devjit2018

Level 9
Tester
Verified
I'm using AG with ESET IS. I mainly have AG set to Lockdown mode since I don't install random softwares on my gaming PC. The only thing that is causing problem is Chrome(AG prevents software reporter tool from running). I have manually excluded the chrome directory in AG. Also I have put some applications that are commonly abused in user space and guarded list. I'm sharing with you my settings of AG. Are there any settings that I need to change? Are there are any vulnerable applications that are needed to be added to user space or guarded application list(apart from the ones I have included)?
 

Attachments

Deletedmessiah

Level 22
Content Creator
Verified
If its only the software reporter tool being blocked, let AG block it. Chrome runs fine without it anyway. Software reporter tool is a component to "improve experience" aka data collection so let it stay blocked.
@shmu26 might be able to help with configuring. Only thing I remember to do is adding every non-system and non-security apps that access internet to guarded apps. Also add csript, wscript, powershell to userspace but I forgot how to do it...
There were other members with more knowledge of Appguard but some left and some are inactive. If you have Wilders account ask Umbra.
 

shmu26

Level 79
Content Creator
Trusted
Verified
I haven't used AppGuard in a long time, and there is no one on any forum who provides configuration support. And you will not get support from the company unless you have a business license. This is why home users should not use AppGuard. Proper configuration is essential, and there is no one to help you do it. :(
 

shmu26

Level 79
Content Creator
Trusted
Verified
I used SysHardener to disable windows script host and set powershell to constraint mode. Do I still need to include them in AppGuard?
Powershell in constrained mode is quite good, everyone should do that. But adding powershell to "user space: Yes" in Appguard is stronger. If you add it to user space, you must untick it in guarded apps, or else you did not change anything. This is a general rule with Appguard. Everything on the guarded apps list will run, even if you add it to "user space: Yes". So if you want it totally blocked, you must untick it in guarded apps.
I wrote "user space: Yes" because one of the most common errors in AppGuard configuration is adding something to user space list but forgetting to set it to "Yes".
Note that on a x64 system, there are 4 powershell exe files you need to block. There are two powershell.exe and two PowerShell_ISE.exe.
You can block all of them with one rule if you use wildcards.
 
Last edited: