Previous Protection with PG v3?

Discussion in 'ProcessGuard' started by Baldrick, Sep 20, 2004.

Thread Status:
Not open for further replies.
  1. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    Hi there o_O

    Having been following the threads on the new version of Process Guard with interest. Have downloaded the public beta and was about to uninstall v2, install v3, etc. taking care to delete the elements as advised in the threads when it dawn on me tat I have seen nothing relating/referring to (i) whether or not you can keep your prevoius protection rules & checksums or whether you have to effectively start again, and (ii) if you can keep them, how you achieve this?

    Are there files to be copied away and them replaced in the key folders, etc.
    If anyone out there can answer this question (assuming that it is not a silly one) then I would be most grateful.

    Best regards



    Baldrick :D
     
  2. Tatersalad

    Tatersalad Registered Member

    Joined:
    Mar 24, 2004
    Posts:
    76
    Baldrick,

    No, the pguard.dat, pghash.dat files are not compatable with v3. But the good news is v3 it's much easier to configure.
    Learning mode learns everthing now, so be careful :rolleyes:
     
  3. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, Baldrick

    No you can not use any thing from PG v2.0, there is a post about it in the PROCESSGUARD V3 thread start by INFINITY

    Take Care,
    TheQuest :cool:
     
  4. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    Hi Baldrick.

    Unfortunately the format in which the new version stores its data is fundamentally different from the previous one - and there's no conversion option.

    However, the new learning mode is very powerful - the programs that you launch while in learning mode are not only added automatically to the security/checksumming list, but also to the protection list. And all the privileges these programs are requesting, they will be granted (in learning mode).
    So you launch your common apps and they will be added to the protection list with good default privileges. When an app, say needs to install a global hook, the default privileges are extended for this app to cover that privilege as well. When you are done with running those apps (I have 125 now in my protection list, after having removed some - and it took me some 20 minutes or so to launch them all), you reboot or exit learning mode otherwise and your new settings are fine. Maybe - but only if you're perfectionist there - you can do some hand-tweaking to narrow your settings down a bit, but you will already have a setup that will hardly ever bother you.

    HTHH,
    Andreas
     
  5. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    Hi there All :rolleyes:

    Many thanks for taking the trouble to respond. Obviously missed the bit about lack of compatability between v2 & v3. Sounds as if Learning Mode is pretty powerful but that it may be wse to do a full Anti Virus, Trojan & Spyware scan before enabling it.............just in case anything has crept in, or to go to it manually which will take quite a while I suspect.

    I will have a think about this one.

    Best regards



    Baldrick :cool:
     
  6. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    That's a thing you should do anyway. PG can't protect you from malevolent drivers that have been installed already. (Or if it does, then only because that particular piece of malware doesn't make use of the advantage of having been installed prior to PG.) Much of the security you gain by having PG on your comp depends on it being installed on a clean machine, so you should be taking all possible steps to make sure of this.

    Probably you knew that, but it can't hurt to have it mentioned once more. ;)

    CU,
    Andreas
     
Thread Status:
Not open for further replies.