http://www.diamondcs.com.au/processguard/

After a lot of research, development and beta testing we are finally releasing Process Guard v1.200 to the public. This version is a lot better than previous versions of Process Guard , especially in regards to stability. This version adds a lot of new protection to make your system even more secure, including rootkit installation protection and leaktest blocking.

Registered Members of Process Guard can log into the members area here to download the full version :-
http://www.diamondcs.com.au/processguard/index.php?page=members

The free version of Process Guard has also been updated and can be downloaded at Process Guard's homepage.

The following is general list of some of the things changed since v1.150

[NEW FEATURES/ENHANCEMENTS]
-Added "Block Driver/Services" protection along with an allow list for certain programs. This blocks rootkits from being installed.
-Added "Block Global Hook" protection along with an allow list for certain programs. This blocks certain leaktests from working.
-Added Splitter Resize so you can adjust the log and protection list size.
-Added better Right-Click menu on the Systray icon to provide all the options from the main menu.
-Enhanced output of Window Log to be easier to read.
-Optimized the Window and File Log code.
-Everything in Window Log is now shown in File Log
-DAY and MONTH now appear in the Window/File Log.
-"Set File Log Path" now shows the filename and directory of the old log file.
-Made END TASK give an alert when it happens and which application is trying to do it.
-Optimized the drivers initialization to be faster. [DRIVER]
-Optimized undocumented method of getting the name of processes. [Driver]
-Optimized code in process comparison tests. [Driver]
-Helpfile additions and changes.
-Now display "in program" tooltips to explain each protection option to the user.
-Process Guard's stability and compatibility increased immensely.
-Hundreds of small tweaks.

[BUGS FIXED]
-Issues in driver causing Cannot attach errors randomly [DRIVER].
-Random and rare rebooting issues [DRIVER].
-Close Message Handling sometimes keeping a handle open to pguard.dat.
-Close Message Handling timing issues.
-Fixed Window position/size and Listview Column order/size saving code.
-DOS/SHORT path names now get resolved correctly. [DRIVER]
-Driver protection not being enabled correctly on some reboots due to timing condition. [DRIVER]
-Fixed File Log sometimes not being written to.


Spread word of the release and have a good weekend! :)

-Jason-

An interesting quality about this new release is it's anti-rootkit and anti-leaktest capabilities. Although not specificially designed with those capabilities in mind, please see the "Known Attacks" section in the new helpfile and you'll see that Process Guard is extremely effective against some of the most advanced types of leaktests (including Copycat, Firehole, Thermite, PCAudit 1 & 2, and AWFT). The new driver installation protection capability also means that virtually all rootkits are blocked from installation!
Please help us spread the word of this new release! :)

Registered members can download the new full version FOR FREE from the members area. :)

We'd also like to take a moment to especially thank our beta team for their rigorous testing of the last 5 beta releases that have made this v1.200 possible - thanks guys :)

Thanks Wayne :) Enjoy your weekend!

Here is an interesting .gif showing PG's Window log showing SetWindowsHookEx being stopped dead in it's tracks. Also at the bottom the Allow settings for System Safety Monitor

Excellent work guys!

-{ Quote: "We'd also like to take a moment to especially thank our beta team for their rigorous testing of the last 5 beta releases that have made this v1.200 possible - thanks guys" }-

No problem,.....enjoy the weekend fellas :).

Regards,
Jade.

wayne or gavin can you please give some quick instructions on how to uninstall 1.50 before installing 1.20 and what all should be done for a quick and safe upgrade.thanks

1. Uninstall the old version of Process Guard, and reboot.
2. Install the new version, and reboot.
That's all :)

Thanks for the info and the quick response.

Advanced users :

Click "Disable All Protection"
Close PG
Kill PG_Msgprot if running
Install over

Reboot or not, but protection may not apply to certain processes for some time without a reboot

hello. i hate to be a thorn in your side, but i am concerned about PG's possibly interfering with the installation of legitimate programs.. if pg prevents "malware" from installing, does it also at the same time interfere with the installation of legitimate programs?

Hi redwolf_98,
PG does not interfere with legitimate processe but like any other software it is better to disable it for Windows updates or installing your AV or AT i.e programmes that work at system level :)

-{ Quote: "but i am concerned about PG's possibly interfering with the installation of legitimate programs.. if pg prevents "malware" from installing" }-
It doesn't prevent anything from installing other than drivers, and it's very rare that you'll ever install new drivers on your system (if you ever do you can simply disable Process Guard during the install). So although I can understand your concern, you have nothing to worry about :)

Really Advanced users ;D

After running the Beta's I also deleted all PG's files & registry settings (apart from the keyfile) ;)

Installed fine on my other PC and laptop with absolutely no problems apart from having to put my apps beck on the list.

I tend to add apps slowly and monitor what is logged then adjust the allows etc. until logging is stopped.

extreme advanced user :
format
install windows
reboot
install PG ;D

Seriously PG 1.200 is better than the previous version and is a must to have as never it has been, don't miss it everyone :)

..... & before formatting remember to back up all your Keyfiles :P

Today, mid-testing 1.200 full I installed a Windows service pack and nothing happened, PG sat there ignoring the situation. This is because it was not a case of process manipulation in memory, just replace some files and reboot to replace those that are in use. All went as expected, 0 issues.

Yep, I've noticed on Server 2003 that it often does not require a reboot when XP does even when updating supposedly the same service patch number. ???

???
It's me again.... having the problem
After uninstall and reboot former version, installing 1.2 reboot again.
All okay, checked all protections ..so far so good.
Rebooted and............... BOD :-[

Had to go to safe mode unistall PE and after that came on my normal mode again, did the same thing again twice having the same problem.
Now I have PE running without the last two protections not checked ( block drivers and block global hooks ) and windows keeps running.

I'm sending all info from windows during faultreport and log file to Jason.

Downloaded, running great. Thanks guys.

tell to everyone around you that a new wonderfull software is born ;D

I always receive this message:

Windows log shows following:
3 Feb 20:45:10 - Error: 2. Process Guard could not attach to kernel-mode driver. Please make sure Process Guard is installed properly before continuing.
3 Feb 20:48:33 - Process Guard Protection is ACTIVE.

Beside it could be manually stopped with task kill and service stop although I enabled all modules. Another time it worked and I wasn´t able to kill tasks.

Another Problem: it does not load AOL Driver and blocks then because of this the internet connection.