Status
Not open for further replies.
On the surface no. But you know how Google is. For all I know it could be an extension trying to update or something. Will keep an eye on it. I thought you mentioned that a rule needs to be created for Chrome? I have not created one as of yet however.


I will offer my personal experience and opinion based as a user (NOT expert) of AppGuard in Locked Down Mode:

1)
Context:
I am running Google Chrome on my Win10 64-bit OS with AppGuard in Locked Down Mode.
My Google Chrome instance was installed on C:\Program Files (x86)\ , by an Administrative user:
I experienced a
C:\Users\<UserName>\AppData\Local\Google\Update\GoogleUpdate.exe
block event
2)
One AppGuard Support individual suggested the following configuration:
"Just add the GoogleUpdate.exe file path to User Space and set to NO."
3)
On 2 different Support pages, AppGuard support suggested the following configuration for Chrome on Win7 :
AppGuard | Support
Support
"
Google Chrome
In order to use Google Chrome in the Locked Down protection level on Windows 7 64-bit PCs, do either of the following:
- Install Google Chrome in the Program Files directory (preferred).
- Exclude the following directories from the User-space protection definition
-- C:\Users\\AppData \Local\Google\Chrome\Application
-- C:\Users\\AppData \Local\Google\Update
"
4)
I noticed:
- many .exe's within directory
C:\Users\<UserName>\AppData\Local\Google\Update\
:

I.e., not just
C:\Users\<UserName>\AppData\Local\Google\Update\GoogleUpdate.exe
- directory
C:\Users\\AppData \Local\Google\Chrome\Application
did not exist
5)
The configuration I implemented in AppGuard:
- Excluded the following from the User-space protection definition
-- C:\Users\<UserName>\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
-- C:\Users\<UserName>\AppData\Local\Google\Update

I guess that the above was overkill and that instead I could have just excluded a few .exe's within *\Update.
Please PM me if you would more detail.
 
  • Like
Reactions: Trooper
With all the repeating questions, I think it's time that someone should write an FAQ about AppGuard. :)

I agree.

I worked with @Lockdown to put together a light and effective configuration of AppGuard in Locked Down mode. This took me weeks of learning, note taking, PM's with Lockdown, etc.

I documented my entire AppGuard installation and configuration via a combination of text and screenshots that are currently in a MS Word document.

I would like to share my AppGuard installation and configuration with the community. I hope this will help others who are fearful/ignorant of AppGuard to have a clear path toward moving to this powerful and useful app, and so they and Lockdown can (hopefully) spend less time to install and config AppGuard.

Questions:
1A) is there some easy way I can easily convert text and images currently in an MS Word application into a format that is easily postable onto malware tips, or...
1B) will I instead have to upload each and every screenshot to an image hosting service, copy each image's url into a MalwareTips post, etc.?
2) Which of the following locations would be best for my AppGuard configuration:
e.g.,
2A) I know I have the option of adding my AppGuard configuration to my PC Security configuration
SECURE - Meltcheesedec Security Configuration 2017
2B) etc.
 
Last edited:
  • Like
Reactions: XhenEd

shmu26

Level 85
Verified
Trusted
Content Creator
I will offer my personal experience and opinion based as a user (NOT expert) of AppGuard in Locked Down Mode:

1)
Context:
I am running Google Chrome on my Win10 64-bit OS with AppGuard in Locked Down Mode.
My Google Chrome instance was installed on C:\Program Files (x86)\ , by an Administrative user:
I experienced a
C:\Users\<UserName>\AppData\Local\Google\Update\GoogleUpdate.exe
block event
2)
One AppGuard Support individual suggested the following configuration:
"Just add the GoogleUpdate.exe file path to User Space and set to NO."
3)
On 2 different Support pages, AppGuard support suggested the following configuration for Chrome on Win7 :
AppGuard | Support
Support
"
Google Chrome
In order to use Google Chrome in the Locked Down protection level on Windows 7 64-bit PCs, do either of the following:
- Install Google Chrome in the Program Files directory (preferred).
- Exclude the following directories from the User-space protection definition
-- C:\Users\\AppData \Local\Google\Chrome\Application
-- C:\Users\\AppData \Local\Google\Update
"
4)
I noticed:
- many .exe's within directory
C:\Users\<UserName>\AppData\Local\Google\Update\
:

I.e., not just
C:\Users\<UserName>\AppData\Local\Google\Update\GoogleUpdate.exe
- directory
C:\Users\\AppData \Local\Google\Chrome\Application
did not exist
5)
The configuration I implemented in AppGuard:
- Excluded the following from the User-space protection definition
-- C:\Users\<UserName>\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
-- C:\Users\<UserName>\AppData\Local\Google\Update

I guess that the above was overkill and that instead I could have just excluded a few .exe's within *\Update.
Please PM me if you would more detail.
I was told that Chrome itself has changed the folder from which it updates, so the instructions you found for Windows 7 were for the old Chrome, and the AppGuard rep gave you instructions for the new Chrome.
 
5

509322

I was told that Chrome itself has changed the folder from which it updates, so the instructions you found for Windows 7 were for the old Chrome, and the AppGuard rep gave you instructions for the new Chrome.

Both the old and new Chrome run ancillary processes from user space. The new one runs software_reporter_tool.exe, for example.

I think Google changed the update folder to C:\Windows\Temp.
 
D

Deleted member 178

.

Questions:
1A) is there some easy way I can easily convert text and images currently in an MS Word application into a format that is easily postable onto malware tips, or...
1B) will I instead have to upload each and every screenshot to an image hosting service, copy each image's url into a MalwareTips post, etc.?
2) Which of the following locations would be best for my AppGuard configuration:
e.g.,
2A) I know I have the option of adding my AppGuard configuration to my PC Security configuration
SECURE - Meltcheesedec Security Configuration 2017
2B) etc.

1a- no
1b- yes
2- on Appguard section i created a config/setup thread here Appguard Configuration & Setup demo Thread, so your setup should be posted there, i have created a new thread especially for that but not open yet.
 
Last edited by a moderator:

Trooper

Level 6
Verified
I will offer my personal experience and opinion based as a user (NOT expert) of AppGuard in Locked Down Mode:

1)
Context:
I am running Google Chrome on my Win10 64-bit OS with AppGuard in Locked Down Mode.
My Google Chrome instance was installed on C:\Program Files (x86)\ , by an Administrative user:
I experienced a
C:\Users\<UserName>\AppData\Local\Google\Update\GoogleUpdate.exe
block event
2)
One AppGuard Support individual suggested the following configuration:
"Just add the GoogleUpdate.exe file path to User Space and set to NO."
3)
On 2 different Support pages, AppGuard support suggested the following configuration for Chrome on Win7 :
AppGuard | Support
Support
"
Google Chrome
In order to use Google Chrome in the Locked Down protection level on Windows 7 64-bit PCs, do either of the following:
- Install Google Chrome in the Program Files directory (preferred).
- Exclude the following directories from the User-space protection definition
-- C:\Users\\AppData \Local\Google\Chrome\Application
-- C:\Users\\AppData \Local\Google\Update
"
4)
I noticed:
- many .exe's within directory
C:\Users\<UserName>\AppData\Local\Google\Update\
:

I.e., not just
C:\Users\<UserName>\AppData\Local\Google\Update\GoogleUpdate.exe
- directory
C:\Users\\AppData \Local\Google\Chrome\Application
did not exist
5)
The configuration I implemented in AppGuard:
- Excluded the following from the User-space protection definition
-- C:\Users\<UserName>\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
-- C:\Users\<UserName>\AppData\Local\Google\Update

I guess that the above was overkill and that instead I could have just excluded a few .exe's within *\Update.
Please PM me if you would more detail.

Thanks man. I will take a look at this as soon as I can. Cheers!
 
5

509322

I will offer my personal experience and opinion based as a user (NOT expert) of AppGuard in Locked Down Mode:

1)
Context:
I am running Google Chrome on my Win10 64-bit OS with AppGuard in Locked Down Mode.
My Google Chrome instance was installed on C:\Program Files (x86)\ , by an Administrative user:
I experienced a
C:\Users\<UserName>\AppData\Local\Google\Update\GoogleUpdate.exe
block event
2)
One AppGuard Support individual suggested the following configuration:
"Just add the GoogleUpdate.exe file path to User Space and set to NO."
3)
On 2 different Support pages, AppGuard support suggested the following configuration for Chrome on Win7 :
AppGuard | Support
Support
"
Google Chrome
In order to use Google Chrome in the Locked Down protection level on Windows 7 64-bit PCs, do either of the following:
- Install Google Chrome in the Program Files directory (preferred).
- Exclude the following directories from the User-space protection definition
-- C:\Users\\AppData \Local\Google\Chrome\Application
-- C:\Users\\AppData \Local\Google\Update
"
4)
I noticed:
- many .exe's within directory
C:\Users\<UserName>\AppData\Local\Google\Update\
:

I.e., not just
C:\Users\<UserName>\AppData\Local\Google\Update\GoogleUpdate.exe
- directory
C:\Users\\AppData \Local\Google\Chrome\Application
did not exist
5)
The configuration I implemented in AppGuard:
- Excluded the following from the User-space protection definition
-- C:\Users\<UserName>\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
-- C:\Users\<UserName>\AppData\Local\Google\Update

I guess that the above was overkill and that instead I could have just excluded a few .exe's within *\Update.
Please PM me if you would more detail.

Chrome can be installed to AppData in a Standard User Account.

In an Admin account it is installed to Program Files.

The directions you see on the webpages you referece is for installing Chrome within a Standard User Account.
 
5

509322

If that is the case, I need instructions for setting up AppGuard with an admin account/install.

There are no special instructions, just install Chrome.

If you are going to run AppGuard in Locked Down mode, when you see one of Chrome's ancillary processes blocked from running from AppData\Local\Google, you just add that blocked process to User Space and set to NO.

If you are going to use Protected mode, you won't have to do the same unless the blocked Google process is digitally unsigned.

@Trooper please contact me via PM and I will assist you.
 
Last edited by a moderator:

Trooper

Level 6
Verified
There are no special instructions, just install Chrome.

If you are going to run AppGuard in Locked Down mode, when you see one of Chrome's ancillary processes blocked from running from AppData\Local\Google, you just add that blocked process to User Space and set to NO.

If you are going to use Protected mode, you won't have to do the same unless the blocked Google process is digitally unsigned.

@Trooper please contact me via PM and I will assist you.

Will do. Thank you sir I appreciate it.
 
  • Like
Reactions: meltcheesedec

Trooper

Level 6
Verified
There are no special instructions, just install Chrome.

If you are going to run AppGuard in Locked Down mode, when you see one of Chrome's ancillary processes blocked from running from AppData\Local\Google, you just add that blocked process to User Space and set to NO.

If you are going to use Protected mode, you won't have to do the same unless the blocked Google process is digitally unsigned.

@Trooper please contact me via PM and I will assist you.

FYI I get this when I go to your profile.

"This member limits who may view their full profile."
 
5

509322

FYI I get this when I go to your profile.

"This member limits who may view their full profile."

I don't know why you are getting that message; you should be able to create a PM and input my MT user handle.
 

SHvFl

Level 35
Verified
Trusted
Content Creator
I don't know why you are getting that message; you should be able to create a PM and input my MT user handle.
Privacy settings. Regardless if you click on a username you get the option to pm(start a conversation).
 
Status
Not open for further replies.
Top