Still need a full blown AT if you have ProcessGuard?

Discussion in 'ProcessGuard' started by AShaR, Mar 10, 2005.

Thread Status:
Not open for further replies.
  1. AShaR

    AShaR Registered Member

    Joined:
    Jul 31, 2002
    Posts:
    91
    Hi,

    I am looking at various options wrt AT software only problem is I have limited funds and don't want to be paying for two licenses every year as I have two pc's (you may have read my threads in the other forums). I see PG can be used on all home computers, would it make more sense to supplement an AV programme with PG rather than a realtime AT defence? Bearing in mind there are very good on demand AT scanners available for free.

    PG looks a little more difficult to follow for a non-techie, in that it won't tell you if something is a trojan but from what I gather it defends better than most anything else assuming the user can make sense of what's going on.

    This is the defence layout of both my pc's

    Main PC

    McAfee VS 8
    eScan Utility kit
    ZA free
    Ewido free
    MS Anti-spyware
    Spybot S&D
    Adaware

    Family PC

    Avast! Free
    Ewido Free
    ZA free
    Spybot S&D
    Spyware blaster
    Spyware Guard
    Adaware

    As you can see the family pc is probably vulnerable to trojans in realtime. Would PG be a more cost-effective solution than an AT programme?
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi AShaR, ProcessGuard is without a doubt the strongest form of defence against many of the latest threats such as rootkits and personally it would be the last security program I would remove from my systems.
    You can learn a lot about ProcessGuard by reading the help file which is available as a seperate DL from the DCS site.

    You do not show a firewall for your machines, there are some very good free ones available, please look at the friewall forums here on Wilders for more information.

    Also spend some time looking through the PG forums for additional information :)

    HTH Pilli.
     
  3. AShaR

    AShaR Registered Member

    Joined:
    Jul 31, 2002
    Posts:
    91
    Hi Pilli,

    Quite a diplomatic answer there...LOL. I guess you guys also have a top-rated AT product so maybe not a great question :)

    I have spent quite some time looking through this forum and have learned quite a lot. I have listed the free firewalls, ZA free refers to ZoneAlarm.

    Is PG compatible with my AV programmes there? (McAfee and Avast!)

    Thanks.
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Yes, When you first run the full version of ProcessGuard make sure you are in learning mode with the four general tabs enabled. run your security and internet enabled programs and then reboot. This will allow ProcessGuard to make the necessary adjustments to it's lists.

    HTH Pilli :)
     
  5. AShaR

    AShaR Registered Member

    Joined:
    Jul 31, 2002
    Posts:
    91
    When you say "run your security and internet enabled programs and then reboot" I assume you mean just load them up rather than run an actual scan, yes?

    BTW, well done on making this usable on more than one pc. For a family man it makes a big difference :)
     
  6. gottadoit

    gottadoit Security Expert

    Joined:
    Jul 12, 2004
    Posts:
    601
    Location:
    Australia
    AShaR,
    Something else to consider is RegDefend because that also has an 'unlimited' home pc license and it defends another somewhat important part of a windows system, it has a forum on wilders as well...

    There is a good thread on what security programs people use (and why) that you might find helpful

    Often its more important to question the "why" for security tools, because a tool by itself in the hands of the wrong person may provide no more than a false sense of security (and still cost money)...

    See Security that you use and its purpose

    There are times when a dedicated AT can be useful and practices you can follow to minimise the need for a dedicated AT

    One thing to *always* remember is backup your personal data !!!!
    Its easy to not get around to it, but once its gone ....

    Edit: This doesn't meet the criteria for being cheap, but as Paranoid2000 points out, it does a similar job to ProcessGuard and Regdefend combined
    See post about Tiny Firewall Pro 6.5
     
    Last edited: Mar 10, 2005
  7. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Yes run the processes first. By all means scan new programs with whatever you have available before installing them, especially if they come from questionable sources.

    Pilli
     
  8. AShaR

    AShaR Registered Member

    Joined:
    Jul 31, 2002
    Posts:
    91
    There are different ways of being cost-effective. I don't mind paying a high premium once only, but when you add yearly licenses for two differnt pc's even $20 isn't cheap :)

    My main pc which has important documents is backed up online btw paid for by my company. I am looking through that thread you linked now.

    Pilli, thanks.
     
  9. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    AShaR,

    Given that you are running Ewido, you already have an anti-trojan scanner. The main facility lacking in the free version is scanning memory for active trojans. As long as you are using it to check all incoming files, the chance of being hit by a trojan is small, especially if you avoid "anonymous" download sources (e.g. IRC, Usenet, P2P). Even if one slipped through, PG would greatly restrict the amount of mischief it could do.

    If however you feel that a memory-scanner is needed, BOClean does allow for unlimited installations for home use, and requires no further payments for database updates (most other anti-trojans do not require payments for database updates either, unlike anti-virus software - though they do require individual licences).
     
  10. BourgePD

    BourgePD Registered Member

    Joined:
    Sep 5, 2004
    Posts:
    75
    Very good page on Process Guard written by Andreas:

    http://www.commontology.de/andreas/win_secure_pg3.html

    Take care and have fun! :D
     
  11. AShaR

    AShaR Registered Member

    Joined:
    Jul 31, 2002
    Posts:
    91
    Thanks, that's exactly the answer I was looking for and pretty much what I suspected as the title of the thread indicates. I know about the BOClean option but I would probably pick PG as a better option as they allow more than one user per purchase, and of course there's avery good on demand scanner available for free in Ewido. My only concern would be that my kids aren't likely to be as dilligent as me in scanning incoming files but I guess as long as no damage can be done it's not really a worry. Thanks :)
     
  12. AShaR

    AShaR Registered Member

    Joined:
    Jul 31, 2002
    Posts:
    91
  13. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Well if it's a choice between PG and BOClean, both cost $39.95 for unlimited home use (PG Unlimited licence and BOClean's standard price) but BOClean can be purchased for less with some caveats (see Support problems with BOClean CompUSA Purchase for more details).

    As long as your other users have non-Admin access and are not allowed to alter PG's settings, then PG would be the better option in my view. If they are given full Admin access (asking for trouble, IMHO) then BOClean (which automatically terminates malware and can have its configuration locked down) backed up with the protection offered by the free version of PG may be better.

    Basically PG blocks activities without making any judgement on whether they are harmful or not, so can require more user intervention (e.g. disabling it for major upgrades/installs, setting permissions for certain programs). A scanner like BOClean will only act on malware and is more "set-and-forget" but, like any scanner, cannot be guaranteed to be 100% effective.
     
  14. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi,

    I have paid licenses to all of the major ATs including TDS-3, BOClean, Ewido, and TrojanHunter. I also have licenses for ProcessGuard and RegDefend. This is my current configuration, though from time to time a change it or run on-demands for verification"

    Firefox
    ZoneAlarm Pro
    Kaspersky 4.5 Pro with extended databases (I hate 5.0)
    ProcessGuard
    Ewido (full license)
    RegDefend

    I continue to run certain programs on -demand such as Giant Anti-spy (the precursor to MS AS) which I run only on-demand and rarely. Ad-aware seems to be better. Spybot, and Hijackthis.

    I also use Image For DOS and a Maxtor external 80 MB HD for full image backups. It has helped me a couple of times, when I was in doubt about the security state of my system.

    From your configuration, I would recommend purchasing these products in the following order for your own PC:

    1) PG (proactive AT defense)
    2) RegDefend (proactive registry defense)
    3 Ewido full (or BOClean)

    I would recommend upgrading the AV on your Family PC since this is the first line of defense. Either McAfee or KAV. I would also add Ewido Full or BOClean or leave it at Ewido free.
     
  15. FastGame

    FastGame Registered Member

    Joined:
    Jan 15, 2005
    Posts:
    677
    Location:
    Blasters worm farm
    AShaR, your Famliy PC is fine as is and the addition of Process Guard would be a major plus :)
     
  16. AShaR

    AShaR Registered Member

    Joined:
    Jul 31, 2002
    Posts:
    91
    I upgraded the Ewido to the full version, am still contemplating on Process Guard for the simple reason the family pc will have pop-ups and I am going to have kids dragging me into their room every time to give or deny permission every time it happens. I may trial it on my pc to see how it pans out first, but FP's on a kids pc could turn out to be the biggest trial of the lot :p
     
  17. Dwarden

    Dwarden Registered Member

    Joined:
    Apr 11, 2003
    Posts:
    176
    Location:
    Czech Republic
    Kerio Personal Firewall 4.x is now taking steps to secure also process manupulation etc ... latests beta shows promising improvements in stability ... so as free / cheap solution it's maybe good choice ...
     
Thread Status:
Not open for further replies.