|
|
#1
November 27th, 2003, 03:53 AM
|
||||
|
||||
Process Guard v1.100 Released!!
Process Guard has undergone many changes since the first version, and we are proud to release this new build.
*** IMPORTANT*** Before installing this version, please make sure you have completely removed any previous versions of Process Guard. You have to successfully connect to the driver with procguard.exe before running the uninstall program in version 1.00 ************** There are still some things we need to improve but overall it should work a treat for you all. Some new features added since the last version include :- - Allow flags, now specify what programs can access protected programs. - Close Message Handling, a secure method of handling malicious programs closing down your security applications. (Works good with 70% of programs, still needs a little work) - Generic Options added, can now block EndTask() and programs from adding themselves to APPINIT_DLLS registry key. - Can disable/enable driver protection on the fly. - Human Confirmation dialog, finally a secure way of making sure only human input does something, not a malicious program. - No longer need procguard.exe running for protection to be active - Performance increased greatly Please be aware that if you experience any problems with Process Guard that makes you unable to boot into your normal operating system, you can safely uninstall Process Guard from safe mode. As it is not active in Safe Mode. Process Guard v1.100 has been beta tested for many weeks and we have found no major problems with it. Download the FREEWARE version of Process Guard here :- http://www.diamondcs.com.au/processguard/ Process Guard protects your programs actively and is available for Windows 2000, XP and 2003. People who have purchased Process Guard and want to get the full version before Monday please email us, you can get the email from the Process Guard webpage or from your license email. We will be automatically adding all existing Process Guard customers to our new Members Area on Monday. This new Members Area contains the download link for Process Guard. If you email us before Monday we will add you manually to the Members Area so you can download it a bit earlier. -Jason-
__________________
Jason - DiamondCS Programmer DiamondCS (Est. 1986) - The System Security Specialists CryptoSuite - Protect your information today! TDS - Powerful anti trojan software |
|
#2
November 27th, 2003, 03:05 PM
|
||||
|
||||
|
Re:Process Guard v1.100 Released!!
Noticed when I went to the Members page that it only had me marked down as owning Port Explorer - but I've purchased everything you've put out. Might want to update that.
(Yeah, I requested an advance copy of PG using your message system, too! <g> ). Pete
__________________
"When fascism comes to America it will come wrapped in the flag and carrying a cross." Sinclair Lewis |
|
#3
November 27th, 2003, 04:08 PM
|
|||
|
|||
|
Re:Process Guard v1.100 Released!!
Does the latest PG version handle SetWindowsHook injection method?
If not: At the moment, there is probably no need to worry. I do not know any trojan using this technique. AFAIK they all use CreateRemoteThread. But Firehole Leaktests demonstrates that SetWindowsHook also works fine... Nautilus |
|
#4
November 27th, 2003, 07:34 PM
|
||||
|
||||
|
Re:Process Guard v1.100 Released!!
Quote:
download it..test it out and see for yourself. Thread also started at dslr and mvdu had some questions. http://www.dslreports.com/forum/rema...ty,1~mode=flat Congrats on the release and all that hard work !
__________________
Missing Kids http://www.bigcatrescue.org/ |
|
#5
November 27th, 2003, 09:56 PM
|
||||
|
||||
|
Re:Process Guard v1.100 Released!!
SetWindowsHookEx is the last kill method on the To Do list, every other conventional attack has now been accounted for.
 However, as it took longer than anticipated to add human verification and protection for close messages (ie. WM_CLOSE, SC_CLOSE) and End Task termination we thought we'd get this 1.1 release out as it is, and we can then add SetWindowsHookEx countermeasures to 1.2. And you're correct, there isn't a single trojan that has ever been released that terminates security programs via SetWindowsHookEx DLL injection so there's no immediate danger, and chances are we'll have v1.2 out before then anyway. Actually, very few trojans do any security process termination, and of those that do, nearly all just call TerminateProcess (easily intercepted by Process Guard), and a minority also use close messages such as WM_CLOSE (also easily intercepted by Process Guard), so already Process Guard protects against all attacks used by current trojans. A trojan would only opt for the SetWindowsHookEx method if it absolutely had to, because there are a lot more effective process termination techniques that are easier to use, and don't require external DLLs, and unless Process Guard is installed, there'd be nothing stopping the trojan from using those normal termination techniques (ie. TerminateProcess) so it's not something they'd ever opt for. In regards to CreateRemoteThread, this still requires Write access to the target process, which Process Guard easily intercepts. Regards, Wayne
__________________
DiamondCS (Est. 1986) - Celebrating 20 Years ... Home of Port Explorer, ProcessGuard, and check out all our other freeware security tools! |
|
#6
November 27th, 2003, 10:54 PM
|
||||
|
||||
|
Re:Process Guard v1.100 Released!!
Just a note for users who want to get into the members area, I just added everyone
 You should have received an email to your registered address, with your email login and password for the members area If anyone received a link like this, dont use it http://www.diamondcs.com.au/processguard/index.php?page=login Please use the URL ending in MEMBERS http://www.diamondcs.com.au/processguard/index.php?page=members |
|
#7
November 29th, 2003, 11:36 PM
|
||||
|
||||
|
Re:Process Guard v1.100 Released!!
I get so confused sometimes.
PG has a forum here, Has a free version which only allows one app protection or you can buy the ful version and get unlimited app protection but it still is not offered on the main DCS site. I always wonder how a product can be for sale and not be released yet? con |
|
#8
November 30th, 2003, 02:15 AM
|
||||
|
||||
|
Re:Process Guard v1.100 Released!!
Just visit http://www.diamondcs.com.au/processguard/ and click on buy
The main site is central and like the new central members area has complications, but the members area works already (shows what products you bought) We are updating it still ! The priority is only the program to us, getting it out and seeing if you like it. Priority is not in any marketing of it. Internet shipped software undergoes changes for example and will improve in just 1 or 2 more slight revisions as Port Explorer did. And by design, this isnt a program which we will need to add a lot of features to. |
|
#9
November 30th, 2003, 09:28 AM
|
||||
|
||||
|
Re:Process Guard v1.100 Released!!
Thanks Gavin
I had tried the free version but couldn't find the personal version. I guess all I had to do is ask , right? I don't always follow all the threads so I don't see all the download sites. I looked in the PG forum but didn't see the full version listed. My New Years Motto is to be less impatient  Sorry con |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
