ProSecurity trial

Hi there,

after seeing the outstanding results of ProSecurity in the comparative tests of nicM, I reluctantly got rid once and for all of ProcessGuard, and installed the trial version of ProSecurity.

The installation went well, quick and no reboots, running a wizard that asks you 3 possible scenarios (infected system, clean system, and from memory custom rules). I chose clean system, and that was that.

Now unlike PG, PS seems to be fairly complex and learning how to effectively use it might take a while. My question is running it as it is (out of the box) is good enough? I ran it in learning mode for the best part of a day, and after switching to normal mode I've never had one single ballon alert or warning boxes (in and off learning mode). Is that normal? These kind of programs usually ask you a lot of 'allow or deny' situations when installed for the first time.

Anybody who is trialling the program or is very familiar with it, would you give some tips (if any are necessary) on how to best configure this program.

Thanks

 

That's pretty much how it works when you tell it your system is clean and then run the scan wizard. It just marks everything existing in your system as "trusted" and then doesn't bother you with popups on any of it. You'll notice that it doesn't even alert on outbound internet traffic from these programs.

Hopefully (assuming PS does it's job well), you'll be alerted when something bad actually does happen, which is exactly what you want.

That's one reason why I love PS, you can set it up so that it doesn't much bother you at all, which is quite unlike most of the other comparable programs.

 

Thanks Peter and Kerodo,

If this is normal, it really looks like an interesting program as we all know how HIPS can be very fastidious when first installed. There's a good feeling about it (for lack of technical knowledge), but I'll run the full trial period before I might buy.

 

Osaban, i, too,think that it can run fairly well in its out of the box state.
If you run Comodo firewall there are a couple of overlapping things you should disable in Comodo like
Monitor inter-process ..etc.
Monitor dll injection

If you run an alternative browser i'd put in Applications an Ask to both Internet Explorer and notepad, while i'd look first the Wizard didnt automatically TRUST Telnet.

 

May I ask a related question? Like Osaban, I am a PG user and have been reluctant to ditch it since the apparent demise of DCS as nothing that I can find on the market does quite the same thing, ie, protects just processes, as well. I run KIS 7 with PDM but that does not (yet, but I hope that KIS 8 will) include process protection.

Now, comparing PS Free with the full version I believe that the Free version basically just covers process protection. If that is the case then would PS Free be a good alternative to PG Full.

Anyone out there got any advise?

Thanks in anticipation.

 

I have always been a fanboy of L'n'S, and PS has had no issues with it or any other programs in my computer. I'm happy to see that a number of people are interested in PS.

@ baldrick

I shouldn't even try to reply to your post as i'm not in a position to have even an educated guess. But basically a free application versus a paid one is bound to be lacking on something. I still think PG is a great program, but considering the way DiamondCS has disappeared, one should look forward and find something else that can do the job, and perhaps even do it better.

I could live without HIPS, but protection against terminating my security programs is the most important factor in my layered defense.

 

If I remember right, I do believe that PS defaults to asking for IE outbound even when you tell it you have a clean system in the initial scan. So IE is covered in that case..