RegTest was able to kill ProcessGuard 3.150

Discussion in 'ProcessGuard' started by HoLmEc, Jul 29, 2005.

Thread Status:
Not open for further replies.
  1. HoLmEc

    HoLmEc Registered Member

    Joined:
    Sep 30, 2004
    Posts:
    17
    Hi,

    Im using the Full Version of PG 3.150 with the Protection Enabled and the Global Protection Options also enabled. All my security programs are in the protection tab. I also disallowed services.exe from being able to install drivers. I downloaded RegTest from the GhostSecurity Page ( http://www.ghostsecurity.com/index.php?page=download&id=555 ) in order to test my registry protection. This program was able to kill all my programs, including PG. Why was it possible ?

    Thanks
     
  2. dog

    dog Guest

    I haven't run that test in a while ... but as far as my recollection goes, I don't believe it terminates anything, it forces a reboot.
     
  3. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    What RegTest does is change some registry keys which allows it to show a dialogue box after reboot (as if malware had been installed). PG is not a reg protector except for one key Appinit. :D
     
  4. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    Hi Pilli,

    could you explain what this "Appinit" is? The reason I ask I remember about two months ago when I installed RegDefend on my daughter's laptop, Appinit was always coming up. I can't recall exactly what it was now, but I didn't know if it was legitemate or not. Something kept trying to delete or modify it and I didn't know what to do.

    Thanks,
    Rilla927
     
  5. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi, appinit gives a list of dll's that will be automatically loaded into a 32 bit process on startup, MS ref. http://www.google.com.au/search?hl=en&q=site:microsoft.com Appinit_DLLs&btnG=Search&meta=
    ProcessGuard protects the appinit key to prevent .dll injection into other processes that some malware might exploit but appinit is also so used by many normal applications, so we would need a specific report to see what or if you have a problem.

    HTH Pilli
     
  6. Rilla927

    Rilla927 Registered Member

    Joined:
    May 12, 2005
    Posts:
    1,710
    Hi Pilli, I uninstalled the program about a month ago, only because I don't feel comfortable enough yet, with the program. Don't get me wrong at all, I know it's a great program, it's just because I need to learn more about the program before I reinstall it. I don't trust myself enough yet. When my computer is not down, I do read a lot in the forum to try to understand. Eventually I'll get it, especially with the wealth of information in this forum. Sometime's it take's me longer than others.

    Thanks for the quick response.
    Rilla927
     
Thread Status:
Not open for further replies.