Process Guard v2.000 Released!!!

http://www.diamondcs.com.au/processguard/

Registered Members of Process Guard can log into the members area to download the free update of the full version :-
http://www.diamondcs.com.au/processguard/index.php?page=members

The free version of Process Guard has also been updated and can be downloaded at Process Guard's homepage.

The following is a list of some of the things changed since v1.300

[PROGRAM AND SERVICE CHANGES]
-Added Execution Protection which allows users to control which programs get run on their system.with a simple confirmation when a program is run. This can detect changes in executable files using MD5 checksums.
-Now switch to the DiamondCS Secure Desktop when Execution confirmation is requested.
-Added Execution attempts to the Window and File Log.
-Added Learning Mode to Execution Protection which automatically allows all files you run.
-Added Block All New and Changed Files to Execution Protection which stops any new files and any old files which have changed from being executed.
-Enhanced GUI and seperated it into 3 windows using buttons to switch between sections
-Added 5 colour schemes which affect the appearance of the interface and can be changed by the user.
-Double clicking on an item in the Program Protection and Program Checksum sections now displays the properties of the file.
-Added ability to lock Process Guard's interface protecting it from changes from humans and malicious programs.
-Now launch help file on first running of Program.
-Added Process Guard Forum link to the help menu.
-Changed "Disable All Protection" to "Protection Enabled" which gives a more natural response to something being ticked in a menu.
-Added program icons to the Program Protection and Program Checksum section to increase visual appearance.
-Now allow columns to be moved in Program Protection section.
-Changes to the helpfile to reflect new features and also add more information to the rest.
-Renamed PG_MSGprot.exe service to DCSUserprot.exe and made several internal changes for the upcoming TDS-4 based products.
-Recoded the entire structure of Process Guard so that procguard.exe no longer has any access to Process Guard's files but needs to interact with the dcsuserprot service to gain access.
-Removed timing issues from startup removing Messages saying that Process Guard could not attach.
-Tweaked Close Message Handling so it does not popup on most splash screens and certain Delphi/Visual Basic windows.
-Removed they delay when a program with Close Message Handling loads before Close Message Handling is enabled. It Was ~3 seconds it is now less than 100 milliseconds.
-Fixed an issue when the service free'd memory whilst it was possibly still being used.
-Improved Close Message Handling application waiting loop, which resulted in a much improved page fault count and memory usage.
-Fixed multiple issues in the service when a DOS based pathname was given to it and not expanded into the non DOS based pathname.
-Changed driver polling method of the service and main program so that Window Logging consumes even less CPU.
-Changed some items in the free version of Process Guard
-1000's of tweaks and small bugfixes not mentioned.

[DRIVER CHANGES]
-Fixed a possible vulnerability when a parent process has the opportunity to write to the child process allowing code injection (No other software currently blocks this)
-Added support for blocking executions and various other execution related activities due to added Execution Protection support.
-Explorer.exe is now allowed to End Task applications regardless of the General Protection Option
-Fixed Windows 2003 support when Block Global Hooks was enabled
-Fixed issues with Block Global Hooks not having the correct stack emulation on Windows XP and Windows 2003 operating systems
-Added a few more filename conversion filters to provide more accurate results
-Fixed possible issue with extremely long filename reading in certain circumstances
-Added file protection for pghash.dat (resides in system32 directory) which stores application checksums
-Increased accuracy of the operating system detection
-Removed issue whereby Windows sometimes thought the Process Guard driver was still initializing when it was already running.
-Fixed a few small bugs in the driver attach/detach
-Increased security between the driver and the dcsuserprot.exe service



Please help us spread the word of this release. It might also be helpful if you are on a firewall forum to tell people that Process Guard v2.000 can now block a few DLL injection methods that no current firewall can.

-Jason-

 

Here is a screenshot showing the MD5 window and learning mode menu

 

And another showing the logging with General protection:

 

And finally the Program Protection screen with colour scheme options:

 

Hey Pilli! Man this release is absolutely AWESOME!!!! Well done to DiamondCS for a fine release, perhaps the best program on my system.

Hrmmm I think I will do a review for this

 

Just a big congratulations to DCS for yet another brilliant security application....excellent job fellas !

Off to post at dslreports .


Best regards,
Jade.

 

Version 2.0 is a WOW!!!

No question a LOT of effort has been expended by Jason, the Beta Testers, et al.

THANKS VERY MUCH.

 

Hello all,

I have been using the free version off and on since the first version. The various versions have always been a little buggy on my system. I have now tried this version playing with all the different settings and it all went great!! So I decided to purchase.... Cannot wait until tonight when DCS gets back to work so I can get my Licence.

And be warned, I will probably be around with a lot of questions...

Kudos to DCS on this latest version!!!

Regards,
Kent

 

Screenshot of the DiamondCS Desktop in action .

Regards,
Jade.

 

TDS3 users will see that, when installed, executive protection doing it's job as each instance is shown in the PG log
Also when updating the DCSmutex.exe will often require re-allowing

 

I like the desert sunset colour scheme Peter

Thanks for the kind words everyone, they are appreciated.

-Jason-

 

Desert Sunset for me too

A huge improvment for sure (PG i mean, not desert sunset scheme )

 

I love it... the only glitch I saw upon installation was the error message I got upon reboot that BOClean 4.11 faulted and would not load.

I had to uninstall BOClean and reinstall it and now everything runs fine... I guess I should have shut BOClean down prior to installing the new PG 2.0.

 

This program is once again stepping out in areas no other program has even thought to try.

What really gets me is how small this program is. The whole package installer is just over 700k! I do not remember the last time I downloaded something this small. And this one protects your computer more than any three other program.

Keep at it, DiamondCS !!!

 

Hi, DCS and Beta Testers

Not yet Easter and you give us a Christmas Present.

Thanks again for all your hard work.
TheQuest

 

My favourite theme :-

 

Can I use the pguard.dat file from version 1.3 with 2.0?

 

Dardasaba. I think your question is answered here:
https://www.wilderssecurity.com/showthread.php?t=25693

Thanks DCS for the production of an excellent program (PG2). I actually feel in control of my own PC again.

One question: Is it possible for a program to execute before the execution protection kicks in (When booting) or is PGs protection always the first to load.

Thanks again.

 

Hi Regen, I do not think it is possible as the driver is loaded very early and at the lowest possible level providing, of course, that PG is enabled before shutdown

I have found that quite often during testing and rebooting I get a PG requst before the select user window in XP pro is loaded.

HTH Pilli

 

Some Windows services can load before Process Guard, nothing too major, especially since PG can block malicious services from even loading.

-Jason-

 

Thanks for the info Pilli and Jason. Process Guard deserves to do well.

Just one more question: Has PG2 been tested with the new RC1 service pack 2 for WinXP by anyone yet? Are any problems anticipated?

Thanks.

 

He again ReGen, This was asked in the Beta forum and Jason says that SP2 will not effect PG

 

We have tested Process Guard with XP SP2 RC1, all is well.

-Jason-

 

Can somebody please post the default privileged app list for PG 2.000 full? I don't want to remove my datafile to check this, but I am interested if any default privileges changed compared to PG 1.3?
For example there was a thead about changing the default privileges of svchost.exe.
-hojtsy-