I don't believe in blind faith except where DCS are concerned so I bought Process Guard today without even having seen it or tried it.

I hope my PC boots after I install it when I get the license tomorrow because on 1 or 2 odd occassions low level drivers have corrupted my Windows and I have had to re-install my OS. On my P4 I can't use Agnitum because after I installed it then my pc gave about 10 pop up alerts at the log on menu saying it couldn't find the root folder. This also happened after installing PC XG Pro (tweaking program)

For some strange reason my pc doesn't like low level drivers. I'm thinking it could be some bios protection issues or a motherboard conflict because I'm using the latest A17 Abit with a chip called Uguru which is a hardware monitoring chip. What I think happens is that when a low level driver tries to install on my pc either the bios rejects it or it is trying to write to the address reserved for the chip and the pc goes haywire. This may be because my pc and motherboard are the latest and some programmers have not yet caught up with the problems yet.

So I'm keeping my fingers crossed, touching wood and holding my lucky charm hoping that Process Guard doesn't destroy my root folder for I know it is a low level driver that is installed.

Agnitum didn't say what it was but some people were saying HT can cause problems with low level drivers so I don't know.

I also read that some people have had trouble booting after installing PG - is this common and how can I avoid it?

Any help would much appreciated.

Dave

H worldcitizen, I do know that Jason has made corrections for the hyperthreading issues that Outpost & the earlier Process Guard had and that Version 2 is hyperthreading friendly :)

Whether your new Bios and MB are covered or not? We will have to wait Jason's reply - probably in a few hours - Monday morning Perth time.

Hi, worldcitizen

I was running AbitEQ untill recently which your Uguru also has as you know and I had no trouble with it. Uguru will be already running before PG starts so it should have no trouble.

But if you use the Overclock feature's in it you might have trouble, so if you use them I would advise you to disable protection.

The Bios will not reject a driver as it will not know what drivers are installed on your OS.

The Bios doe's not take instructions from the OS it is the other way round.

Abit or alot of good using of of PG ;D
TheQuest 8)

Yes Process Guard is now developed on a Pentium 4 with HyperThreading and I can confirm it works very nicely on it.

Some drivers do not expect to be used on multi-CPU systems and have been programmed for only one, a HyperThreading CPU make Windows believe there is 2 CPUs which is why there has been so many issues with these CPU's and drivers.

At DiamondCS we have 4 multi-cpu test systems along with a number of single cpu based systems and Process Guard works fine on all of them. This does not guarantee Process Guard will work on your machine, but hopefully it will. :)

-Jason-

Hi everyone and thanks for the posts.

PG was not what I expected. It installed fine and I was able to boot and had not problems with anything. I was expecting a trashy over-hyped piece of junk glorified by DCS fanatics & extremists but got a quite pleasant and almost thrilling surprise.

It's all so fast and I feel like I'm wrapped up in a warm blanket watching the footy on a cold winter's day. I started to get this strange feeling of being snug and secure as I noticed PG not allowing anything to run without my knowledge and consent.

I feel as if I'm wearing stealth armour and carrying WMD Suitcases just in case anyone wants to try anything smart. I've got TDS 3 and NOD 32 as my bouncers.

Question: Somewhere I read that this should be disabled before doing Windows updates. Is that true and how do I disable it??

I LOVE this program and at 1st I just bought it because I thought I may as well just for something to do and now it is my very favourite program because it's watching me always and I can feel confident that if anything wants to make trouble high hell will be let loose and I'm not gonna be on the losing side.

Congratulations on a terrific program DCS.

I'm very, very happy with Process Guard. It's terrific protection.

Dave

Jason,

For your information.

My PC has had problems with some programs so I didn't know how it would react to PG and was really very concerned.

Agnitum made it go beserk and I couldn't boot into Windows ever again and their support never told me what to do so I have a 2 year license but am afraid to use it so I use XP firewall.

I am having no trouble with Process Guard so please note my specs so you know it works on this set-up.



Intel Pentium 4 2.6C HT (on)
Abit A17 M/B w Uguru chipset
IGB Dual Channel DDR Ram
ATI 9600XT GPU

Jason can you tell me basically what Process Guard will block.

Will it prevent browser hijackers from trying to install porn toolbars (a problem I used to have) Also many times I get this bt.verifier trojan downloader. It seems to get into the IE temp folder a lot. Will PG prevent these things from running.

I know it won't block cookies but does it basically block any exe file that tries to execute code? That would include any worms and trojans or viruses that use an execute code?

What is Process Guard's main weakness or vulnerability?

Thanks in advance

Dave

If you have enabled the Program Checksum feature, i think it should protect you against all of that.
Basically, when a IE vulnerability is used to upload a malware on your comp which then install his nasty features, the malware must run first in order to annoy you.
Thanks to Program Checksum, Process Guard will tell you that a new executable trie to run, and will ask you to allow it or not, nothing can run without your knowledge :)

When I try to execute VBS or HTA files, I choose to "Block Once" wscript.exe or mshta.exe from running when prompted by PG:

6 Apr 21:43:56 - [EXECUTION] c:\windows\system32\wscript.exe with commandline c:\windows\system32\wscript.exe "c:\windows\system32\pubprn.vbs" was BLOCKED from running
6 Apr 21:46:02 - [EXECUTION] c:\windows\system32\mshta.exe with commandline c:\windows\system32\mshta.exe "c:\windows\help\tours\windowsmediaplayer\wmptour.hta" was BLOCKED from running

Nick

Scripts and all other things like them (.VBS / .JS / .HTA /etc) need some process to be running to do what they want, since they aren't actual machine code. In most cases this is the files mentioned by nick s.

Process Guard controls "EXECUTABLE FILES" from running, it will not cover files that run in other programs like scripts, that is what WormGuard is for. A script file being loaded by a script interpreting program is just like notepad opening a .txt file. Process Guard of course controls which programs can run but it does not control which files these programs can load.

-Jason-

Jason - I'm really very, very happy with this (PG). I never realised just how powerful it is until now.

With programs like this it's no wonder DCS have such a strong fan club but no DCS screensavers or wallpaper? When you get up in the world you have to make these things available because your famous.

Dave

-{ Quote: " quoting: Jason / DiamondCS link=board=40;threadid=26907;start=0#msg156909 date=1081307927]
Scripts and all other things like them (.VBS / .JS / .HTA /etc) need some process to be running to do what they want, since they aren't actual machine code. In most cases this is the files mentioned by nick s.

Process Guard controls "EXECUTABLE FILES" from running, it will not cover files that run in other programs like scripts, that is what WormGuard is for. A script file being loaded by a script interpreting program is just like notepad opening a .txt file. Process Guard of course controls which programs can run but it does not control which files these programs can load." }-

Yes, of course, and I knew all that. I know the difference between "compiled" and "interpreted". I was combatting the idea that with PG alone, "nothing can run without your knowledge".

>> Process Guard is now developed on a Pentium 4 with HyperThreading and I can confirm it works very nicely on it. <<

I can confirm it doesn't.
Pentium 4, Win XP Pro, updates curremnt

Lauch new program - not stopped.
All PG features enabled.

Hi stevenestrada, Can you please save a copy of your protection list and your text log please, as it may give us a clue as to what is happening in your particular set up.
Please answer in the your "Feature not working" thread and please include your logs.

Cheers & Than you - Pilli

How do you link a not working feature to Hyper Threading ??

I thought that the Hyper Threading not compatible softwares was simply causing a BSOD, but may be am I wrong.

There must be something else, because I am running a Pentium 4 with Hyperthreading and it works fine.

>> Can you please save a copy of your protection list and your text log <<

No. The program was removed from the computer some weeks ago.

-{ Quote: "No. The program was removed from the computer some weeks ago." }-stevenestrada,
I don't mean to interupt this thread, but I must. Why would you remove this program from your computer? I consider this program to be very valuable to ensuring the safety and security of my computer system. It is my opinion that you are not only comprimising the security of your system, but you are also giving up an opportunity to aid in its development. Seems like a poor decision to me, but that is just my opinion.

P.S.
I'm not fortunate enough to have a hyperthreading CPU, but PG does work well on my system.

>> Why would you remove this program from your computer? <<

Too many problems with one computer. OK with others.