How can I know all the running processes are protected by AD?

How can I know if all the running processes are protected by AD?

I've tried "System Safety Monitor" (SSM) recently. It features a "Process monitor" tab that shows every processes running, and the processes that have no rules setted are highlighted in blue color. (please see the attached image below)

And SSM also features seveal modules that monitor the system registry, startup menu & services.... make sure no process will be launched without user's permission. Even if some processes may run when SSM not running, you can find out these processes in the "Process monitor" tab (highlighted in blue color).

I 've tried AD recently too. It features great performance & stability. I'm very happy with it.

But it seems it doesn't offer a similar feature just like the "Process monitor" of SSM.

If AD doesn't have the "Process monitor" yet, will it have a similar one in future?

 

Re: How can I know if all the running processes are protected by AD?

Hey Dryopithecus,

With AD, ALL the processes are protected via the .DEFAULT rules.

You don't need to have a list of all running processes like in SSM.

Also, you can fine tune the rules how ever you like for each process if that's what you want to do.

And also with AD, you can set it to only allow certain processes to start or be prompted for action everytime a process starts just like SSM.

 

Re: How can I know if all the running processes are protected by AD?

Hi, Suave,

Thanks for your reply, and sorry for my poor english. ^_^

Sometimes, I may turn off AD for some reason and turn it on later. Between the OFF and ON, "trojans" may run. (sorry for my poor english again....)

With SSM, I can easily find the "trojans" in "Process monitor" tab (highlighted in bule color); with AD, it seems not this easy. That's what I really worry about.

Best Regards

 

Dryopithecus, have you tried ProcX ?
It is in the free utilities at GhostSecurity. When you run it, it lists all running processes, and quite a bit of information on each, including a list of the DLLs for each application.

You really should not be shutting down AppDefender, but if you need to, before you do it, startup ProcX, and note what all is running. If anything else starts up, ProcX can kill it for you.

ProcX can also be told to replace Windows TaskManager, so you can bring it up with a Ctrl/Alt/Del keystroke.

Hope that helps.

Gary

 

Hi, Gary,

That sounds great! I will try it at once. Thanks very much!

Best Regards

 

Dryopithecus, Check out all the free GhostSecurity programs.
I think you will be surprised how usefull they will be.

Gary

 

Hey, I was just about to recommend ProcX to him as well

but you beat me to it

 

Re: How can I know if all the running processes are protected by AD?

Hi Suave,

I hope you don't mind me asking a question in regards to statement above. Do you mean because of all the processes being protected by Default automatically, I wouldn't have to play around with any rules?

It sure looks like a nice program!

Thanks

 

All programs are covered with the default rules but the defaults I received are Ask User/Allow. So, if for some reason the user can't be asked, then the program will be allowed its action.

But you can alway change the default rules

 

Thanks Berng, I will have to check it out.

 

Rilla927,

Don't be worried about "playing around with the rules".

You will find that it is real easy to understand.

There is nothing to know really, its as simple as setting it to ALLOW, BLOCK, ASK-ALLOW or ASK-BLOCK.

It can't be any easier than that.