Process Guard Default Settings

Discussion in 'ProcessGuard' started by HoLmEc, Oct 7, 2004.

Thread Status:
Not open for further replies.
  1. HoLmEc

    HoLmEc Registered Member

    Sep 30, 2004
    Ive got PG 2.0 Free version and I'd like to know if it protects explorer.exe and other windows components which usually get infected by worms in order to autostart(included as default, so I dont have to add). So am I protected against Beast Trojan? Or is it only included in the licensed version? Plus, I got KAV PRO 4.5 n Kerio 2.15 which one is more recommended to protect, since I can protect only one?

    Thanks in advance
  2. Andreas1

    Andreas1 Security Expert

    Jan 29, 2003
    Mainz (Ger)
    about the beast trojan, I am not sure - maybe someone who knows the free version better than I do can shed light on this (but if there is a list of default windows processes that are protected, then I think you should be fine).

    about which app to protect: I'd suggest protecting the firewall. Then at least nothing can leak out and often firewalls provide some additional protection as well. (No k.o.-reason, other people may prefer to protect their AV, esp. since it's Kaspersky which is supposed to catch a couple of trojans as well.)

  3. Pilli

    Pilli Registered Member

    Feb 13, 2002
    Hampshire UK
    Hi HoLmEc, As Andreas says, protecting your firewall is probably your best bet, besides the trial version only allows you to add one protected process and KAV requires two. KAV is also much better guarded than Kerio 2.1.5 anyway.

    Most Trojans require to be loaded so Process Guards checksumming will inform you if any new .exe tries to start.

    Regarding the "Beast" ensure that you have all your OS's critical updates and that your other security software is fully updated with the latest definitions.

    Installing Process Guard on an already infected machine is NOT recommended.

    HTH Pilli
  4. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Feb 10, 2002
    Perth, Western Australia
    Older versions of Beast would be blocked if you chose to protect Winlogon.exe, but guaranteed protection would only be possible with the full version. This is because new trojans are much more configurable. The best protection against these sorts of trojans is to protect all programs which have firewall access, thus they cant be hijacked to bypass the firewall
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.