Is Process Guard Safe?

Discussion in 'ProcessGuard' started by worldcitizen, Apr 4, 2004.

Thread Status:
Not open for further replies.
  1. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    I don't believe in blind faith except where DCS are concerned so I bought Process Guard today without even having seen it or tried it.

    I hope my PC boots after I install it when I get the license tomorrow because on 1 or 2 odd occassions low level drivers have corrupted my Windows and I have had to re-install my OS. On my P4 I can't use Agnitum because after I installed it then my pc gave about 10 pop up alerts at the log on menu saying it couldn't find the root folder. This also happened after installing PC XG Pro (tweaking program)

    For some strange reason my pc doesn't like low level drivers. I'm thinking it could be some bios protection issues or a motherboard conflict because I'm using the latest A17 Abit with a chip called Uguru which is a hardware monitoring chip. What I think happens is that when a low level driver tries to install on my pc either the bios rejects it or it is trying to write to the address reserved for the chip and the pc goes haywire. This may be because my pc and motherboard are the latest and some programmers have not yet caught up with the problems yet.

    So I'm keeping my fingers crossed, touching wood and holding my lucky charm hoping that Process Guard doesn't destroy my root folder for I know it is a low level driver that is installed.

    Agnitum didn't say what it was but some people were saying HT can cause problems with low level drivers so I don't know.

    I also read that some people have had trouble booting after installing PG - is this common and how can I avoid it?

    Any help would much appreciated.

    Dave
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    H worldcitizen, I do know that Jason has made corrections for the hyperthreading issues that Outpost & the earlier Process Guard had and that Version 2 is hyperthreading friendly :)

    Whether your new Bios and MB are covered or not? We will have to wait Jason's reply - probably in a few hours - Monday morning Perth time.
     
  3. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, worldcitizen

    I was running AbitEQ untill recently which your Uguru also has as you know and I had no trouble with it. Uguru will be already running before PG starts so it should have no trouble.

    But if you use the Overclock feature's in it you might have trouble, so if you use them I would advise you to disable protection.

    The Bios will not reject a driver as it will not know what drivers are installed on your OS.

    The Bios doe's not take instructions from the OS it is the other way round.

    Abit or alot of good using of of PG :D
    TheQuest :cool:
     
  4. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Yes Process Guard is now developed on a Pentium 4 with HyperThreading and I can confirm it works very nicely on it.

    Some drivers do not expect to be used on multi-CPU systems and have been programmed for only one, a HyperThreading CPU make Windows believe there is 2 CPUs which is why there has been so many issues with these CPU's and drivers.

    At DiamondCS we have 4 multi-cpu test systems along with a number of single cpu based systems and Process Guard works fine on all of them. This does not guarantee Process Guard will work on your machine, but hopefully it will. :)

    -Jason-
     
  5. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Hi everyone and thanks for the posts.

    PG was not what I expected. It installed fine and I was able to boot and had not problems with anything. I was expecting a trashy over-hyped piece of junk glorified by DCS fanatics & extremists but got a quite pleasant and almost thrilling surprise.

    It's all so fast and I feel like I'm wrapped up in a warm blanket watching the footy on a cold winter's day. I started to get this strange feeling of being snug and secure as I noticed PG not allowing anything to run without my knowledge and consent.

    I feel as if I'm wearing stealth armour and carrying WMD Suitcases just in case anyone wants to try anything smart. I've got TDS 3 and NOD 32 as my bouncers.

    Question: Somewhere I read that this should be disabled before doing Windows updates. Is that true and how do I disable it??

    I LOVE this program and at 1st I just bought it because I thought I may as well just for something to do and now it is my very favourite program because it's watching me always and I can feel confident that if anything wants to make trouble high hell will be let loose and I'm not gonna be on the losing side.

    Congratulations on a terrific program DCS.

    I'm very, very happy with Process Guard. It's terrific protection.

    Dave
     
  6. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Jason,

    For your information.

    My PC has had problems with some programs so I didn't know how it would react to PG and was really very concerned.

    Agnitum made it go beserk and I couldn't boot into Windows ever again and their support never told me what to do so I have a 2 year license but am afraid to use it so I use XP firewall.

    I am having no trouble with Process Guard so please note my specs so you know it works on this set-up.



    Intel Pentium 4 2.6C HT (on)
    Abit A17 M/B w Uguru chipset
    IGB Dual Channel DDR Ram
    ATI 9600XT GPU
     
  7. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Jason can you tell me basically what Process Guard will block.

    Will it prevent browser hijackers from trying to install porn toolbars (a problem I used to have) Also many times I get this bt.verifier trojan downloader. It seems to get into the IE temp folder a lot. Will PG prevent these things from running.

    I know it won't block cookies but does it basically block any exe file that tries to execute code? That would include any worms and trojans or viruses that use an execute code?

    What is Process Guard's main weakness or vulnerability?

    Thanks in advance

    Dave
     
  8. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    If you have enabled the Program Checksum feature, i think it should protect you against all of that.
    Basically, when a IE vulnerability is used to upload a malware on your comp which then install his nasty features, the malware must run first in order to annoy you.
    Thanks to Program Checksum, Process Guard will tell you that a new executable trie to run, and will ask you to allow it or not, nothing can run without your knowledge :)
     
  9. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    When I try to execute VBS or HTA files, I choose to "Block Once" wscript.exe or mshta.exe from running when prompted by PG:

    6 Apr 21:43:56 - [EXECUTION] c:\windows\system32\wscript.exe with commandline c:\windows\system32\wscript.exe "c:\windows\system32\pubprn.vbs" was BLOCKED from running
    6 Apr 21:46:02 - [EXECUTION] c:\windows\system32\mshta.exe with commandline c:\windows\system32\mshta.exe "c:\windows\help\tours\windowsmediaplayer\wmptour.hta" was BLOCKED from running

    Nick
     
  10. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Scripts and all other things like them (.VBS / .JS / .HTA /etc) need some process to be running to do what they want, since they aren't actual machine code. In most cases this is the files mentioned by nick s.

    Process Guard controls "EXECUTABLE FILES" from running, it will not cover files that run in other programs like scripts, that is what WormGuard is for. A script file being loaded by a script interpreting program is just like notepad opening a .txt file. Process Guard of course controls which programs can run but it does not control which files these programs can load.

    -Jason-
     
  11. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Jason - I'm really very, very happy with this (PG). I never realised just how powerful it is until now.

    With programs like this it's no wonder DCS have such a strong fan club but no DCS screensavers or wallpaper? When you get up in the world you have to make these things available because your famous.

    Dave
     
  12. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    Yes, of course, and I knew all that. I know the difference between "compiled" and "interpreted". I was combatting the idea that with PG alone, "nothing can run without your knowledge".
     
  13. stevenestrada

    stevenestrada Registered Member

    Joined:
    Apr 13, 2004
    Posts:
    43
    >> Process Guard is now developed on a Pentium 4 with HyperThreading and I can confirm it works very nicely on it. <<

    I can confirm it doesn't.
    Pentium 4, Win XP Pro, updates curremnt

    Lauch new program - not stopped.
    All PG features enabled.
     
  14. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi stevenestrada, Can you please save a copy of your protection list and your text log please, as it may give us a clue as to what is happening in your particular set up.
    Please answer in the your "Feature not working" thread and please include your logs.

    Cheers & Than you - Pilli
     
    Last edited: Apr 26, 2004
  15. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    How do you link a not working feature to Hyper Threading ??

    I thought that the Hyper Threading not compatible softwares was simply causing a BSOD, but may be am I wrong.
     
  16. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,055
    There must be something else, because I am running a Pentium 4 with Hyperthreading and it works fine.
     
  17. stevenestrada

    stevenestrada Registered Member

    Joined:
    Apr 13, 2004
    Posts:
    43
    >> Can you please save a copy of your protection list and your text log <<

    No. The program was removed from the computer some weeks ago.
     
  18. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    stevenestrada,
    I don't mean to interupt this thread, but I must. Why would you remove this program from your computer? I consider this program to be very valuable to ensuring the safety and security of my computer system. It is my opinion that you are not only comprimising the security of your system, but you are also giving up an opportunity to aid in its development. Seems like a poor decision to me, but that is just my opinion.

    P.S.
    I'm not fortunate enough to have a hyperthreading CPU, but PG does work well on my system.
     
    Last edited: Jul 11, 2004
  19. stevenestrada

    stevenestrada Registered Member

    Joined:
    Apr 13, 2004
    Posts:
    43
    >> Why would you remove this program from your computer? <<

    Too many problems with one computer. OK with others.
     
Thread Status:
Not open for further replies.