Discussion in 'other anti-malware software' started by dlhan, May 12, 2005.
Trying to decide between the two. If you only purchased one which would it be and why? Thanks
ProcessGuard & RegDefend gives you excellent protection.
Invaluable tools to securing your system, so I bought them both.
You can't beat the price of RegDefend. Buy once and receive lifetime updates.
Just my 0.2 eurocents.
Well they both do different things and I think they both make a great combo for preventing Malware from getting on your system. That’s why I plan to get both, both are very fairly priced. If I had to pick one though I suppose it would be PG, that’s what I am getting first.
This is what I like PG for.
Keyloggers are useless.
RAT's can't install
Trojans can't install as a service
CWS can't install by it's method of registry dll injection
If you use PG in conjunction with an application based firewall, nothing can get in, nor out (some trojans inject themselves into your running processes that can have firewall access. PG stops that)
You have control over what executables run on your machine.
PG basically prevents all the nastiest trojans out there from installing. It's weakness is that you have to disable it's protection to install new programs.
Can't tell you too much about Reg Defend sorry. I thought about it, but decided that Prevx provided me pretty much the same type of defence for my registry, and also covered more of my computer. Can't find anywhere that compares that for sure though. I use both PrevX and PG.
Oh, one thing Reg Defend does allow you to do is add your own custom rules for what areas of the registry you want protected by it.
I have and recommend both as well, but if I were forced to choose, I would go with PG. Applications (malicious or otherwise) have to execute before they can tamper with the registry. PG gives you the ability to block application execution.
Nick...although I could be wrong, I was under the impression that most spyware that installed and tampered with the registry was installed through Active X and Java scripts from your webbrowser, which PG doesn't protect against in its executable protection.
PG only does .exe and .dll as far as I can tell - at least they are the only ones its ever asked me for permission to run.
Although I'm not an expert on browser-based exploits, I think their purpose is to silently install executables which still have to execute. PG is not a cure-all, but, I believe, a necessary layer of defense to be used in conjunction with other security apps.
absolutely. I wouldn't be without it myself.
I would recommend PG as a first step, since there are some freeware that can be used to guard the registry - e.g. Spybot TeaTimer. But none of the free registry guards are proactive in the way RegDefend is. So when, and if, you have the inclination, I would most definitely recommend that you purchase RegDefend as the perfect pro-active companion to ProcessGuard. Together with a good AV, these products provide an excellent defense against all types of malware.
RegDefend is an unnecessary additional luxury if you have PG. RegDefend protects against Registry changes - but how can malware mess with your Registry if PG stops it from executing in the first place?
If cost is a consideration you are better off with PG; and if you want to monitor your Registry use RegWatcher.
If cost is no consideration then by all means use both PG and RD.
As said Vikorr, PG is vulnerable to web application attacks which take advantage of scripts and mobile code as i've mentioned it on my first thread on this forum:
ProcessGuard could also easily be disabled by a VBS script or another program which will prevent PG from startig at the reboot by removing it from the run keys.
It takes also too much time to load and therefore rootkits scenario are theorically possible in this case.
Since a software's still vulnerable to reverse ingeeniering, then the way is open for security issues as it was confirmed last year with SDTrestore.
Thats why a strong registry protection/blocker like Regdefend can provide a better security.
The weakness of a program has to be palliated by the power of an other one.
In this case, PG + RegDefend is a powerful and effective duo.
ProcessGuard combined with Prevx over Regdefend _anyday_
RegDefend can duplicate some of the functionality of Process Guard (e.g. driver installation involves adding a Registry entry so both would cover this) but making judgement calls over allowing Registry changes would require more technical expertise than making decisions over Process Guard alerts.
As others have mentioned, Process Guard can intercept executables and prompt you whether to allow them to run so, in my view, this would make it a priority over RegDefend (though System Safety Monitor also intercepts programs and is currently free, though in beta).
ActiveX is certainly an exception to PG/SSM's execution protection (and Windows Scripting may be, depending on settings) but filtering ActiveX from webpages (and using a browser other than IE) should be part of your first line of defence here. Windows Scripting can be dealt with as discussed in the Multiple Firewall Products Bypass Vulnerability thread.
yes, interesting thread. I discovered harden-it and secure-it. Both free windows hardening programs. Secure it also disables scripts, active x, for total computer zone...
it was so strong I couldn't open Tiny Firewall Control panel cause of this
To the question of Dlhan: I would first purchase Processguard, learn it and learn things from your computer...then you will be up to Regdefend (which is a splendid program)
Separate names with a comma.