- Mar 30, 2014
- 468
AppGuard users , Do you use in its default setting?
If not, mention it and the reason for change.
Thanks.
Last edited:
AppGuared users , Do you use in its default setting?
- Thread starter hamo
- Start date
- Status
AppGuard users , Do you use in its default setting?
If not, mention it and the reason for change.
Thanks.
- Jan 6, 2017
- 835
- Jul 5, 2016
- 416
- Mar 30, 2014
- 468
- Jul 3, 2015
- 8,153
I run AppGuard at close to default settings. I use "protected mode".
Yeah, I added a few apps to the guarded list, and made a few exceptions to user space, and modified the trusted publishers list, but basically, you could call it default settings.
Why default settings? Because it is no-brainer protection that really works.
For paranoid protection, which is not really necessary but makes computer use more interesting, I use HIPS or anti-exe, because it is more flexible and is easier to tailor to my needs. At the present I am using NoVirusThanks EXE Radar Pro (beta 2015) for that purpose. It is reliable, configurable, and relatively easy to master.
Yeah, I added a few apps to the guarded list, and made a few exceptions to user space, and modified the trusted publishers list, but basically, you could call it default settings.
Why default settings? Because it is no-brainer protection that really works.
For paranoid protection, which is not really necessary but makes computer use more interesting, I use HIPS or anti-exe, because it is more flexible and is easier to tailor to my needs. At the present I am using NoVirusThanks EXE Radar Pro (beta 2015) for that purpose. It is reliable, configurable, and relatively easy to master.
- Jul 3, 2015
- 8,153
MODERATORS: Shouldn't this thread be moved to the AppGuard sub-forum?
- Mar 30, 2014
- 468
Do you mean you use both AG + Anti-exe in the same time! Can I do this without problem?
Like AG + Voodo !
- Aug 2, 2014
- 368
Yes it should. I second that. That and fix the typo in the title: AppGuared to AppGuard.
Last edited:
Appguard has a default settings because they are not "psychics" , they don't know how your system is; but AG in my point of view, should never be used with default; it should be tailored to the system needs. And to do that clearly knowing your system and how it works is a requirement, and that is why AG and most SRPs doesn't jump on the home user market.
- Mar 30, 2014
- 468
Can you please give an example of one change (your personal setting) and why you change that? May be I understand the theory of AG !
I use Lockdown Mode which is the tighest setting, AG protection isn't based on settings (like traditional security softs) but from policies created by the user for his personal system.
The user have to decide what is in the system-space and what is in the user-space and xwhat should be Guarded, then set his policy based on that.
The user have to decide what is in the system-space and what is in the user-space and xwhat should be Guarded, then set his policy based on that.
- Jul 3, 2015
- 8,153
Yes, I use AG + anti-exe. It is a classic combination.
AG + Voodoo works great. No conflicts.
You don't need Voodoo if you do like @Umbra and @Lockdown. They configure their system carefully.
Here's an example: add bitsadmin.exe, which is a vulnerable process that you will never need, to user space. Then it can never run, and you are protected from it being abused by malware.
They put AG in lockdown mode, so that even signed processes cannot run from user space. But if you do this, you will have to make a few exceptions to user space, most notably, OneDrive and dism. Otherwise, they will be blocked.
- Jul 3, 2015
- 8,153
If AppGuard blocks an execution due to your special configuration, it will tell you about it loud and clear, and you can go and unblock it. AG usually does not silently mess up your system. It tells you what happened, and it gives you the details you need to fix it. There are other security apps that silently block things, and that makes it hard to deal with, and it gives me an uneasy feeling. AG doesn't do that, in my experience.I voted yes, I am afraid to make error to my system
- Mar 1, 2014
- 1,708
I use the default, but with few modifications. So, I chose "no" in the poll.
I put mine in Protected mode. I have Kaspersky and HitmanPro.Alert, so I don't need to overly tighten my configuration with AppGuard.
Besides, KIS 2018 + HMP.A + AppGuard seem to be overkill already.
I put mine in Protected mode. I have Kaspersky and HitmanPro.Alert, so I don't need to overly tighten my configuration with AppGuard.
Besides, KIS 2018 + HMP.A + AppGuard seem to be overkill already.
Remember that not all alerts needs to be unblocked, only those that cripple the system.
@hamo
Disable powershell - permanently.
powershell is not needed by home users.
A. Untick powershell in the Guarded Apps list.
B. Add powershell to the User Space list and set it to "Yes."
powershell is used by malc0ders to attack a system by various methods.
Disable powershell - permanently.
powershell is not needed by home users.
A. Untick powershell in the Guarded Apps list.
B. Add powershell to the User Space list and set it to "Yes."
powershell is used by malc0ders to attack a system by various methods.
- Mar 30, 2014
- 468
Very thanks for all, I feel I am close to understand AG theory.
- @shmu26 If I need to kill Cortana process completely, What should I do?
- Jul 3, 2015
- 8,153
I don't know, but others probably know how to do it. It is now linked to windows search, so it is not so simple to kill it completely.
- Jul 3, 2015
- 8,153
The most important thing to understand is system space and user space. The following is a little oversimplified, but everything in your windows folder and programs folders is system space. Everything else is user space.
What's the difference?
AG doesn't care very much about system space. Almost everything is allowed.
But it is very jealous about user space. Almost everything is disallowed.
So if you want to block something from running, add it to user space.
If you want to allow something that is blocked, take it out of user space.
- Status
