I was reading a bit about PG and it seems like a good layer of defense but I am still a bit unclear as to what it actually does and how it protects your computer. Will it prevent Trojans and other malware from being installing or changing registry entries? Is the paid version much better than the free one? Would it be a good supplement to NOD32? Thanks.
Please read this and u will have some idea of what pg does. http://www.diamondcs.com.au/processguard/index.php?page=introduction THE MUL
Hi Matt_Smi & welcome, The free version allows the first four items as follows: Free Features Control application execution Protect applications from unwanted termination Protect applications from unwanted modification & injection Protect applications from unwanted viewing Full Features Block new and changed programs Protect physical memory (prevent operating system vulnerabilities) Block Global Hooks (stops keyloggers and password stealers) Block unwanted driver/service installation (stops rootkit trojans) Block registry DLL injection (stops spyware such as CoolWebSearch) Secure Message Handling (protects applications from messages) Interface Lock (protects from malicious changes and other users) FREE technical support ProcessGuard does the following: Main uses ... Each capability of ProcessGuard is powerful in its own right. For example, a program which simply blocked rootkit trojans from installing would be very valuable in its own right, yet this is just one feature of ProcessGuard! Here is just a brief list of some of the main uses of ProcessGuard: Securing processes from being attacked (terminated, suspended, modified) Controlling which programs are/aren't allow to run Blocking rootkit trojans and other malicious drivers from installing Protecting physical memory from malicious modification Blocking hooks and code injections Determining which programs are being executed on your system Determining which programs are attacking others on your system Analysing the inter-process behaviors of programs Keeping a log of all programs that execute (important for post-infection analysis) Main attacks ProcessGuard blocks ... ProcessGuard protects against so many different types of attacks that it's difficult to combine them all into one list (for example, although it protects against process termination it secures over a dozen different "termination vectors" in order to accomplish this, so really it's protecting you against a lot more than just one attack). Here are the main classes of attacks that ProcessGuard can protect against: Unwanted/unknown process execution Process/service termination Process/service suspension Process/code modification Process/service crashing Rootkit trojan installation Firewall leaktest bypass methods Hooks and code injections Physical memory malicious modifications Windows File Protection attacks User Imitation attacks
Secure Message Handling (protects applications from messages) HI Philli .....could you clear that one up for me.... please
So basically it sounds like it prevents malware from messing with processes among a bunch of other things. It sounds like it would be a good layer of defense to have. Does it run in real time?
Yes it does, ProcessGuard blocks actions rather than just watching them and informing the user that something has chnged after the event. The user has to give explicit permission for the event / action to take place. HTH Pilli