What is "Modify Protected Applications"?

Discussion in 'ProcessGuard' started by Doc Luther, Jun 27, 2005.

Thread Status:
Not open for further replies.
  1. Doc Luther

    Doc Luther Registered Member

    Joined:
    Jun 11, 2004
    Posts:
    5
    Location:
    Washington, D.C.
    By default, all applications automagically (i.e., Learn mode) added to the PG Protection Tab are protected from "Termination + Modification" but are also authorized to "Modify + Read" all protected applications. The PG documentation states:

    "Modify protected applications - By ticking this the application will be able to modify other applications which are protected by ProcessGuard."

    It would then appear that all listed applications are protected from being modified by other applications, but theses applications are also authorized to modify all other "protected" applications. :doubt:

    Yes? Then this appears to be a somewhat circular and useless rule. Why would one protect an application from being modified by another application but also allow all other applications to modify the protected one? o_O

    And what exactly does it mean for an application to "modify" a protected application?

    TIA!
     
    Last edited: Jun 27, 2005
    Doc Luther, Jun 27, 2005
    #1
  2. Inf.

    Inf. Guest

    Hi Luther :) Welcome on the forum.


    First of all: some good questions you asked. But they are all answered pretty soon unless you come up with another question .. :)

    And by default, all applications automagically added to the PG Protection Tab are protected from "Termination + Modification" but are also authorized to "Modify + Read".

    Applications protected from "Termination + Modification" .. you gave the answer allready: that has been coded from the very begin. that's the default to say it simply. (I don't think I could say it anyway :D)

    BUT..

    Processes that have BY DEFAULT the right to "Terminate and Modificate" that's default to cause otherwise your system would just hang all the time cause it would freeze.

    every exe is different cause it has been treatened by all kind of exe's and dll's...there is just no way to give all notepad.exe the same hash (crc or md5) cause it's all different... the source can be ok, but everything except the source can be modified... even the source can be modified for the same money :)
     
    Inf., Jun 27, 2005
    #2
  3. Doc Luther

    Doc Luther Registered Member

    Joined:
    Jun 11, 2004
    Posts:
    5
    Location:
    Washington, D.C.
    Thanks, Inf, for the quick reply. I've re-stated the original post because it appears that I wasn't clear in my original question.
     
    Doc Luther, Jun 27, 2005
    #3
  4. Inf

    Inf Guest

    Good questions you ask Luther.

    that's the question for a lot of applications like Adaware, Opera (installs a driver :D) and games and whatsoever (even ati drivers...)

    some processes needs sometimes to modify things (updates, writing to some folder and therefor changing the MD5 hash...

    whenever the hash changes...it will get altered...so it needs to get modified...better to get altered by protected app.

    ...that is the whole discusssion after all: you need to install PROCESSGUARD and REGDEFEND (and for the whole truth: ssm and the other one :)) on A CLEAN SYSTEM ... so the exe's changes the other exe's are from a good and clean base :)

    .. I hope this gives you a clue: a lot of processes on a deeper level will change other processes...because of the influence so to speak.
     
    Inf, Jun 27, 2005
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...