Got a small question . Is it wise or necessary to have wormguard present on your system when you already have TDS, REGRUN, AVG pro and numerous anti spyware apps in place ??

What does it do which all of the others don't ???

Hi Hurricanetracker, I have WormGuard resident with all of those types of applications and WG still picks up potential malware where others fail, especialy possible scripted malware & dual extensions.
One of the benefits is that WG allows you to view these file safely making it very easy to decide what to do.
WormGuard does not run as a process but uses a hook, as a file is opened WG scans the file and normally allows the file to run unless there is anything suspicious that requires the users attention, so using extremely low overheads.

Treat WG as another useful tool. part of a good layered defence. :) Pilli

Here is a list of features from the DCS website:

WormGuard has many features you won't find in other products, including :-
Analyses files generically using heuristic and intelligent rule-sets rather than relying on signatures for known worms - this is the future of worm interception.

Uses a unique non-resident execution hook method to render WormGuard immune to the TerminateProcess and SuspendProcess vulnerabilities that affects all other active security systems.

Provides worm-detection for ALL executed files and filetypes, ensuring the file is safe BEFORE it is allowed to run, making infection almost impossible.

Has four primary and six secondary core detection engines built-in to handle executed files depending on their type.

Provides network administrators with the power of blocking the execution of filenames/filetypes on all machines on their network with immediate effect.

Neutralises many severe Windows vulnerabilities, such as the use of hidden extensions, multiple file extensions, and excessive spaces in filenames.

Provides extended universal detection and analysis of Macros across all Microsoft Macro formats, such as DOC, XLS, and MDB.

Provides extended universal detection and analysis of command files, such as COM, PIF, BAT, and CMD.

Provides Deep-Scanning to detect password-stealers, keystroke-loggers, IRC worms, references to known worm authors, and much, much more.

Allows the Network administrator the complete ability to customise/disable WormGuard user options.

Are any conflicts known with the other applications . Will tell you what I have running here :

- Regrun gold ( one of the best investments I made too date ) - running resident
- Spybot ( need I say more )- running resident
- Spyware guard-running resident
-AVG pro 7 - running resident
- MS anti spyware- running resident
- Agnitum outpost pro firewall-running resident ( chose this one, because it has the least trouble with the other apps running - not because it's necessarily the best out there )
- TDS - I start this one up after boot has finished , because it seems to have trouble with MS anti spyware .
- spyware blaster-running resident
- adaware SE with all addons ( not running resident )

I did have process guard installed but this definitely had a conflict ( I think with regrun, but am not sure ) and crashed all the time , so I uninstalled .

Port explorer seems a nice app , but I already have both wintasks pro and regrun which encompass a process-monitoring utility also .

I like the stuff at Diamond CS a lot , but overlapping too much isn't such a good thing also ( it only adds to the computer booting extremely slowly in the end ) .So it's a bit of a dilemma which ones to go for .REGRUN is a definite though : best one out there , in my opinion .

these days you can't be too careful , especially with a broadband connection - meaning you're online all the time the system is running.

WormGuard should not conflict with any of your Apps :) and uses very low resources.

ProcessGuard should also run with no problems, Reg Run Gold does not conflict with PG on my machines and I use all the apps that you do, although I do run Giant AS rather than MS's beta clone.

What version of ProcessGuard did you try?

-{ Quote: "

I did have process guard installed but this definitely had a conflict ( I think with regrun, but am not sure ) and crashed all the time , so I uninstalled .
" }-
I'm also a user of both of these programs. No conflict here.

WG does conflict with my Audigy 2 EAX Console. It will not load with WG resident and takes a reboot to get it to run afterwards. ???

Hi Eliot, Then you need to add the file to the WG allow list>
Here is an example from my allow list:
C:\windows\system32\restore\restrui.exe This allows System restore to work properly when WG is installed.

HTH Pilli

-{ Quote: "What version of ProcessGuard did you try?" }-


Definitely not the one from 18-1-2005 which I downloaded now . I'm going to try the free version first - if that doesn't show any conflicts or "crashing behaviour " I'm pretty sure the full version won't either .

Also downloaded the trial for wormguard- going to see if that shows any "bad " behaviour .

Way I see it worm-infections are pretty dangerous and aren't covered by anti-virus or anti trojan software .How does wormguard manage to stop worms anyway - from what I've read about how worms work this is nigh on impossible because these things multiply so rapidly and "mutate " on the fly .

Redownloaded port explorer as well , going to compare this to the features covered in the software I already use and see if it's a big enough "improvement " to warrant purchasing .

Ahhhh, I forgot about that. Now to add the final link in the chain. Thanks Pilli.

-{ Quote: "I'm going to try the free version first -" }-You should not have any problems but please follow the install/uninstall instruction sticky: http://www.wilderssecurity.com/showthread.php?t=16931

@ Eliot Just browse the path and add, sometimes it may require a little research to define which file needs to be added. :)

Pilli

-{ Quote: "Definitely not the one from 18-1-2005 which I downloaded now . I'm going to try the free version first - if that doesn't show any conflicts or "crashing behaviour " I'm pretty sure the full version won't either ." }-While you should be able to run PG and WG together, PG in my view would provide the greater benefit so it is worth trialling/configuring/testing first.-{ Quote: "Way I see it worm-infections are pretty dangerous and aren't covered by anti-virus or anti trojan software ." }-A properly configured firewall will counter most worms, since it will block any unsolicited network connection attempts. The only danger then are worms spread via "legitimate" means like email attachments or webpages (and anti-virus software will detect many here).

Sofar so good, re-installed the new processguard and it doesn't seem to wreak havoc on system . One thing I did note when it was installed : it seems to interfer with my AVG antivirus : when AVG starts : both the DB-date is missing and the e-mail scanner is disabled - presumably by either processguard or wormguard .I am able to manually restart AVG - mailscanner and to "get " the date for the virus- signature-DB but don't think this is supposed to happen :)


However : don't know how to get it to be "allowed " , have no clue what the files responsible for initializing virus DB and personal e-mailscanner are called . If I put these on the allow-list of both WG and PG I should be in business.


Noticed there's no tray- icon for WG , is this supposed to be the case ??

If you have had PG in learning mode run your various security / internet connected programs and their sub programs then ProcessGuard should pick them up.

WormGuard does not have a tray Icon. Once you have opened the GUI and installed protection it will remain hidden until something awry is found,
To test, create a text file called something like WG.txt.exe (note the double extension) then double click it and WG should throw up a warning box.

HTH Pilli

-{ Quote: "A properly configured firewall will counter most worms, since it will block any unsolicited network connection attempts. The only danger then are worms spread via "legitimate" means like email attachments or webpages (and anti-virus software will detect many here)." }-

That is sooo true . I just did what Pilli suggested and made a file with a double-extension . Wormguard didn't even have the time to react - I immediately got a warning from AVG instead - it was even hard to get rid of that warning :)

this means a thumbs-up for AVG as well ;)