Advice Request Is there anyone here who can help me to configure AppGuard?

[Wraith]

I'm using AG with ESET IS. I mainly have AG set to Lockdown mode since I don't install random softwares on my gaming PC. The only thing that is causing problem is Chrome(AG prevents software reporter tool from running). I have manually excluded the chrome directory in AG. Also I have put some applications that are commonly abused in user space and guarded list. I'm sharing with you my settings of AG. Are there any settings that I need to change? Are there are any vulnerable applications that are needed to be added to user space or guarded application list(apart from the ones I have included)?

 

[Deletedmessiah]

If its only the software reporter tool being blocked, let AG block it. Chrome runs fine without it anyway. Software reporter tool is a component to "improve experience" aka data collection so let it stay blocked.
@shmu26 might be able to help with configuring. Only thing I remember to do is adding every non-system and non-security apps that access internet to guarded apps. Also add csript, wscript, powershell to userspace but I forgot how to do it...
There were other members with more knowledge of Appguard but some left and some are inactive. If you have Wilders account ask Umbra.

 

[shmu26]

I haven't used AppGuard in a long time, and there is no one on any forum who provides configuration support. And you will not get support from the company unless you have a business license. This is why home users should not use AppGuard. Proper configuration is essential, and there is no one to help you do it.

 

[oldschool]

Old threads @ Wilders is all that remains. Good luck. Hard_Configurator anyone?

 

[Wraith]

Let's see if anyone at Wilders and Bleeping Computers can help me with AppGuard. It's a fantastic piece of software.

 

[Wraith]

Also add csript, wscript, powershell to userspace but I forgot how to do it..

I used SysHardener to disable windows script host and set powershell to constraint mode. Do I still need to include them in AppGuard?

 

[Deletedmessiah]

If you use syshardner to do it then no need to add in Appguard.

 

[shmu26]

I used SysHardener to disable windows script host and set powershell to constraint mode. Do I still need to include them in AppGuard?

Powershell in constrained mode is quite good, everyone should do that. But adding powershell to "user space: Yes" in Appguard is stronger. If you add it to user space, you must untick it in guarded apps, or else you did not change anything. This is a general rule with Appguard. Everything on the guarded apps list will run, even if you add it to "user space: Yes". So if you want it totally blocked, you must untick it in guarded apps.
I wrote "user space: Yes" because one of the most common errors in AppGuard configuration is adding something to user space list but forgetting to set it to "Yes".
Note that on a x64 system, there are 4 powershell exe files you need to block. There are two powershell.exe and two PowerShell_ISE.exe.
You can block all of them with one rule if you use wildcards.