How well do Spybot/Ad-Aware/Pest Patrol play with Process Guard?

Hello all!

I have posted a similar question to this in the TDS-3 forum regarding TDS-3, but in case the Process Guard software worked radically differently than TDS-3, I thought it prudent to post here.

I have Spybot,Ad-Aware and Pest Patrol installed on my computer to block unasked for installs/modifications, etc. Spybot alerts me when registry changes are going to happen, and Ad-Aware and Pest Patrol both have some kind of similar mechanism as well (at least I *think* they do).

Can anyone with experience with these programs let me know how they work with Process Guard? Is this all overkill?

 

ProcessGuard is preventive rather than a cleaner, it does not use definitions but prevents malware form gaining access, changing your system processes and programs.
Read here for in depth information:
http://www.diamondcs.com.au/processguard/index.php?page=introduction

TDS3 is an Anti Trojan scanner with the ability to prevent Trojan code from running providing you have the full version with Execution Protection installed, it does this by "hooking" opening programs and comparing them to it's very extensive definition files.

ProcessGuard and TDS3 run fine with the programs that you have mentioned.

A layered defence is what Wilders and indeed most security experts advise, so no. it is not overkill

HTH Pilli

 

I have Pestpatrol, Adaware, Spybot, and TDS-3 running with ProcessGuard. The Pestpatrol Memcheck is turned on, but I do not have Adaware's Adwatch running do to some serious problems with it on my system (but these Adwatch problems occurred before I ever installed PG). I have all of the Spybot resident protection turned on. I have no problems scanning with PestPatrol, Adaware, and Spybot as long as they have terminate authority in PG. Everything runs smoothly, overkill or not.

 

I think you'll find that almost all of us here use a layered security model with various applications of our own choosing.

I really do not think there is single stop all solution. Plus it's harder for an exploit to work when security models are so varied. Overlapping features usually mean an exploit will get tripped up somewhere or so the theory goes.

As long as overlapping features do not interfere with other ones it's not problem for me. Sometimes you may have to disable a feature on one app because another apps does it better or interferes with another, but you learn as you go with your own set up what works best for you.

I was reading about one of the latest exploits and exactly how it works and in what sequence. It was interesting to note that at every turn one of my security apps would kick in and stop it as they all do different things at different levels and by different approaches. But of course no one is invulnerable.

Of course you can go too far, but hey it's your machine, as long as it works for you I say go for it. And ProcessGuard is a definate must have on my list.

PS: Plus I simply like the amount of control and customization that ProcessGuard gives over all running processes, even the good ones. You can make an aggressive process play nice by restricting it's rights and abilities.

 

Thank you all. Say rickontheweb or anyone else with AdAware:

Upon starting PG I get alerts about AdAware trying to MODIFY many .exe's (smss, csrss, winlogon, services, lass,
svchost, dcsusreprot, explorer, iexplore, and even pgaccount and procgaurd themselves!)

I am new to this type of PG-style security, so I have a lot to learn.

But do any PG users with AdAware out there know if this happened to them? Is there some good reason AdAware needs all that modify access? I have paid version of AdAwareSE, but even still does that mean we give it full trusted access?

I'd appreciate some interaction with some PG and AdAware users.

Ean

 

Hi Ean, Some programs like AdAware's AdWatch will check what permissions they have, usually with no intention to use them except if they find a problem, personally I would give AdAware or AdWatch the required permissions as they are trusted programs.

HTH Pilli

 

OK, thank you Pilli! Maybe my understanding of "Modify" is wrong, but why would AdAware need to "modify" all those processes? The word "modify" brings to mind like changing something in it's address space or something! Which sounds like something not good to do.

Am I just wrong about that?