Hi
Thanks for the reply
Are you one of the developers of AppGuard? I just went to AppGuard website but it says the AppGuard Personal is not available for buy. Is it because a new version is coming out?
Thanks again
- Status
Hi
Thanks for the reply
Are you one of the developers of AppGuard? I just went to AppGuard website but it says the AppGuard Personal is not available for buy. Is it because a new version is coming out?
Thanks again
I work with Development, but my function is Quality Control.
Here is the download page for AppGuard Personal: AppGuard | Personal
There is no ETA for the next major release of AppGuard consumer products. I expect the next release to be minor one with various fixes plus an enhancement or two.
Thanks. Just downloaded.
Cannot install as no license for the moment. Cannot buy also since website says not available for buy
So, how?
Here is the AppGuard purchase webpage: Blue Ridge Networks Store
When you download and install AppGuard there is a 30-day trial for your evaluation. You can install it without a license and activate the 30-day trial.
molhopicante
Level 1
- Oct 18, 2011
- 20
I have 2 "version.4" liceses.
Each license alow me it's use in 3 PCs.
If i buy a "version.5" license, may i use it for 3 PCs like the V.4, or just one?
Each license alow me it's use in 3 PCs.
If i buy a "version.5" license, may i use it for 3 PCs like the V.4, or just one?
- Aug 3, 2013
- 1,879
A Dev from Appguard, I didnt know you were here, welcome to MT and I would like to thank you and your team for creating a great piece of software.
HI
Can I know whether AppGuard blocks digitally signed malware? I was testing one from malc0de today and AppGuard fails to block it while it tries to install. Luckily, VS prompted me. VS said the file was digitally signed by AusLogic
This is the one I'm referring to
static.tweakbit.com/en/driver-updater/default/stub/auto/driver-updater-setup.exe (dated 31-10-2016) from malc0de
VT result is here
Antivirus scan for eb088d43e4b03d0a205cd4c6adf677cecd2d8d67a8b7ad6d6558010ee5d9acf7 at 2016-11-01 00:14:24 UTC - VirusTotal
Thanks
Can I know whether AppGuard blocks digitally signed malware? I was testing one from malc0de today and AppGuard fails to block it while it tries to install. Luckily, VS prompted me. VS said the file was digitally signed by AusLogic
This is the one I'm referring to
static.tweakbit.com/en/driver-updater/default/stub/auto/driver-updater-setup.exe (dated 31-10-2016) from malc0de
VT result is here
Antivirus scan for eb088d43e4b03d0a205cd4c6adf677cecd2d8d67a8b7ad6d6558010ee5d9acf7 at 2016-11-01 00:14:24 UTC - VirusTotal
Thanks
Last edited:
That sample is a potentially unwanted program (PUP) - and it is rated as such because the Auslogics Driver Updater program isn't free and requires a paid subscription to be fully functional. Technically, it is a false-positive.
The installer has a complete digital certificate:
Signers
[+] Auslogics Labs Pty Ltd
[+] COMODO Code Signing CA 2
[+] USERTrust (Code Signing)
Counter signers
[+] Entrust Time Stamping Authority
[+] Entrust Code Signing Certification Authority - L1D
[+] Entrust (2048)
Yes - AppGuard will block digitally signed malware when it is set to Locked Down mode. It will also block digitally signed malware in Protected mode if the entire installer run sequence is not digitally signed all the way through.
For example, Active Presenter Installer.exe (digitally signed) > Active_Presenter_Install.tmp (not signed -> therefore AG blocks any further execution).
When you run AppGuard in Protected mode, it will allow the launch of installers with complete Authenticode certificates - but they will be launched Guarded, MemGuarded and Privacy enabled - unless the digital certificate Subject is on the Trusted Publisher's List.
Guarded prevents the creation of auto-run\startup. After you reboot the system the file will not start and will remain inert on the system - unless you navigate to the file and manually start it.
Last edited by a moderator:
lol Jeff You cut the grass under my feet lol, i was ready to post the same ! you just ruined 5mn of writing
Hi
If that's the case how come companies like COMODO, ESET, MalwareBytes, DrWeb, McAfee etc treated it as a malware in VT rather than accepting it? Don't tell me these companies can't tell the difference between a malware and a false positive?
Thanks
If that's the case how come companies like COMODO, ESET, MalwareBytes, DrWeb, McAfee etc treated it as a malware in VT rather than accepting it? Don't tell me these companies can't tell the difference between a malware and a false positive?
Thanks
It is rated as a PUP - which does not mean malware. A PUP can download and install other software that might turn out to be, indeed, malicious. However, security soft vendors do not install a software and watch every single thing that the software does and then create a signature for it. That isn't how file signatures are created. If vendors had to do all that, then it would take a very long time to create signatures, it would be very expensive, and security soft vendors would never tolerate it.
How file signatures are created is a topic all unto itself.
A PUP can be installed at the user's discretion. The signature detection is just to bring the file to the user's attention.
What some users consider a PUP, other users will not; what one AV company rates as a PUP, another will not.
Last edited by a moderator:
Also, because all the fight is to get the best "detection", some companies would be rated less "nicely" by Average Joe type of users if they don't flag those PUPs.
Hi Jeff_T-Testing Group and Umbra
Thanks for the replies
Thanks for the replies
- Jul 30, 2017
- 54
@Lockdown , I believe the Blue Ridge Networks Store link you posted is no longer accurate (i.e., when I execute the link I receive a page noting "
Not Found
We were unable to find the requested file or resource.").
Can you please provide us the correct, current link?
Home
the website had a massive overhaul since the change of policy toward customers and the merging with Blue Planet.
- Jul 30, 2017
- 54
@Lockdown , what is your preferred configuration of Windows Firewall when paired with AppGuard Personal?
Last edited:
- Status
Similar threads
