Process Guard v2.000 Released!!!

The default (new install) list of 13 items is in the attached text file. (I "reconstructed" this list by deleting my additional local entries; but the list should be accurate. However, the list should be reviewed and confirmed.)

These default (new install) settings do not include the turning off of the "Terminate" Allow priviledge for svchost.exe, referenced in that prior thread.

Best regards,
Little Mike

 

Hello: i just upgraded PG1.3 to PG2.0. i believe i successfully did so because in 2.0 it lists myself as the registered user. however, my protected list doesn' list the programs by name, the list number from 1 to 90 with only a blue and white square(with three dots in the blue). my question is did my protected programs from 1.3 automatically load onto 2.0 or do i need to do something to correct this? as usual thanks in advance for your help. btw, changed color to desert sunset as some suggested lol! northstar51

 

H northstar51, This may sound odd but have you tried adjusting the colimn widths?
As the first and second column can sometimes get swapped so try dragging the column headers & resizing.
If that is not the problem can you please post a screenshot

 

PG & ZAP & "OPEN PROCESS" ? > need help

The software sounds so great to users who concern about safety to their computer uses, specially with the internet uses and networking.
Please help on a win2k box with the lastest ZoneAlarmProf running at high settings (software firewall, from zonelabs.com), along with Avast Antivirus, CA ETrust EZAmore Free Antivirus..., Process Guard 1.3/2.0 Free version (only one protection to additional program installed), questions are :
- ZAP came with blocking feature on "Allow to OPEN PROCESS" and "Allow to use other program to access the Internet" => Question: What zap users should set these options (Allowed or Disallow) to ProcessGuard (dcsuserprot.exe in v2.0) ?
- I have seen that if no "open process" enabled to process guard "core" (the file mention above), PG : blocking feature "End by TaskManager" did not work when in ZAP user allows "taskmgr.exe" to "Open Process" on others.
Thanks in advance.

 

Give Process Guard and all it's files FULL ALLOW access in other security programs. If you don't then you will have issues.

-Jason-

 

Hello: thanx for the input re the above post. i know this is my fault, but now another glitch has arisen. i don't think i completely uninstalled 1.3 when i downloaded 2.0. i have tried to uninstall 1.3 as advised in a different thread,l even tried to uninstall in 'safe mode'--it wouldn't let me because it was still running. i also went into my win32 directory to check and uninstall the .dll file and the .exe file. again it wouldn't let me because program was still running. also tried to do a system restore--wouldn't let me do that either. and on 2.0, i keep getting those human logoff(5 letters) screens but i don't get 2.0's main page. you know, the one that lists your options, etc...can you advise on the next step or did i screw myself royally here? as usual, thank you in advance for your help. i know i fouled this up all on my own, but would appreciate your assist. thanx...ns51

 

Hi NS51, You stop the procguard.sys service from running, If you open windows normally, If you can open the procguard window disable protection then exit the window, make sure that procguerd.exe & pg_msgprot are not running in Task Manager (TM), if they are terminate them. Also you may see dcsuserprot.exe in TM this should also be terminated.
Reboot to safe mode, check in Task Manager then follow the indtructions in the other thread.

Jason may also know of another way but try the above first

 

Hello: thanks pilli for the tip. that doesn't do it though. i think what is going on is i did install 2.0 THEN finished uninstalling 1.3. so my status now is i can't get 2.0's main window to appear which would allow me to exit. the window which says "this file is trying to run" does appear. i always click on 'allow' and the window which says "human.." (the one where you type in the 5 letters to sign off). would re-installing 2.0 solve this? i don't know what i did to prevent the main window from appearing. hope this helps you to understand my problem and thanks as always for your support. ns51

 

hello: just a add-on to my above post: i did go to task manager and tried to terminate the dcs....exe file there--wouldn't let me...ns51

 

Hi NS51, Sounds like V2 is still running hidden.
Remove the process guard start item from the "Start" - Startup folder. Then reboot to Safe mode, terminate dcsuserprot.exe if it is running, delete all the files in your Process Guard folder except your keyfile. Delete pguard.dat & pghash32 from the system32 filder. Once you have successfully done this try re-installing V2.

 

The manual uninstall in the help file details this, dont forget the DRIVER procguard.sys in Windows\System32\drivers, this is where the protection is and why you must untick "protection enabled" before uninstalling

 

Hello: thanks pilli, gavin. the tips to uninstall did the trick. i don't know what i'd do without your help. i fully acknowledge the fault lies with my own lack of skill in these matters, but i'm learning. thanks for your patience...ns51

 

Thanks to the diamondcs crew for creating this excellant software

 

My wife & I had so many problems with Process Guard that all we could do was uninstall it. Tabs go black many times as well as desktop icons & taskbar disappear and often we just have to reboot to get back into out PC. I have the latest PC so I would have thought that beta testers would have ironed out these bugs before the program was released.

This program has the potential to be the best security application out there but with so many bugs we just cannot use it although we have paid for it. Along with Wormguard that makes 2 DCS programs that for one reason or other we just can't use & sit on the shelf gathering dust until a fix is found.

I ask DCS to take into account users like my wife who just want to use the PC and don't know how to deal with icons disappearing, black tabs and the desktop becoming inaccessable. These are issues which I have seen reported by many users and need urgent attention. I love it and really want to use it but it's instability drives my wife mad and she gets very angry with me when she can't access the desktop due to black tabs or the complete taskbar just disappearing.

PLEASE DCS fix these problems soon so I can use this terrific program.

Dave

 

I also want to buy this one, but I am waiting for bug fixes.

E.g. an Option to release harmless drivers from protection like AOL or other often reloaded driver, otherwise you always have to retype each time your start an instant-driver-loaded application.

Another thing is: I tested a strange new fwb-rat-tool, now PG2 is no more able to let start the protected process, because it always says csrss.exe tried to write to .. the protected process, no matter which process, that means the exe only works if it is not protected by PG2!!!! For Example: If you protect Procguard.exe itself it will be no more able to start because of this csrss.exe injected infection. This Infection is very subtle because all infected exes are erased by AV, but some process still leads to this phenomenon above.
This should not happen. Beside the name of the process I protect is totally unimportant, the result is always the same, so it cannot be a av/fw kill list.

I also tested PG2 against Keyloggers: Some commercial keyloggers have nearly no chance, thats absolutely great. The keys won´t be recorded but the internet sides and other threads. Beast keylog survives unfortunately, it still records all my activities when I tested it.

Hopefully one time this tool will be able to stop all keyloggers!!!

Another thing is the hooking when you play games, sometimes the mouse within the game does not work, because of a mouse hook! Should be fixed!!

 

Hi,

Deliberately infecting yourself with an injector is of course going to cause problems, I assume you are talking about LEVIATHAN a new FWB tool. This is using usermode patches and injecting a DLL from what I have seen so far, and problems are to be expected. PG surely will not work correctly on some infected systems..

Allowing certain processes to install a Global Hook is enough to get around most problems, but this option is very brutal and must be used with care. Just use the Allow Global Hook option on the game and it should be fine.

BEAST keylogger should be stopped completely if the injection was blocked of course, but if you are allowing a DLL inside another process such as Winlogon.exe and Winlogon.exe has allow privileges, so does the DLL. The whole point is to block the infection in the first place

 

to the moderators or beta testers:

I was hoping you could give me a little more info regarding this new release.

You guys are driving me crazy.

 

Thanx Jason.

 

ah okay so learning mode is tabu when trying beast keylogger,
but learning mode is so comfortable

Another problem that occured when turning on Hook Protection, sometimes using Winamp with menu it shuts down without any messages, I assume that this had something to do with the Hook Protection but I am not sure.