PrevX vs Process Guard

Discussion in 'ProcessGuard' started by Atomas31, Sep 8, 2004.

Thread Status:
Not open for further replies.
  1. Atomas31

    Atomas31 Registered Member

    Joined:
    Sep 7, 2004
    Posts:
    923
    Location:
    Montreal, Quebec
    Hi,

    I hear a lot about Prevx so my question is : Does Prevx is the same thing than Process Guard? What are the differences?

    Thank you,
    Atomas31

    PS : I am the only one who Process Guard, when protection are on, screw my system (system frequently freezes, no application would open after a certain time and not even beeing able to shutdown or reboot my computer by the start menu, other scan freezes when scanning (for exemple, the cleaner), etc.). In fact, I can wait for the new version and hoping it will work this time in my system (Windows XP (french) with SP2)!
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Atomas31, They do quite different things, Process Guard protects prcesses at the lowest level possible, I do not believe that Prev X does this though I am not familiar with prev x.

    I am sure a Prev X user will add their comments :)

    Were you using the trial version of Process Guard?

    The new version og Process Guard will be released in the near future with many issues resolved.

    HTH Pilli
     
  3. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Although Process Guard and Prevx cover some of the same areas of protection, they are very different programs. Prevx acts more like a firewall for within your system, asking you to allow or deny certain actions, most of which involve writing or modifying files. For instance they both have the ability to block drivers from being installed, but where Process Guard simply stops any drivers from being installed, Prevx will alert you (and ask you to allow or deny) when something tries to make or modify that type of file in the Windows (or system) directory, it will also do that for executable and DLL files. On the whole, however, Prevx blocks specific actions taken by many/most spyware, malware, worms, and trojans and Process Guard protects the integrity of processes that are already running. In my experience they work very well together, use PG to protect Prevx!

    edit: I don't know what the lowest level is, but Prevx does run as a service.
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    A Quote from DCS: Process Guard is made possible by a kernel-mode driver that securely controls process-to-process access in a relatively simple but technically efficient, safe, and secure manner.

    I'll leave DCS to answer the technical stuff :)

    A good test is to use Advanced Process Termination available from here:
    http://www.diamondcs.com.au/index.php?page=products
    Try it against any non Process Guard protected program and see what happens.

    Some programs can protect themselves quite well including, ZA pro, KAV 5 & Sygate 5 Pro

    HTH Pilli
     
  5. Atomas31

    Atomas31 Registered Member

    Joined:
    Sep 7, 2004
    Posts:
    923
    Location:
    Montreal, Quebec
    So, if I understand well : they simply don't watch the same thing in my system! And, in consequence, I could probably use both of them (sic!) without any problems?

    But, the fact is that I had so much trouble with my paid version of Process guard that I have to disable all is protection, so my system could run smoothly and without any trouble of any kind!

    Thank you for all your answer, it is very instructif :)
     
  6. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    Process Guard is low level process protection; Prevx is generic intrusion prevention (I assume it does some sort of behavior monitoring?). Prevx also monitors registry, memory, & dll's.
    That's as simple as I can put it. I have them both running together on one machine (along with TDS-3, NOD32 trial, & Jetico FW).
     
  7. bf_

    bf_ Guest

    Prevx works lowlevel as process guard.
    It cosits of 3 components:
    Kerneldriver, userland-service and gui
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi bf-, It may do but it does not offer the same level protection as Process Guard for running processes. Try Advanced Process Termination as posted above.
     
  9. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    Prevx is a host based IDS/IPS, it really has nothing in common with PG. I use PG to protect Prevx.
     
  10. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    me too just in case ;)

    that is really what I want to say: I do believe THERE IS NO PROGRAM YET like processguard but I do believe if the pro is released... this is just the FREE home app.
    processguard rules but prevx too for a lot ...
     
  11. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    The way I see Process Guard is that it protects your system, does it securely, whilst not asking 100 questions. Once you have it setup correctly you don't really have to do anything else with it, except answer the odd new execution attempt every now and then.

    The best thing with Process Guard is that it is nigh on impossible to get around it, the next version amplifies this protection even more than the current public build, but I really think that is important to make sure your system cannot be compromised. For me, if I had to choose between a product which did protect the system well but if something targetted it, it would stop doing it's job and a product which protected the system well and could not be removed, I know which one I would pick.

    With Process Guard you can really protect your system, so if you need some extra "security" features it doesn't offer, you can go and use an insecure product to get those features WHILST maintaining security on your system. So as some people have done, you can get the best of both worlds. I think that is another benefit of having Process Guard installed.
     
  12. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Prevx' focus (regarding methods of protection) is totally different than Process Guard, so I seriously doubt that it will really be competing with it. Prevx compares more with generic anti-virus programs like Principal and Invircible, those two programs won't be stealing PGs sales anytime soon either. Personally I think the Prevx and PG combined make for the best protection available. Prevx Pro looks like it will be a more configurable version of the home, for those that need/want greater control of how it protects their system, but it still won't compare to PG.
     
  13. LM1

    LM1 Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    34
    Judging from the dates of the previous discussion, this discussion seems to focus on the relationship between PrevX and PG 2; now that PG 3.0 is available, have things changed? More specifically:

    1. Does a combination of PG 3.0 free version and PrevX resolve all security problems?

    2. Does PG 3.0 full version obviate the need for PrevX?
     
  14. MEGAFREAK

    MEGAFREAK Registered Member

    Joined:
    Jul 8, 2003
    Posts:
    51
    Pg2free is more safe for unskilled user then pg3free because it blocks keyhooks, in my opinion the biggest danger.
    (pg2free has the better layout)

    Those Buffer Overflows can be prevented by using PrevX.

    PrevX ist not really good for standalone use, to less options only secure against main Run entries and not special Registry Run entries.

    PrevX ist a good add-on but nothing more.
     
  15. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    While the free version of PG2 can do this, in practice you will likely have to disable this protection to allow any special mouse/keyboard/touchpad drivers to work (since they all use hooks). The full version of PG allows you to exempt these from the global block but the free one allows only one program exception (which is better reserved for a firewall in my view).
    I'm a little puzzled at attempts to compare PrevX with Process Guard - they really do cover different things. PrevX vs. System Safety Monitor might be a more interesting debate. :D
     
  16. MEGAFREAK

    MEGAFREAK Registered Member

    Joined:
    Jul 8, 2003
    Posts:
    51
    This is not true, PrevX has a pretty similar function like process guard the driver installtion prevention e.g., so you can compare ;-)
     
  17. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi MAGAFREAK, P2K is correct in saying the prevX and SSM are more comparable.
    ProcessGuard does not do registry protection as prevX & SSM, PG only protects a very limited set of keys by blocking them not by monitoring after the event.
    ProcessGuard protects processes from being interfeared with or from closure by any means apart from direct human intervention. ProcessGuard also prevents any executable running without confirmation from the user.

    As an example. Try using Advanced Protection Termination against any of the programs that are protected by prevX andd SSM then try against processes protected by PG full.
    There are few programs that do offer kernel mode protection but only for their own processes, KAV 5 ans Zone Alarm come to mind.

    Therefore the feature sets are quite different and I am prepared to accept that they are both useful when used together as part of a layered defence

    Pilli
     
  18. MEGAFREAK

    MEGAFREAK Registered Member

    Joined:
    Jul 8, 2003
    Posts:
    51
    lol, PrevX copy your PG3 Full and PrevXhome is for free so people who don´t have pg3full could easily make their full version while using pg3free+prevx(new version)+antihooker.

    The new PrevX has Physical Memory Protection for free so the feature people pay actually for can be received for free with the new PrevXhome version.

    They getting more and more closer to pg3full.
     
  19. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    They will be playing catchup for quite a while, let me tell you. :)

    The free version of ProcessGuard in my opinion is more secure than PrevX, I can easily remove PrevX from the system programmatically (ie like a virus/malicious software would) whereas I cannot do that to ProcessGuard. That is only one of many issues, but in my opinion it is one of the biggest ones. Not to mention they are trying to cater for a different "norton style" market and are not really offering advanced features which aid in protecting systems.

    PrevX has a long way to go and it seems they are gearing up to not be a totally free product in the future.
     
  20. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I really don't think Prevx's "Physical Memory Overwrite" protection is the same thing as PG's "Physical Memory Protection" PG will block access to physical memory all together, where Prevx just catches something trying to overwrite something else in memory. Not the same thing.

    Prevx is mainly file system level protection with some limited memory protection (almost entirely buffer overflow protection), it protects files from being added/modified/deleted in/from certain locations for the most part. PG, on the other hand, protects stuff in memory (as opposed to on the hard drive) and prevents anything from being able to subvert that protection. Although I really like Prevx, I would in no way trust it to do anything that PG does.. at all.. whatsoever.. because it's a totally different product with a different scope of protection using different methods. This is why I recommend using PG to protect Prevx, they fit together quite well without much overlap. Prevx is great but it's not gonna replace PG.

    LM1: I don't think PG is a complete replacement for Prevx either. Prevx will save you from a lot of nuisance type stuff, especially spyware. I use Prevx to protect against the less dangerous stuff, and PG to protect against the real nasties.
     
  21. pIMp

    pIMp Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    13
    I really don't understant ppl still comparing Prevx with PG.
    As Notok said, the one is mainly filesystem based, the other one
    process based.
    Prevx complements alot what PG doesnt have and vice versa.
     
  22. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    prevx isn't a tenth of Processguard...
     
  23. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Infinity, They are two non comparable programs and I think enough has been said, so I shall close this thread very soon.

    Pilli
     
Thread Status:
Not open for further replies.