AnswersThatWork.com's The Ultimate Troublshooter

Discussion in 'ProcessGuard' started by blackimp, Oct 30, 2004.

Thread Status:
Not open for further replies.
  1. blackimp

    blackimp Registered Member

    Joined:
    Feb 27, 2004
    Posts:
    5
    Greetings everyone, I am a fairly new user of Process Guard and I like the product. I am also a user of the Ultimate Troubleshooter program by AnswersThatWork and upon updating to v2.36, I read the newest service definitions and suggestions and found this recommendation for the DCSPGSRV. Make your own conclusions:

    "TUT Description

    Usermode Aspect Windows 2000/XP service installed by Diamond Computer Systems' Process Guard (as a standalone product or
    as part of Trojan Defence Suite). This service implements various security features of the above products.

    TUT Recommendation

    Down to end-user preference. We have serious reservations about products like Process Guard as we feel the benefits are marginal
    when compared to the potential pitfalls. While we are prepared to be proved wrong, we believe that a product like Process Guard will
    at most detect 40% of trojan programs out there, which is actually very good. Most importantly, however, the potential problems
    are too serious : for example, we have had many instances of users running Process Guard and not being able to run our own The
    Ultimate Troubleshooter product because Process Guard had issues with it, issues that we could not fathom out. Additionally,
    products like this are, in our opinion, always at the mercy of changes implemented by Microsoft through Windows Update with the
    potential that, one day, you could find yourself with serious compatibility issues. Lastly, many of the defence mechanisms used by
    products like Process Guard are now progressively being introduced into Windows, as part of Windows, starting with Service Pack 2
    as far as Windows XP is concerned - this itself makes such products relatively obsolete in our view. For all these reasons we
    ourselves recommend against such products in most cases apart from PCs which are used frequently to download using file sharing
    programs.".

    That's it, just thought some who don't use The Ultimate Troubleshooter and use PG might find this interesting. I apologize for the format.
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,041
    Hi Blackimp

    My conclusion is it is total rubbish. I have the Ultimate Troubleshooter, and first off I don't remember any conflicts with early versions of ProcessGuard. I say early versions, because I found the Ultimate Troubleshooter, a marginal program, and have uninstalled it in favor of Liutilities Wintask Pro, which i like much much better. Works fine with the latest versions of ProcessGuard. I am currently running it with the final prerelease beta. Works great.

    Pete
     
  3. bch

    bch Registered Member

    Joined:
    Oct 3, 2004
    Posts:
    122
    Location:
    Rochdale, UK
    Am a bit surprised that TUT have taken that line with ProcessGuard as I can't really see how SP2 guards the running processes. The Wintasks programme has added some new features since I last looked at it - being able to prevent any new processes starting without your permission is an excellent idea. It is a bit expensive thought at $49.95, (nearly £30 in real money, lol, I'll have to save up).

    With further regard to running processes, I've looked high and low for a simple programme that shows the number of processes running as a systemtray icon/number. The nearest I've come is CoolMon. I know exactly how many processes I should have running after the computer has started and during use. It seems such an obvious security benefit but, as I say, I cannot find such a programme. You can't spend your life opening TaskManager to have a quick peek.
     
  4. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, blackimp

    If they trust Windows to look after their Securtiy good luck to them.

    And why do they make a Program of any kind, if they have such faith in Windows.

    Take Care,
    TheQuest :cool:
     
    Last edited: Oct 30, 2004
  5. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    TUT misses a running HackerDefender rootkit (hxdef073.exe) with a hidden Remote Administrator server (r_server.exe) on XP SP2. PG would have caught the rootkit installation at several levels. I would go with PG despite their "recommendation".

    Nick
     

    Attached Files:

    • tut1.gif
      tut1.gif
      File size:
      24.3 KB
      Views:
      440
  6. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, nick s

    TUT also so does not says the benefits of SP2 protection is hardware based, ie the newest CPU's which only a few are supported at the moment, and might switch TUT off as suspicious.

    Take Care,
    TheQuest :cool:
     
    Last edited: Oct 30, 2004
  7. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    Hi TheQuest,

    Correct. I also question the statement: "While we are prepared to be proved wrong, we believe that a product like Process Guard will at most detect 40% of trojan programs out there, which is actually very good." PG does not detect or claim to detect trojans. It detects trojan behavior.

    Nick
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    TUT
    Hmm, No comment
     
  9. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Very interesting.. but complete misinformation. ProcessGuard is completely standalone, not part of Trojan Defense Suite. DETECTION of trojan programs is exactly the opposite of the reason for ProcessGuard. ProcessGuard is all about blocking of infection and attack techniques used by the latest and future trojans.

    As for 40%, that is rather understated in my opinion, and is not a statement by us. The real figure is impossible to estimate or measure since trojan usage is, by definition, unknown and stealthy. What a system protected by ProcessGuard gets is guarantee that all new trojan variants which use these attack methods will be stopped. This is especially important for 0day attacks and unknown malware, which can't be stopped by any other method except for heuristics, which are never 100% foolproof.

    If they have problems they should contact us. ProcessGuard is compatible, thats for sure, as others are showing. I dont know what issues they are having, but they should be easy to resolve.
     
  10. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    That description sort of makes me laugh in a way. It's like they took a marketting guy to analyze ProcessGuard and then come up with that. :)

    ProcessGuard v3.00 should solve many of the earlier compatability issues, so if there were issues with this program they should be gone in this next release.
     
  11. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    I agree Pilli. It would appear that because their product TUT "might" have problems with PG, they are simply blaming PG without really knowing the facts.

    nick_s - what font are you using for TUT on the screenshot you posted in this thread ? Much nicer than the standard font!
     
  12. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    I've never used the Ultimate Troubleshooter, but I have tried Wintasks and I think TaskInfo 2003 blows Wintasks away, how does TUT compare to TaskInfo ?
    Anybody have any other opinions on TaskInfo 2003 ?


    TUT is so wrong about ProcessGuard :rolleyes:
     
  13. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I wonder how long they spent trying to get PG to scan? LOL
     
Thread Status:
Not open for further replies.