Maybe this has been discussed before, and last post I saw said something like "Process Guard would still be doing it's job, because it was there first".
I have to comment on this, saying "precisely, but not really".
I'll explain.
I installed Tiny Firewall Full professional, and Process Guard 2.000 Full was still installed.
Tiny would contantly crash, and I read inumerous violations in ProcessGuard 's Window's Log.
After a million of crashes of tiny, for "privilleges error", I manages to add all the "required" files of Tiny into Process Guard, so they'd have access onto explorer and drivers, so Tiny could implant his rootkit. 1 restart later I noticed right away: ProcessGuard's Driver was not loaded. Is this the consequences of rootkit preventing adicional kernel drivers ? Or is this some anti-ProcessGuard conditions on Tiny Firewall. I know Tiny firewall as good as I know Pg, so I didn't forget to add file, driver and system privileges from Tiny to ProcessGuard. I event tryed with Tiny *personal* Firewall (with exactly the same configuration) and it worked fine. Why doesn't Tiny 6 (Tiny Firewall) cooperate with process guard. Any one noticed this ?
Ps. Sorry for the long doubt and long post.

Hi Korean Boy, with 6.100 I had no problems using it together with PG. I changed for another reason (learning curve) but it works ok if you give them both all the privileges. and what about rootkit??

can you explain what you are saying with tiny and rootkit??

Thanx

Hi KoreanBoy, DCS will be around in the next few hours and may be ablle to help you.
I am not familiar with the latest Tiny software but maybe other Tiny users will have an idea.

Pilli

I had the same problem with tiny 6 & procguard, there is a conflict.

I guess he means rootkit , because tiny pf6 and process guard implants their driver similar like techniques of a rootkit. Basically using kernel driver at system startup. The difference is that procguard.sys can´t be disabled except if you restore the Kernel ServiceTable.

Tiny installs about 4 Drivers and 5 Services. The KmxIds can cause problems, blue screen or reboot with installed service pack 2. This occured on my system. I used latest tiny pf6.xxx release and pgfree 2.00.

On my system i am running TPF 6 and PG 2 never had any problem with that.

-{ Quote: "
Why doesn't Tiny 6 (Tiny Firewall) cooperate with process guard." }-

It does, perhaps something else is causing the conflict.

-{ Quote: "The difference is that procguard.sys can´t be disabled except if you restore the Kernel ServiceTable." }-
Hi MEGAFREAK,

Was this the Proof of Concept PG exploit that was described in the past?
If it is, then that exploit will be void in 1 day when DCS releases PG 3.0 beta.
If it is something different, please explain.

Thanks

maybe but before I installed SP2 tiny & pg2 had had no problems, I finally needed to disable Tiny incl. all his drivers. Could also be a problem only concerning incompatibility issue of tiny and xp sp2.

-{ Quote: "Hi MEGAFREAK,

Was this the Proof of Concept PG exploit that was described in the past?
If it is, then that exploit will be void in 1 day when DCS releases PG 3.0 beta.
If it is something different, please explain.

Thanks" }-

Hi Devinco :).

Yes, this is the vulnerability discovered by Tan Chew Keong.

-{ Quote: "Tan Chew Keong has reported a vulnerability in DiamondCS Process Guard, which can be exploited certain malicious processes to disable the security features provided by the product.

The problem is that the security features provided by the product can reportedly be disabled by restoring the running kernel's SDT (Service Descriptor Table) ServiceTable by writing directly to the "\Device\PhysicalMemory" section object.

Successful exploitation disables the protection measures thereby allowing a privileged process to terminate protected processes." }- Source = http://secunia.com/advisories/12033/


This exploit/vulnerability is succesfully fixed with the next release of PG, along with many new enhancements :).


Regards,
Jade.

Thanks Jade! :)

It's probably that Windows XP Sp2 incompatibility with Tiny. I am sorry to have bothered you all, and thanks for the replies :) .
Looking foward to PG3!