    Rich [whose user name is Rmus] has been using this application since version 2.X and, from his screenshots posted throughout these forums, it looks like A-E has stopped a lot of malware from infecting his system.



    Carlos
     
  13. chris1341

    chris1341 Guest

    Nice, hope it keeps going for you. Anyone on Win7 x64 getting it to run smooth? Both you and djohn seem to be getting it going well on x32.

    I thought Rmus was still using Version 2 from his excellent screenies in his extremely helpful posts, no?

    Thanks
     
  14. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA

    From his screenies, yes, I'm also assuming he's still at version 2.x
     
  15. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,851
    Exactly my feelings. I've managed to finally download V5, and overall there has been an improvement. As you mentioned, DLL execution monitoring is an option when installing V5 which I duly checked it off.

    Rebooting was normal and opening the GUI there was the first surprise: clicking SETUP tab, DLL execution is unchecked although I had specifically check it during installation. When I tried to check it off again nothing would happen. Bad omen, from experience I clicked USERS tab, unchecked AE Admin role and rechecked it again (If one tries that, beware NOT to click apply as you will be left without admin rights, only an image will save you).

    After doing this I was able to check effectively DLL execution within the SETUP tab.

    I thought a bit convoluted (but not normal), so far speed hasn't been affected, then all of sudden there was a real tsunami of AE alerts asking to authorize DLL execution mostly from the OS. Okay, I thought the program seems to work after all.

    When I finally tried to open up at random some of the programs from my start menu, most of them did without delay but required to authorize their DLL except that with some programs the machine would lockup hopelessly requiring a hard restart. After the third lockup, I was very happy to let Rollback Rx clean up the mess.

    This program has the potential to replace an antivirus without having to worry about new signatures, updates, system resources, but for the last 4 years it has been working erratically in too many machines (mostly Vista and Win7) to be taken seriously.
     

    Attached Files:

  16. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,923
    Location:
    Canada
    it gave me trouble when i tried it last year,it lock my system down:D
     
  17. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA
    I've running this new version of A-E on Win 7 32-bit without any glitches...so far.

    I'm guessing that the differences between our installations might be based on the fact that when I installed on my PC, I left the DLL monitoring setting unchecked.
    I noticed this setting was not ticked by default during the installation, thus I left it un-checked.

    In fact, in the .pdf user-guide I noticed the screenies and that setting is not check-marked either. Although, my understanding is, that it would be advisable to check it for better protection but, if it's going to cause PC-lockups, then the trade-off is not worth for me.



    Carlos
     
  18. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    During installations checking the DLL adds them to the execution control list,formely called whitelist.This just builds the whitelist to allow all the DLL's.The option to monitor is all together different and monitors the whitelisted DLL.So I believe if one wants to monitor the DLL's, building a whitelist before hand will eleminate lots of pop ups to allow or deny execution of DLL's if monitoring mode is selected.Maybe faronics can chime in on this.
     
    Last edited: Apr 6, 2012
  19. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,851
    You know your reasoning makes sense that DLL checking when installing and 'Monitor DLL execution' are two different things. But why would you monitor the whitelisted DLL? Unless 'Monitor DLL execution' will monitor any DLL executing whether whitelisted or new.
     
  20. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    yes that makes pefect sense that it monitors any changes in the whitelist and any new DLL.I hope the OP faronics will touch base at some point to address any questions and problems that some are having.
     
  21. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,566
    When I tested some of the versions where they added the DLL monitoring, checking it so the DLL's would monitored put an anchor on my machine. Slow down was horrible.

    Also the cost is high, considering one can take other HIPS, and essentially use the as an Anti Executable.

    Pete
     
  22. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA
    I'm guessing if by ticking "DLL Monitoring" setting creates such a burden on your computer CPU/Memory, then this setting hasn't been implemented correctly by Faronics.
    Other applications similar to Faronics A-E [such as AppGuard] monitor DLLs by default and doesn't cause slows downs from everyday use of your PC.

    I hope the Faronics representative [the OP I guess], can give us a little insight of why checking DLL monitoring on A-E causes more problems than it solves.



    Carlos
     
  23. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,581
    When installing AE v5 here I checked DLL monitoring on install and also have "Monitor DLL Execution" checked in the GUI with no noticeable slowdowns whatsoever. Must be an OS thing. As Xp Home SP3 32-bit is working fine so far.
    Edit: Boot up time is moderately slower but tolerable.
     
    Last edited: Apr 7, 2012
  24. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA
    I was checking another installation of Faronics A-E version 5.0 on an exclusively testing PC I have [that one, running Win 7- X64-bit] and, apparently, the "DLL monitoring" bug problem is enhanced on X64-bit OSes. To compare this installation to my main PC, I selected/checked that DLL option [this main PC runs Win 7 - 32-bit] and I haven't seen any problems, slowdowns or bugs so far, with the DLL monitoring selected. Thus, I'm assuming it might be a X64-bit OS problem only.

    I've sent e-mail to Faronics support inquiring about this problem but, since it's weekend already I might need to wait until early next week to get a response from them.



    Carlos
     
  25. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I guess its a hit or miss with AE, perhaps OS dependent.Thats one thing I dont hear about AppGuard or experience slow downs..Dont even know it's there until it starts swatting away excutables.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.