How well do Spybot/Ad-Aware/Pest Patrol play with Process Guard?

Discussion in 'ProcessGuard' started by goodnewscowboy, Jan 8, 2005.

Thread Status:
Not open for further replies.
  1. goodnewscowboy

    goodnewscowboy Registered Member

    Joined:
    Jan 6, 2005
    Posts:
    6
    Hello all!

    I have posted a similar question to this in the TDS-3 forum regarding TDS-3, but in case the Process Guard software worked radically differently than TDS-3, I thought it prudent to post here.

    I have Spybot,Ad-Aware and Pest Patrol installed on my computer to block unasked for installs/modifications, etc. Spybot alerts me when registry changes are going to happen, and Ad-Aware and Pest Patrol both have some kind of similar mechanism as well (at least I *think* they do).

    Can anyone with experience with these programs let me know how they work with Process Guard? Is this all overkill?
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    ProcessGuard is preventive rather than a cleaner, it does not use definitions but prevents malware form gaining access, changing your system processes and programs.
    Read here for in depth information:
    http://www.diamondcs.com.au/processguard/index.php?page=introduction

    TDS3 is an Anti Trojan scanner with the ability to prevent Trojan code from running providing you have the full version with Execution Protection installed, it does this by "hooking" opening programs and comparing them to it's very extensive definition files.
    ProcessGuard and TDS3 run fine with the programs that you have mentioned.

    A layered defence is what Wilders and indeed most security experts advise, so no. it is not overkill :)

    HTH Pilli
     
  3. finiteman

    finiteman Registered Member

    Joined:
    Jan 4, 2003
    Posts:
    6
    I have Pestpatrol, Adaware, Spybot, and TDS-3 running with ProcessGuard. The Pestpatrol Memcheck is turned on, but I do not have Adaware's Adwatch running do to some serious problems with it on my system (but these Adwatch problems occurred before I ever installed PG). I have all of the Spybot resident protection turned on. I have no problems scanning with PestPatrol, Adaware, and Spybot as long as they have terminate authority in PG. Everything runs smoothly, overkill or not.
     
  4. rickontheweb

    rickontheweb Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    129
    I think you'll find that almost all of us here use a layered security model with various applications of our own choosing.

    I really do not think there is single stop all solution. Plus it's harder for an exploit to work when security models are so varied. Overlapping features usually mean an exploit will get tripped up somewhere or so the theory goes.

    As long as overlapping features do not interfere with other ones it's not problem for me. Sometimes you may have to disable a feature on one app because another apps does it better or interferes with another, but you learn as you go with your own set up what works best for you.

    I was reading about one of the latest exploits and exactly how it works and in what sequence. It was interesting to note that at every turn one of my security apps would kick in and stop it as they all do different things at different levels and by different approaches. But of course no one is invulnerable.

    Of course you can go too far, but hey it's your machine, as long as it works for you I say go for it. And ProcessGuard is a definate must have on my list.

    PS: Plus I simply like the amount of control and customization that ProcessGuard gives over all running processes, even the good ones. You can make an aggressive process play nice by restricting it's rights and abilities.
     
    Last edited: Jan 8, 2005
  5. Ean

    Ean Registered Member

    Joined:
    Jan 29, 2005
    Posts:
    23
    Location:
    LA, CA
    Thank you all. Say rickontheweb or anyone else with AdAware:

    Upon starting PG I get alerts about AdAware trying to MODIFY many .exe's (smss, csrss, winlogon, services, lass,
    svchost, dcsusreprot, explorer, iexplore, and even pgaccount and procgaurd themselves!)

    I am new to this type of PG-style security, so I have a lot to learn. :)

    But do any PG users with AdAware out there know if this happened to them? Is there some good reason AdAware needs all that modify access? I have paid version of AdAwareSE, but even still does that mean we give it full trusted access?

    I'd appreciate some interaction with some PG and AdAware users.

    Ean
     
  6. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Ean, Some programs like AdAware's AdWatch will check what permissions they have, usually with no intention to use them except if they find a problem, personally I would give AdAware or AdWatch the required permissions as they are trusted programs.

    HTH Pilli
     
  7. Ean

    Ean Registered Member

    Joined:
    Jan 29, 2005
    Posts:
    23
    Location:
    LA, CA
    OK, thank you Pilli! Maybe my understanding of "Modify" is wrong, but why would AdAware need to "modify" all those processes? The word "modify" brings to mind like changing something in it's address space or something! :( Which sounds like something not good to do.

    Am I just wrong about that?
     
Thread Status:
Not open for further replies.