ProcessGuard v3.xxx Suggestions / Wishlist

Discussion in 'ProcessGuard' started by Jason_DiamondCS, Nov 3, 2004.

  1. Hard Rocker

    Hard Rocker Registered Member

    Joined:
    Jan 27, 2005
    Posts:
    258
    Location:
    Quebec, CANADA
    Hi Rich, :)

    Hmmm .... This sounds very interesting.

    So, once I save the download of PG to my desktop .... I should deactivate my AV temporarily .... my 2 anti trojan programs (with guards) .... any antispyware active protection ? What about WinPatrol, SWB, Spyware Guard, MRU Blaster, BHO Demon, UnHackMe & SnoopFree ?

    Also, what about things running in " Services " like my Ewido scanner & BitDefender on demand scanner .... should they be shut down as well during the installation process ?

    When you say " Tea Timer " I'm assuming you are referring to Spybot.

    HR :cool:
     
  2. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi HR,

    Yes, you've got it. Just disable all of those real-time programs temporarily and you should be fine. You don't have to be concerned with your on-demand scanners. Some of the real-time stuff like Spyware Guard probably will not interfere, but just shut them down to be on the safe side. No reason to mess around with an install.

    Alternatively, it may be possible to just install PG in safe mode, but I never tried it so I don't want to suggest that it is OK to do so.

    Once PG is installed, just let it run for a while. Make sure you go through an update cycle with all of your security software. Also, remember to turn protection off if you are doing a Windows Update. It is not always necessary, but again, why mess around until you are comfortable with PG.

    Keep us posted, if you decide to go ahead with an install. It should be very smooth.


    Rich
     
  3. Hard Rocker

    Hard Rocker Registered Member

    Joined:
    Jan 27, 2005
    Posts:
    258
    Location:
    Quebec, CANADA
    Hi Rich, :)

    I have contacted support at DiamondCS to see if PG can be installed from the Safe Mode. It will probably take a couple of days, or so .... to receive a reply.

    I just installed SpySweeper 4.0.3 from Safe Mode on advice from a Webroot tech not more than a few days ago .... so I don't see why there would be a problem doing the same with PG. However, I'll wait to hear back from DiamondCS .... just to be sure !!

    Thanks Again,
    HR :cool:
     
  4. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    afaik, processguard does have to install a driver, so i wonder if that is possible under safe mode.
     
  5. DolfTraanberg

    DolfTraanberg Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    676
    Location:
    Amsterdam
    My dear friend, you don't need any help from DiamonnCS for this. In safe mode you can do anything you like. If it doesn't work the way you want, just undo.
    Dolf.
     
    Last edited: Jun 19, 2005
  6. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Not entirely true, I didn't tried to install PG in safe mode, but I sure know you can't do everything in safe mode, sometimes uninstalling won't even work in safe mode, the only sure thing you can do is to make a restore point before trying and in safe mode reversing back...

    but not everything is installeable in safe mode :)
     
  7. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    mainly programs that use microsoft installer. dont u hate that?
     
  8. Hard Rocker

    Hard Rocker Registered Member

    Joined:
    Jan 27, 2005
    Posts:
    258
    Location:
    Quebec, CANADA
    Hi, :D

    First off .... Thanks to all of you that posted on the Safe Mode installation possibility. ;)

    However, DiamondCS support has responded by advising me NOT to shut ANYTHING down prior to the installation .... proceed with a regular install .... and state that Process Guard should install just fine.

    They claim that the most important thing to do .... is to follow the step by step .... SETUP GUIDE within the help file .... after the installation.

    Hmmmm .... I'm wondering if anyone has experienced difficulties installing PG by NOT shutting down their real time monitoring programs prior to installation ? o_O

    Anyway, I'm getting closer to that actual " big install " moment .... LOL .... as I now have the PG installer saved on my PC Desktop !! :rolleyes:

    Thanks again people,
    HR :cool:
     
  9. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi HR,

    I seem to recall some prior posts where people did have problems, but I cannot recall which programs were involved. I would listen to DiamondCS support though.

    Rich
     
  10. Hard Rocker

    Hard Rocker Registered Member

    Joined:
    Jan 27, 2005
    Posts:
    258
    Location:
    Quebec, CANADA
    Hey Rich, :D

    I kind of figured that .... Think I'll dig around Wilders a little
    .... just to see if I can locate any.

    Just color me chicken .... :oops:

    HR
     
  11. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    On the "Protection tab", in the "Authorise this application to" box, I would like to see two more tick boxes. These would be "Access the internet" and "Run scripts".

    These are two features from a program called Principal Antivirus. I'd like to see them in Process Guard.
     
    Last edited: Jun 21, 2005
  12. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    well if pg had option for allowing/denying internet access, would that make it more a firewall? i dont like my programs to bloat up.
     
  13. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    Not really. A firewall does a lot more than just say xyz.exe is trying to connect to the internet. I don't really need a full blown firewall because I have a router. I guess a little extra in PG would have a lot less bloat than a whole firewall package.
     
  14. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    While such an idea may seem simple on the surface, in practice this could be very complex to implement.

    Firstly, "Access the Internet" would need to be broken down into "Client" (can make outgoing connections only) and "Server" (can receive incoming connections also) options at least (like ZoneAlarm - some programs like file-sharing ones need Server access but from the security perspective, the number of programs allowed this should be kept to a bare minimum). Then some means of offering more tightly defined rules for applications you only partially trust (e.g. svchost.exe on Windows XP needs a very tight leash!) would need to be added.

    Then we come to the issue of indirect access - what if a program invokes Internet Explorer (or any other browser) to access the network rather than doing so directly? To cover this, PG would need to monitor all access to "network enabled" programs also.

    This does go very much onto firewall territory and should explain why most firewalls are more complex to configure than PG. If DiamondCS wishes to retain PG's existing simplicity then this feature would be very hard to implement effectively.

    "Run scripts" is another potential can of worms. While restricting access to Windows Scripting only would be easy, there are plenty of applications with their own scripting language that would have to be addressed separately (e.g. GetRight Pro). In addition, DiamondCS have a separate program, WormGuard, for addressing scripts.
    Looking at the product details suggests that indirect Internet access (see FirewallLeaktester for example exploits) is not covered, nor are program-specific scripts. Perhaps you'd care to try these out and let everyone know the results?
     
  15. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    I suppose what I was wishing for was something very specific to me. However, it might have a wider relevance seeing as someone decided to put it in their product Principal Antivirus.

    If I wanted a firewall, as I have in the past, then I would use one. What I'm thinking about is if I wanted to try out a new package e.g. a note taker such as InfoAngel. I don't really want to run a full blown firewall but I would like to know if InfoAngel wanted to connect to the internet. If it did, I could try to find out why, seeing as it's only for making notes. If I tried a new browser, obviously it would need to connect to the internet so I wouldn't be concerned about that.

    The role of PG (apart from its other features) would be to give me a bit more info/control about what the programs on my comp want to do. All the programs that needed internet access would get a tick allowing them to do so.

    I am not trying to get a firewall built into PG. It's meant to be a simple yes/no to internet access. If I wanted further control for the allowed programs, I could use a proper firewall.

    I don't really know about the leaktests for Principal Antivirus. I only used it for the trial period and then decided to go with PG. When I run the leaktests with PG (and I haven't got a firewall to leak past), PG just stops them from running. I guess that's exactly what PA would do as well.

    Hopefully, I've explained my wish a bit more clearly.
     
  16. VisiThink

    VisiThink Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    9
    Location:
    Colorado, USA
    Any chance of being notified of the actual dll being used to attempt the injection of a Global system hook when hook protection is enabled?

    Secondly, being able to pick and choose which ones to allow if there are multiple hook libraries being loaded on a single process.
     
  17. Haceldama

    Haceldama Guest

    It's quite likely that this was requested preciously, but here i go:

    Ability to ignore alerts on a per program basis. The option should be set for each option seperately, so that if ie internet explorer tries a global hook (and the ignore option for global hooks is set), as it so often does, this will be logged but the trayicon will not flash. When it tries to install a driver and the option is not set to ignore such events it should flash and of course log this event as usual.

    The security tab should include the year the program has last run as well.

    An option to force a program to a set priority.
    To elaborate on that, it would be helpful if one could set some programs, ie emulator/games in general to run at idle speed, because very often those are poorly programmed and take up all cpu ressources there are, invariably hogging all cpu time and dragging down any other process without need.
    This option would counter this behavior so it would be a rather useful addition.

    Apart from that, some keyboard combination to allow running a new program if no mouse is connected/working. if this were an option some lockups involving a nonworking mouse could be resolved easily (ie if one did not allow some program to run which is responsible for driver installation).
    Can happen if the ps/2 port starts bugging on you, or something else.
     
  18. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    theres seperate apps for that like Process Tamer and Process Lasso.

    A feature I would like to see is for PG to prompt u for protecting memory, driver, hooks etc. instead of automatically blocking them.
     
  19. Inf

    Inf Guest

    Yes wil back you up on this:

    the whole thing (a lot of things..) will be solved when the parent and child popup will be there :)
     
  20. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,471
    I don't know if this was already order...

    I want to suggest an alert window when some program wants to use some items of the Global Protection Options, to decide what we want to do...

    Regards
     
  21. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    i already suggested it, look two posts up. but maybe if enough people suggest it, itll have a higher chance of being implemented. :D
     
  22. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,471
    Nice :D
     
  23. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,133
    Location:
    The Netherlands
  24. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    didnt u already make a post about this? neways let me remind u of what James Taylor said:

     
  25. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    9,133
    Location:
    The Netherlands
    Yes, I already posted this but not in this thread, so I don´t see what the problem is. And should it matter why I want certain features? o_O
    I will use it to lockdown IE, but maybe someone else will use it for another reason. And I don´t agree with James Taylor because IMO tools like PG, Prevx and SSM (generic or not) can all help in making IE safer, and perhaps even protect against zero day bugs.