Process Guard v2.000 Released!!!

Discussion in 'ProcessGuard' started by Jason_DiamondCS, Mar 25, 2004.

Thread Status:
Not open for further replies.
  1. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    http://www.diamondcs.com.au/processguard/

    Registered Members of Process Guard can log into the members area to download the free update of the full version :-
    http://www.diamondcs.com.au/processguard/index.php?page=members

    The free version of Process Guard has also been updated and can be downloaded at Process Guard's homepage.

    The following is a list of some of the things changed since v1.300

    [PROGRAM AND SERVICE CHANGES]
    -Added Execution Protection which allows users to control which programs get run on their system.with a simple confirmation when a program is run. This can detect changes in executable files using MD5 checksums.
    -Now switch to the DiamondCS Secure Desktop when Execution confirmation is requested.
    -Added Execution attempts to the Window and File Log.
    -Added Learning Mode to Execution Protection which automatically allows all files you run.
    -Added Block All New and Changed Files to Execution Protection which stops any new files and any old files which have changed from being executed.
    -Enhanced GUI and seperated it into 3 windows using buttons to switch between sections
    -Added 5 colour schemes which affect the appearance of the interface and can be changed by the user.
    -Double clicking on an item in the Program Protection and Program Checksum sections now displays the properties of the file.
    -Added ability to lock Process Guard's interface protecting it from changes from humans and malicious programs.
    -Now launch help file on first running of Program.
    -Added Process Guard Forum link to the help menu.
    -Changed "Disable All Protection" to "Protection Enabled" which gives a more natural response to something being ticked in a menu.
    -Added program icons to the Program Protection and Program Checksum section to increase visual appearance.
    -Now allow columns to be moved in Program Protection section.
    -Changes to the helpfile to reflect new features and also add more information to the rest.
    -Renamed PG_MSGprot.exe service to DCSUserprot.exe and made several internal changes for the upcoming TDS-4 based products.
    -Recoded the entire structure of Process Guard so that procguard.exe no longer has any access to Process Guard's files but needs to interact with the dcsuserprot service to gain access.
    -Removed timing issues from startup removing Messages saying that Process Guard could not attach.
    -Tweaked Close Message Handling so it does not popup on most splash screens and certain Delphi/Visual Basic windows.
    -Removed they delay when a program with Close Message Handling loads before Close Message Handling is enabled. It Was ~3 seconds it is now less than 100 milliseconds.
    -Fixed an issue when the service free'd memory whilst it was possibly still being used.
    -Improved Close Message Handling application waiting loop, which resulted in a much improved page fault count and memory usage.
    -Fixed multiple issues in the service when a DOS based pathname was given to it and not expanded into the non DOS based pathname.
    -Changed driver polling method of the service and main program so that Window Logging consumes even less CPU.
    -Changed some items in the free version of Process Guard
    -1000's of tweaks and small bugfixes not mentioned.

    [DRIVER CHANGES]
    -Fixed a possible vulnerability when a parent process has the opportunity to write to the child process allowing code injection (No other software currently blocks this)
    -Added support for blocking executions and various other execution related activities due to added Execution Protection support.
    -Explorer.exe is now allowed to End Task applications regardless of the General Protection Option
    -Fixed Windows 2003 support when Block Global Hooks was enabled
    -Fixed issues with Block Global Hooks not having the correct stack emulation on Windows XP and Windows 2003 operating systems
    -Added a few more filename conversion filters to provide more accurate results
    -Fixed possible issue with extremely long filename reading in certain circumstances
    -Added file protection for pghash.dat (resides in system32 directory) which stores application checksums
    -Increased accuracy of the operating system detection
    -Removed issue whereby Windows sometimes thought the Process Guard driver was still initializing when it was already running.
    -Fixed a few small bugs in the driver attach/detach
    -Increased security between the driver and the dcsuserprot.exe service



    Please help us spread the word of this release. It might also be helpful if you are on a firewall forum to tell people that Process Guard v2.000 can now block a few DLL injection methods that no current firewall can.

    -Jason-
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Here is a screenshot showing the MD5 window and learning mode menu
     
  3. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    :D And another showing the logging with General protection:
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    And finally the Program Protection screen with colour scheme options: :cool:
     
  5. rodsoto

    rodsoto Registered Member

    Joined:
    Mar 18, 2004
    Posts:
    77
    Location:
    Australia
    Hey Pilli! Man this release is absolutely AWESOME!!!! Well done to DiamondCS for a fine release, perhaps the best program on my system.

    Hrmmm I think I will do a review for this
     
  6. Bowserman

    Bowserman Infrequent Poster

    Joined:
    Apr 15, 2003
    Posts:
    510
    Location:
    South Australia
    Just a big congratulations to DCS for yet another brilliant security application....excellent job fellas :D!

    Off to post at dslreports :).


    Best regards,
    Jade.
     
  7. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    Version 2.0 is a WOW!!! :D

    No question a LOT of effort has been expended by Jason, the Beta Testers, et al.

    THANKS VERY MUCH. *puppy*
     
  8. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,451
    Location:
    North Carolina, USA
    Hello all,

    I have been using the free version off and on since the first version. The various versions have always been a little buggy on my system. I have now tried this version playing with all the different settings and it all went great!! So I decided to purchase.... Cannot wait until tonight when DCS gets back to work so I can get my Licence.

    And be warned, I will probably be around with a lot of questions...

    Kudos to DCS on this latest version!!!

    Regards,
    Kent
     
  9. Bowserman

    Bowserman Infrequent Poster

    Joined:
    Apr 15, 2003
    Posts:
    510
    Location:
    South Australia
    Screenshot of the DiamondCS Desktop in action :cool: :D.

    Regards,
    Jade.
     

    Attached Files:

  10. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    TDS3 users will see that, when installed, executive protection doing it's job as each instance is shown in the PG log :)
    Also when updating the DCSmutex.exe will often require re-allowing ;)
     
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    I have to agree. PG 2.0 is fantastic.

    This is going to be a tough act to follow.


    Pete

    PS Love that green. :D
     
  12. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    I like the desert sunset colour scheme Peter ;)

    Thanks for the kind words everyone, they are appreciated.

    -Jason-
     
  13. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Desert Sunset for me too :D

    A huge improvment for sure (PG i mean, not desert sunset scheme ;))
     
  14. Harold77

    Harold77 Registered Member

    Joined:
    Jan 15, 2003
    Posts:
    54
    I love it... the only glitch I saw upon installation was the error message I got upon reboot that BOClean 4.11 faulted and would not load.

    I had to uninstall BOClean and reinstall it and now everything runs fine... I guess I should have shut BOClean down prior to installing the new PG 2.0.
     
  15. Gary Graham

    Gary Graham Registered Member

    Joined:
    Apr 16, 2003
    Posts:
    28
    Location:
    Michigan
    This program is once again stepping out in areas no other program has even thought to try.

    What really gets me is how small this program is. The whole package installer is just over 700k! I do not remember the last time I downloaded something this small. And this one protects your computer more than any three other program.

    Keep at it, DiamondCS !!!
     
  16. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, DCS and Beta Testers

    Not yet Easter and you give us a Christmas Present.

    Thanks again for all your hard work.
    TheQuest :cool: :D :D :D
     
  17. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    My favourite theme :-
     

    Attached Files:

  18. Dardasaba

    Dardasaba Registered Member

    Joined:
    Feb 16, 2004
    Posts:
    38
    Location:
    Israel
    Can I use the pguard.dat file from version 1.3 with 2.0?
     
  19. ReGen

    ReGen Registered Member

    Joined:
    Jan 7, 2003
    Posts:
    61
    Location:
    Scotland UK
    Dardasaba. I think your question is answered here:
    https://www.wilderssecurity.com/showthread.php?t=25693

    Thanks DCS for the production of an excellent program (PG2). I actually feel in control of my own PC again. :)

    One question: Is it possible for a program to execute before the execution protection kicks in (When booting) or is PGs protection always the first to load.

    Thanks again.
     
  20. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Regen, I do not think it is possible as the driver is loaded very early and at the lowest possible level :) providing, of course, that PG is enabled before shutdown

    I have found that quite often during testing and rebooting I get a PG requst before the select user window in XP pro is loaded.

    HTH Pilli
     
  21. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Some Windows services can load before Process Guard, nothing too major, especially since PG can block malicious services from even loading.

    -Jason-
     
  22. ReGen

    ReGen Registered Member

    Joined:
    Jan 7, 2003
    Posts:
    61
    Location:
    Scotland UK
    Thanks for the info Pilli and Jason. Process Guard deserves to do well. :)

    Just one more question: Has PG2 been tested with the new RC1 service pack 2 for WinXP by anyone yet? Are any problems anticipated?

    Thanks.
     
  23. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    He again ReGen, This was asked in the Beta forum and Jason says that SP2 will not effect PG :)
     
  24. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    We have tested Process Guard with XP SP2 RC1, all is well. :)

    -Jason-
     
  25. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    Can somebody please post the default privileged app list for PG 2.000 full? I don't want to remove my datafile to check this, but I am interested if any default privileges changed compared to PG 1.3?
    For example there was a thead about changing the default privileges of svchost.exe.
    -hojtsy-
     
Thread Status:
Not open for further replies.