I'm thinking about including PG on my security suite, but I'm a bit confused how this can be handled, and if it will not conflict with my already installed software. I'm already running Prevx, and Outpost, with the component controle feature,. The first think that made me think about PG, is that I got my firewall, and my AV shotdown, while I was connected. Regards
Hi Jermey2 and welcome, Many users use ProcessGuard to protect their important processes, epecially AV, AT & firewalls. I am not sure if the latest PrevX has kernel mode protection but I do know that it much more of a resource hog than ProcessGuard. Notok may reply to this thread as he is a PrevX beta tester I believe and may be able to give you specific guidance. HTH and enjoy your weekend. Pilli
Although Prevx does run at a low level, it doesn't protect itself as well as PG can. I have not had any compatibility issues with PG and Prevx together, and enjoy running both. As far as resources, Prevx doesn't use a lot of memory or CPU, however I've recently discovered it's buffer overflow protection can slow things down because it checks things before they are allowed access to memory. It's up to you, of course, to decide whether the performance hit is worth the protection or not, but keep in mind that the only REAL buffer overflow protection requires SP2 and a processor that has the NX feature (which is only the AMD 64bit processors right now.) PG's Physical Memory protection is also far more comprehensive than Prevx', I've seen plenty of alerts from PG on that, but never with Prevx. I say go for both if you can, you won't be disappointed.. together they cover a LOT of ground
Thanks for the clarification between prevx and PG. What about the interaction between the component controle feature of outpost, and PG. Can I just disable the feature on outpost, and make PG take care of it?
Yep, many people have a firewall, an anti-virus, etc etc, but aren't aware that their security programs can be effectively rendered useless if a trojan chooses to terminate/destroy them (or subtly modify them so that changes aren't known to the user) - security software can only do its job when its running, and indeed there are many trojans with anti-AV/anti-AT capabilities. ProcessGuard is the security layer that secures other security layers (including firewalls, anti-virus etc), so ProcessGuard as one program is all you need to protect all of your other programs from such attacks (not to mention the various other attacks it helps prevent such as password stealing, rootkit infection, Windows File Protection attacks, and so on)
Hi Jeremy2, I run PG with OP and have had no problems with Component Control (normal level) and Open Process Control enabled. Nick
If I do disable both component Control, and Open Process Control in Outpost, as I think it's not his job, Will PG take care of this two functionnality?
Wayne, Could you provide a bit more information on the mechanisms that PG uses to protect against Windows File Protection attacks ? From the little research I have done so far, it seems like there is the "old" way of doing it that PG protects from, a newer (and fairly lame) way of doing it by duplicating filedescriptors from winlogon and by using API's to work in the same way as Windows Update. See this thread for more info I'd be really happy to hear that PG protects against all 3 Thanks NB: I don't know of anything else that protects against Windows File Protection attacks either, so PG is ahead of the pack IMO....
Jason, I didn't see you make mention of the API in your answers... I'll go and check again [Edit: It looks like the use of the API's is still an outstanding question, see here where I'm asking specifically about the API method (to emulate what windows update does) ...]