Program configuration list needed

Discussion in 'ProcessGuard' started by Pamela Fox, Jun 17, 2004.

Thread Status:
Not open for further replies.
  1. Pamela Fox

    Pamela Fox Registered Member

    Joined:
    Jan 30, 2004
    Posts:
    4
    I think it would be great if Diamonds would create a list of processes to be protected and beside the names on the list indicate what rights it should have, for example should the program protected have global hooks, write, terminate or what. I am sure everyone who owns this program would appreciate such a list. I do know a lot about computer security, however I am not really sure about the processguard program permissions. I do like the program but I am worried that I may not have it configured correctly. I have emailed Diamonds on several occasions and always got the same answer, that I should just experiment with the processes :oops: which I do not like to do. So I am begging for myself *puppy* and on behalf of other people who would like to know what processes to protect and what permissions we should give them, please Diamonds *puppy* or someone who is really savey about this program, please, please, please make a list for those of us who are not as savey as you. Thank you in advance for all the help. ;)
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Pamela, It is a difficult thing to do as each PC's configuration is different.
    The default list is the start point that DiamondCS has proved OK for most users, adding your internet and security related programs does take a little time but once complete rarely needs changing.
    You will find many examples within this forum of tried and tested configurations for apps such as KAV, Norton AV, Zone Alarm etc.

    Please feel free to post your protection list using the "save protection list" menu item, then save as a .txt document and copy /paste here for comment, Other members may post their protection lists here for further guidance to others. :D
    So I will add a list in the following post.

    HTH Pilli
     
    Last edited: Jun 17, 2004
  3. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Here is the list from one of my PC's:

    Process Guard v2.000 Protection List
    Date Saved: 17 Jun 2004 at 17:25:17

    Total items in list:- 32

    001 - c:\program files\processguard\procguard.exe
    002 - c:\program files\processguard\dcsuserprot.exe
    003 - c:\winnt\system32\lsass.exe
    004 - c:\winnt\system32\services.exe
    005 - c:\winnt\system32\svchost.exe
    006 - c:\winnt\system32\winlogon.exe
    007 - c:\winnt\system32\smss.exe
    008 - c:\winnt\system32\csrss.exe
    009 - c:\winnt\system32\wbem\winmgmt.exe
    010 - c:\winnt\system32\wbem\wmiadap.exe
    011 - c:\winnt\system32\drwtsn32.exe
    012 - c:\winnt\explorer.exe
    013 - c:\program files\outlook express\msimn.exe
    014 - c:\program files\belkin bulldog plus\upsd.exe
    015 - c:\documents and settings\alan\desktop\utils\procexp.exe
    016 - c:\program files\cryptosuite\cryptosuite.exe
    017 - c:\program files\port explorer\portexplorer.exe
    018 - c:\program files\mailwasher pro\mailwasher.exe
    019 - c:\program files\microsoft office\office11\outlook.exe
    020 - c:\program files\copernic agent\copernicagent.exe
    021 - c:\tds3\tds-3.exe
    022 - c:\program files\hercules\audio\gamesurround muse pocket cpl\snxuacp.exe
    023 - c:\winnt\system32\scrnsave.scr
    024 - c:\program files\acronis\trueimage\trueimage.exe
    025 - c:\winnt\pchealth\helpctr\binaries\helpsvc.exe
    026 - c:\program files\kaspersky lab\kaspersky anti-virus personal\kavsvc.exe
    027 - c:\program files\kaspersky lab\kaspersky anti-virus personal\kav.exe
    028 - c:\program files\canon\zoombrowser ex\program\zoombrowser.exe
    029 - c:\program files\lavasoft\ad-aware 6\ad-watch.exe
    030 - c:\winnt\system32\drivers\etc\hosts
    031 - c:\program files\spybot - search & destroy\teatimer.exe
    032 - c:\program files\avant browser\iexplore.exe

    ---001-----------------------------------------------
    Long Path :- c:\program files\processguard\procguard.exe
    Short Path :- c:\progra~1\proces~1\procgu~1.exe
    Blocked Flags :- Read,Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- Close MSG Handling,Allow Global Hooks


    ---002-----------------------------------------------
    Long Path :- c:\program files\processguard\dcsuserprot.exe
    Short Path :- c:\progra~1\proces~1\dcsuse~1.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---003-----------------------------------------------
    Long Path :- c:\winnt\system32\lsass.exe
    Short Path :- c:\winnt\system32\lsass.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---004-----------------------------------------------
    Long Path :- c:\winnt\system32\services.exe
    Short Path :- c:\winnt\system32\services.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---005-----------------------------------------------
    Long Path :- c:\winnt\system32\svchost.exe
    Short Path :- c:\winnt\system32\svchost.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Suspend,GetInfo,SetInfo
    Option Flags :- Allow Drivers/Service Install


    ---006-----------------------------------------------
    Long Path :- c:\winnt\system32\winlogon.exe
    Short Path :- c:\winnt\system32\winlogon.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---007-----------------------------------------------
    Long Path :- c:\winnt\system32\smss.exe
    Short Path :- c:\winnt\system32\smss.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---008-----------------------------------------------
    Long Path :- c:\winnt\system32\csrss.exe
    Short Path :- c:\winnt\system32\csrss.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---009-----------------------------------------------
    Long Path :- c:\winnt\system32\wbem\winmgmt.exe
    Short Path :- c:\winnt\system32\wbem\winmgmt.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---010-----------------------------------------------
    Long Path :- c:\winnt\system32\wbem\wmiadap.exe
    Short Path :- c:\winnt\system32\wbem\wmiadap.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---011-----------------------------------------------
    Long Path :- c:\winnt\system32\drwtsn32.exe
    Short Path :- c:\winnt\system32\drwtsn32.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---012-----------------------------------------------
    Long Path :- c:\winnt\explorer.exe
    Short Path :- c:\winnt\explorer.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- Allow Global Hooks


    ---013-----------------------------------------------
    Long Path :- c:\program files\outlook express\msimn.exe
    Short Path :- c:\progra~1\outloo~1\msimn.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- Allow Global Hooks


    ---014-----------------------------------------------
    Long Path :- c:\program files\belkin bulldog plus\upsd.exe
    Short Path :- c:\progra~1\belkin~1\upsd.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- Allow Drivers/Service Install


    ---015-----------------------------------------------
    Long Path :- c:\documents and settings\alan\desktop\utils\procexp.exe
    Short Path :- c:\docume~1\alan\desktop\utils\procexp.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- Allow Drivers/Service Install


    ---016-----------------------------------------------
    Long Path :- c:\program files\cryptosuite\cryptosuite.exe
    Short Path :- c:\progra~1\crypto~1\crypto~1.exe
    Blocked Flags :- Read,Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- Close MSG Handling


    ---017-----------------------------------------------
    Long Path :- c:\program files\port explorer\portexplorer.exe
    Short Path :- c:\progra~1\portex~1\portex~1.exe
    Blocked Flags :- Read,Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,GetInfo
    Option Flags :- Close MSG Handling


    ---018-----------------------------------------------
    Long Path :- c:\program files\mailwasher pro\mailwasher.exe
    Short Path :- c:\progra~1\mailwa~1\mailwa~1.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---019-----------------------------------------------
    Long Path :- c:\program files\microsoft office\office11\outlook.exe
    Short Path :- c:\progra~1\micros~2\office11\outlook.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---020-----------------------------------------------
    Long Path :- c:\program files\copernic agent\copernicagent.exe
    Short Path :- c:\progra~1\copern~1\copern~1.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---021-----------------------------------------------
    Long Path :- c:\tds3\tds-3.exe
    Short Path :- c:\tds3\tds-3.exe
    Blocked Flags :- Read,Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- Close MSG Handling


    ---022-----------------------------------------------
    Long Path :- c:\program files\hercules\audio\gamesurround muse pocket cpl\snxuacp.exe
    Short Path :- c:\progra~1\hercules\audio\gamesu~2\snxuacp.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- Allow Drivers/Service Install


    ---023-----------------------------------------------
    Long Path :- c:\winnt\system32\scrnsave.scr
    Short Path :- c:\winnt\system32\scrnsave.scr
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---024-----------------------------------------------
    Long Path :- c:\program files\acronis\trueimage\trueimage.exe
    Short Path :- c:\progra~1\acronis\trueim~1\trueim~1.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---025-----------------------------------------------
    Long Path :- c:\winnt\pchealth\helpctr\binaries\helpsvc.exe
    Short Path :- c:\winnt\pchealth\helpctr\binaries\helpsvc.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- Allow Drivers/Service Install


    ---026-----------------------------------------------
    Long Path :- c:\program files\kaspersky lab\kaspersky anti-virus personal\kavsvc.exe
    Short Path :- c:\progra~1\kasper~1\kasper~1\kavsvc.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Write,Terminate,Suspend,SetInfo
    Option Flags :- None


    ---027-----------------------------------------------
    Long Path :- c:\program files\kaspersky lab\kaspersky anti-virus personal\kav.exe
    Short Path :- c:\progra~1\kasper~1\kasper~1\kav.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---028-----------------------------------------------
    Long Path :- c:\program files\canon\zoombrowser ex\program\zoombrowser.exe
    Short Path :- c:\progra~1\canon\zoombr~1\program\zoombr~1.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Write,Terminate,Suspend,SetInfo
    Option Flags :- None


    ---029-----------------------------------------------
    Long Path :- c:\program files\lavasoft\ad-aware 6\ad-watch.exe
    Short Path :- c:\progra~1\lavasoft\ad-awa~1\ad-watch.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None

    Item 30 Removed

    ---031-----------------------------------------------
    Long Path :- c:\program files\spybot - search & destroy\teatimer.exe
    Short Path :- c:\progra~1\spybot~1\teatimer.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,GetInfo
    Option Flags :- None


    ---032-----------------------------------------------
    Long Path :- c:\program files\avant browser\iexplore.exe
    Short Path :- c:\progra~1\avantb~1\iexplore.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read
    Option Flags :- None
     
    Last edited: Jun 18, 2004
  4. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Hi Pamela.

    What Pilli said! :)

    Here is mine, but am afraid run much same as Pilli, only I have added a few more than probably needed really. :D

    Cheers, TAS

    EDIT: oops. forgot to say:

    Welcome to the Forums *puppy*
     

    Attached Files:

  5. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    If as many people as possible save their lists and email them to gavin@diamondcs.com.au , I'll try to find the time to create a few example setups. Or we might make a wizard in the future - hopefully it can evolve to a product which does the protection FOR YOU, but this takes a lot of development time on different setups. Currently it is a tool to enable you to do all the work.

    Generally, it is best to protect just the defaults, and your security applications. I would also say then you should add applications which are allowed internet access in your firewall, this prevents them being hijacked. Please make sure your system is clean first, and your firewall rules are set up carefully
     
  6. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    What is this rule? Your hosts file is not executable, is it?
    -hojtsy-
     
  7. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    No Hojtsy it is not executable, I was experimenting (another story) as this list was taken from a test machine and forgot to remove it afterwards.

    I'll remove it from the list now :D
     
  8. Pamela Fox

    Pamela Fox Registered Member

    Joined:
    Jan 30, 2004
    Posts:
    4
    Thank you so much for your help Pilli and Tassie. I saved the suggestions to a file and will keep a watch on the forum for more list. :-* This will be a tremendous help to me and others I am sure.
     
  9. A884126

    A884126 Registered Member

    Joined:
    May 16, 2004
    Posts:
    191
    True but we could get a generic list withmost of the applications peole are using:

    - DiamondCS (TDS, PG, WG...)
    - AV (NAV, KAV, NOD32...)
    - AT (TrojanHunter, BO Clean...)
    - Firewalls (OP, ZA, Sygate...)
    - MS apps

    We could start with the apps that we find on Wilders.orgas a start...
     
Thread Status:
Not open for further replies.