ProcessGuard v3.3b3 ready

ProcessGuard v3.3 beta 3 is now ready. This is really getting rock solid now so we're not anticipating having to make (m)any final changes so this is essentially the same as the v3.3 full version that we'll release when beta testing of this build is complete

Download:
http://www.diamondcs.com.au/processguard/pgsetup_3300b3.exe
As per usual, please uninstall any existing copies of ProcessGuard and reboot before installing this new beta.

Main changes since beta 2:
- [Fix] Flag checks have been reordered so that the 'Protected Against' check is done before the 'Is Allowed' check
- [Fix] The SMH windows when applied to procguard.exe (and pgaccount.exe) now looks better
- [Fix] Fixed a typo that caused the dat files to not be reset on install even when user says they should be
- [Added] Allows user to choose whether current running processes are added to protection list at first boot after installation and when list is reset to default.
- [Added] F1 shortcut to help button
- Many little minor fixes and enhancements

We look forward to your feedback!

 

Well... ...I am just downloading it now..

Hope...this is much more better than previous version and has low memory consumption.

Thanks for upgrading this fantastic protection program..

 

Hi Wayne.

WOW... you guys are really rolling them out at the mo'.

Downloading now,give ya some feedback soon.

 

Working fine so far. Oddly enough I again got the msg driver not installed at the end of the installation but PG is fully functional.

 

Hi guys.

Got mine up 'n' running,no probs so far Good work guys

 

You should only get "driver not installed" if you've renamed the service for some.. reason

 

Shows "DiamondCS Process Guard Service v3.300" in Services and I have never renamed it. As with the last beta version, which gave the same msg, it seems to make no difference. I always follow your guide lines when installing and confirm all security apps are shut down via ProcX task mgr. Install to default location etc. XP Pro all updates.

 

Windows XP-SP2 HE,

Uninstall of PG 3.300Beta2 and installation of 3.300Beta3 went super smoothly...

And SMH works great on procguard.exe!

 

Having a rare issue myself. A word of warning, if you see PGUARD has insufficient access, PG may not work properly, heed it's warning. Protection breaks and you should remove this version if you have this problem. If you can get this problem to go away and protection works great, please detail your system information in an email to me gavin at diamondcs.com.au

 

I'm not seeing any evidence of this. I assume this is a system level warning message that will pop up if the "rare issue" is encountered by PG.

 

Fixed it here, so I may now know a workaround if it does arise. We have that new message as a debug point to help locate the problem

 

Just quickly sneak the fix into the 3.300 beta 3 download and we'll never need the new message

 

is there anything new in PG 3.3 compared to PG 3.15?

 

Quite a lot internally. Externally, a button to clear stats will be the first thing you notice, a tickbox to NOT log executions.. it behaves a little differently as posted above, and is slightly more secure than 3.150 in terms of bringing some protections active quicker. Withstands strenous testing better than ever when we are trying to break the driver. Starts faster, and uses less kernel memory.

A new black icon and warning if ProcessGuard initialises improperly, or the install is faulty in any way, or any other process has intefered (will show up if there is a driver conflict), or if any other theoretical problem becomes a reality. This beta should iron that out so please try it !

If you get the problem, reinstalling from clean can then mean you end up with a proper install ! I suggest removal of PG driver and service entries before the reinstall, and then use the setup guide to ensure everything needed gets allowed. This always minimises the chance of a conflict with another program, in theory there should never be any in user space. Its only in kernel space others can bug us. There may be a small bug still, but now whenever it happens your system will TELL YOU. I also think we almost have it nailed because of the warning and that I was able to get it

The help file deserves a makeover for the final version and is an integral part, to help users get the most out of PG.

 

The best tip for low memory usage, is to not log allowed executions. The alerts tab fills up, and like any listview it MUST consume a little memory per entry.

Or you can just close the tray icon, wait a moment and restart it

 

Re: ProcessGuard v3.3b3 ready - Minor Bug or Issue

One minor bug or issue in PG 3.300 Beta (1,2,3)..

If I have a full screen window open such as IE and double click on the PG GUI icon in the systray, it opens behind the already open window. This is on XP-SP2.

 

I think this newer version is much faster than v3.2 which has a long time waiting for "initializing". And also, I felt it is more "protective" and reliable than before.

Still, it looks the same. Elegant but simply sophisticated.

Hope, the final version will be release "finally"!!!

Just curious..Do you have plans.... to add some more colours in its GUI to make it more appealing? Still even without that change, to me, it doesn't matter...it still is one of the best kernel protector I've got used.

 

Just given 3.3 an install - held off until now due to the requirement for a new configuration which meant quite a lot of extra work for me (I don't like Learning mode's default permissions and don't have the time to run every single program on my system either).

One bug (or rather, an old one still present) - when you highlight an entry in the Protection tab then use Add Application, no entry is highlighted afterwards but the checkboxes at the bottom are still visible and can be altered without giving any indication as to which application is affected (it doesn't affect the newly added application which would be the most logical option, nor the one previously highlighted).

Overall, while I understand that much of the changes will be invisible, I have to say that I'm underwhelmed with this version. No effort has been made to address some outstanding security issues pointed out months/years ago here (notably the RunDLL issue), ProcGuard still has to be run as an Admin user (those who haven't noticed this because they run as Admin normally, shame on you!) and SMH still has need of improvement (it keeps popping up on application prompts/subwindows, you cannot label SMH conditions you specify via the Ins key).

While I do appreciate that problems reported with other systems have been addressed (and these should be given priority), the new features that have been added offer little to most and represent a seemingly glacial level of improvement given the timescales involved.

 

One other point, adding F1 to access Help from ProcGuard now makes it an avenue for an escalation of privilege attack, allowing any program to gain Admin access. This can be done as follows:

• Select the ProcGuard window, press F1.
• Right-click in the right-hand pane of the Help window and select View Source.
• Notepad will appear, select File/New.
• In the file selection dialog, set "Files of Type" to "All Files", navigate to the System32 folder (\WINNT\System32 for Win2K users, \Windows\System32 for WinXP) and find CMD.EXE.
• Right-click on CMD.EXE and select Open.
• A Command Prompt window should appear with Admin privilege, regardless of your currently-logged in user (an easy way to check is to type set to list all environment variables and check the USERNAME value shown near the end).

This is a known security problem from two-and-a-half years ago. DiamondCS, you should not be making this sort of mistake!

 

I'm giving up on this version. It is terrible. It is not nearly as good as the older version. I'm going back to a version that works properly. I have to run this new version in learning mode all the time as it learns nothing and wrecks havoc if I take it out of learning mode. I too am not a bit impressed with this new version. The old version is better.

 

Thanks for investigating this things. I only use my limited account when surfing the net. We ordinary pc users are not aware of this vulnerabilities.

I hope DCS can do something about this... that's.. before the final version release of ProcessGuard.

 

I too am not impressed, it forgets alot for one.

 

Can you elaborate on this "forgets alot". I am not experiencing such things...or at least I don't think so.

I've been running the 3.3 beta's constantly with good results on my XP-SP2 system.

 

The processes that are entered under learning mode like thunderbird.exe,Opera.exe,setpoint.exe,mpas-fe.exe,firefox.exe. I just got a popup saying Program files/tuneup utilities 2006/systemoptimizer.exe wants to start, this is out of the clear blue sky. In the case of Opera .exe, after I type in a post and click submit reply I get a popup from PG Opera.exe needs to access a hidden process or has changed when I haven't updated or changed a thing. It is quite frustrating and since I updated from PG 3.3b2 to 3.3b3 my computer hangs on shudown. I am running Windows XP home SP2.

 

This is a scheduled maintenance feature by TuneUp. It runs at a frequency that you specify in the TuneUp settings, like once a week. So PG probably did not detect it in Learning Mode because systemoptimizer had not yet run. If you are not familiar with what systemoptimizer does, you should read up on it via the TuneUp Help file.

I'm not familiar with Opera or the other pgm you stated, but it may be something similiar in that you need to add a component of Opera, etc. to the Protection list. Have you tried putting PG back in Learning Mode and then physically do the things that are causing the pop ups to see if PG learns more about them?