NEW RELEASE: Process Guard v3.0

Discussion in 'ProcessGuard' started by Jason_DiamondCS, Sep 20, 2004.

Thread Status:
Not open for further replies.
  1. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    HOT OFF THE HARD DRIVE!
    We're pleased to announce the highly anticipated release of Process Guard version 3.0 - the most advanced kernel & process protection system available for Windows. Now made even easier to use, the user interface has been completely redesigned. However, while ProcessGuard v3.0 is now easier to use it's actually even more powerful than before. Important breakthroughs in our research, dozens of driver optimizations and an enhanced architecture all combine to make PGv3 one of the strongest security systems ever made.

    This is a Public Beta and is available only to registered Process Guard users (click here to register). ProcessGuard registration is one-off, so all existing registered users are entitled to upgrade for FREE! Our beta team has tested ProcessGuard v3.0 relentlessly so we aren't anticipating any problems, but if you do encounter any issues please email processguard@diamondcs.com.au - thanks. This public beta contains everything except the helpfile which is still being worked on. Other than that, it's the complete package.

    To download, log into the Members Area, from where you'll 1) be able to download ProcessGuard v3.0, and 2) be able to retrieve your serial which you'll need to 'unlock' the program so that it can be used. If you have an older version of ProcessGuard on your machine you'll need to uninstall that first and reboot before installing ProcessGuard v3.0 . After downloading and installing ProcessGuard v3.0 you'll be asked to enter your unlock serial (from the Members Area). That's all there is to it - your system is now secured against a vast array of attacks, including rootkit installation, process termination, modification, DLL injection, and much more.

    We look forward to your comments, and we hope you enjoy the program! Feel free to post screenshots if you want in the screenshot thread.

    The DiamondCS Team
     
    Last edited: Sep 20, 2004
  2. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Some of the new features in ProcessGuard v3.000 include :-

    * A completely new way of handling alerts. Now you only get alerted when the events happen, rather than when they possibly may happen.
    * Reduced complexity of adding protection to programs by minimizing the privileges to Terminate, Modify and Read.
    * New, easier to use interface.
    * New global hook blocking method.
    * New execution protection method, works across multiple user accounts.
    * New Learning mode which learns a lot more now.
    * Physical Memory Protection (protects ProcessGuard and your system from physical memory attacks).
    * Improved close message handling.
    * Many stability and reliability improvements (Driver/Service/GUI).
    * Now blocks all rootkit installation methods.
    * Full Windows XP support, including SP1 and SP2.
    * Full Windows 2003 support.
    * Full Windows 2000 support.
    * Full UNICODE support.
     

    Attached Files:

    • pg3.gif
      pg3.gif
      File size:
      41.5 KB
      Views:
      1,095
    Last edited: Sep 20, 2004
  3. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    After you have uninstalled ProcessGuard v2.0 or whatever you were using previously, make sure pguard.dat no longer exists in your c:\windows\system32 directory.

    It is incompatible with the new version, and may cause problems if the new version finds it there.
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Last edited: Sep 20, 2004
  5. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    I'll be working through the night but if I get a chance I'll post a screenshot of some advanced attacks in action being blocked (rootkit installation being blocked, process terminations, etc)
     
  6. jwcca

    jwcca Registered Member

    Joined:
    Dec 6, 2003
    Posts:
    722
    Location:
    Toronto
    Hi Jason, does this mean that pghash.dat is OK to keep?
    Jim C
     
  7. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    No, the installer will delete that one automatically, which is why I didn't mention it. :)
     
  8. jwcca

    jwcca Registered Member

    Joined:
    Dec 6, 2003
    Posts:
    722
    Location:
    Toronto
    Plus, remind folks to save a copy of their Protection List to make it easier to restore security... JC
     
  9. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Yes, exporting your current list will be helpful if the new learning mode doesn't find all your security programs for you.
     
  10. Bowserman

    Bowserman Infrequent Poster

    Joined:
    Apr 15, 2003
    Posts:
    510
    Location:
    South Australia
    Working great here :D....good work guys.

    Regards,
    Jade.
     
  11. Meed

    Meed Registered Member

    Joined:
    Jul 28, 2004
    Posts:
    16
    When will the free finished, none beta, version be available for dl ?
     
  12. ???

    ??? Guest

    Looks good. Is there any chance to purchase PG directly from DiamondCS (not involving Regsoft)?
     
  13. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    When will the final be released? When at least 99% of the problems people are experiencing are removed, and the suggestions have been added. :)

    You can purchase ProcessGuard through paypal and a few other methods, simply email us at sales@diamondcs.com.au , we can pretty much arrange anything.
     
    Last edited: Sep 20, 2004
  14. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    Thanks DCS, I've been stress testing for some hours now,(with other apps and malware)

    And this program is working great !

    It is better, easier, faster to configure and even safer.
    Hard to believe that the number one security tool could be/has improved !!!

    Congratulations.!!!

    I stayed up all night but it was worth it!

    Now i can go to sleep knowing that there is a good lock on my door (PC)

    ;)
     
  15. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    Not sure whether to post here or start a new thread about odd happenings.
    Whatever, here's one. Fortunately, I never (never) execute a new app without doing a Drive Image backup up - been bitten too many times in the past.

    However, d/l'd and executed PG3. All seemed to be going well until I tried to open the app I keep my passwords in - PasswordSafe.

    Told me I had entered the wrong "safe combination". I know this particular password so well, but it wouldn't have it. Tried several times but that came nearer to hospitalising me than anything else recently.

    So I did a DI restore (wish I had a pound/dollar for everytime that has saved my bacon!) and all was well again.

    I'll wait until the non-beta version is out and hope that all is well then. Possibly if I went through the whole process again it might be different, but I am a bit hesitant about doing so.

    Any ideas?
     
  16. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Oremina, You probably need to add your Safe app (it's main .exe) to the PG protection list and it may need some allows such as global hooks. :)

    HTH Pilli
     
  17. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    Pilli - Thanks for your quick reply. I'll try it again later this evening and do as you suggest- at least I've always got a safe restore point.

    I did not have Password Safe's exe file in my protection list on v2 but I'll certainly give that a try.
     
  18. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    PG3 works slightly diferently in some ways especially regarding global hooks and this could be causing the problem, worth a try anyway, watch the alerts in PG's alert log for guidance.

    Cheers.
     
  19. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    Adding pwsafe.exe to the protection list with install global hooks resolved the problem for me.

    Nick
     
  20. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Cherrs Nick, Hope it works for Orimena as well :)
     
  21. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    Hi nick s and pilli

    Am trying it all again. At the moment I have all 4 Global Protection Options enabled (ticked). The problem I had with PasswordSafe appears to have vanished this time. :D Hope it stays like that but I do not (not) have the pwsafe.exe in Protection either.

    Odd... guess it will all clear up in time as the newness wears off. I am not sure if having all the 4 GPO's ticked is the right way to go and would appreciate some guidance on this at sometime, but all seems pretty quiet for now.
     
  22. Tatersalad

    Tatersalad Registered Member

    Joined:
    Mar 24, 2004
    Posts:
    76
    Lookin good, V3 took less than an hour to configure compared to weeks with V2. Nice job on the learning mode.

    I liked the four boxes rather than the check box to remember this answer though. But thanks for fixin the cursor xp problem on the pop up window.

    The most annoying thing I can find wrong so far is the program checksum list (security tab). You can't change the run options in the list now and double clicking no longer gives you the properties of the executable.

    Thanks DCS
     
  23. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    CursorXP working here as well. And so is BOClean (with Block Global Hooks enabled). Worth the wait. Thanks to DCS and the beta testers.

    Nick
     
  24. redwolfe_98

    redwolfe_98 Registered Member

    Joined:
    Feb 14, 2002
    Posts:
    581
    Location:
    South Carolina, USA
    i installed pg3, but it didn't seem to work, for me.. first of all, it didn't recognize my kerio 2.15 firewall.. i added kerio ie persfw.exe to the protected processes list, but still, when i would test pg3 using "process kill", process kill would kill kerio AND pg3 (pguard.exe, or whatever it was) every time.. i tried it over and over, with various configurations, and every time, those two processes were killed.. the one process of the three listed that "process kill" would not kill was my etrust ez av.. i assume that etrust ez av it has its own protection..
     
  25. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Redwolfe_98,

    The most likely reason the you could kill those processes is because they were running when you enabled Securely handle windows closure.
    You must stop the service or process and restart for close message handling to work. This is because Process Guard needs to inject procguard.dll into the process.
    You can see whether the injection has occurred properly by using programs such as Sysinternals Process Explorer or Faber Toys.

    HTH Pilli
     
Thread Status:
Not open for further replies.