Thanks Process Guard!

Discussion in 'ProcessGuard' started by Snook, May 6, 2004.

Thread Status:
Not open for further replies.
  1. Snook

    Snook Registered Member

    Joined:
    Jun 19, 2003
    Posts:
    182
    Was finally able to kill ati2evxx.exe and sdmcp.exe from starting with Windows. No other startup organizer (free or shareware) was able to stop these two process from starting. Even with all ATI "services" set to disabled and no registry tweaks available (or even startup option for that matter), Process Guard did the job!

    Not only is Process Guard awsome at blocking malicious nasties etc., but it is also one hell of a startup organizer!

    Bravo zulu and hats off to the developers!

    Snook - Florida, USA
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hey Snook, You'll make us blush :oops:
    Thanks for the compliments . :)
    I for one am convinced that Process Guard is the single most useful, powerful and easy to use program in my security arsenal (albeit with a bit of learning) & in a class of it's own.
     
  3. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    *chuckle* we've never heard it referred to quite like that before, but thankyou for your kind words, and we hope you enjoy this new high level of security that your system is now armed with :)

    Enjoy the weekend,
    Wayne
     
  4. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    You must not have tried any good startup organizers, or the Services applet that comes with Windows (services.msc). The executable ati2evxx.exe (and presumably sdmcp.exe) runs as a service; disabling it is extremely simple.

    So, I assume you have Process Guard not letting those EXE files run, but the services are still enabled. Why not simply disable the services? Calling Process Guard a "startup organizer" is about like calling Niagara Falls a nice place to have a swim.
     
  5. Snook

    Snook Registered Member

    Joined:
    Jun 19, 2003
    Posts:
    182
    That's just it, ATI services are set to disabled. Also, sdmcp.exe does not list in services.msc.
     
  6. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    The services were set to be disabled, but they were still running? That's very hard to believe, sorry.
     
  7. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    I have ATI Hotkey Poller and ATI Smart set to disabled in Services and there is no ati2evxx.exe active in memory. I seem to recall that there is also an ATI program activated through the Startup list that needs to be removed/stopped as well. It is for the ATI control panel. There is an ATI icon in the systray that is generated from this Startup activation. This icon will disappear when the program is removed from the Startup list.

    Keep in mind that when you "disable" a service using Services.msc you also have to STOP the service from running or reboot your computer.
     
  8. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    sdmcp.exe is Stardock's trayserver program (used to avoid missing icons if you run an Object Desktop program that replaces the system tray). See this Usenet thread for more details. You may be able to disable it via Stardock Central (Tools/Settings...).
     
  9. LazLoe

    LazLoe Guest

    http://www.windowsstartup.com/wso/detail.php?id=205

    ""ATI External Event Utility EXE Module. This task can comsume lots of CPU resournces on some computers, but it can help with graphics card problems. Leave enabled unless it consumes too many CPU resources""


    Mine uses a whopping 2mb total ... I bet this person will or has found he has glitches in his graphics after disabling these processes. These tools are best used for removing malicious files or other programs -if you know exactly what you are doing-.
     
  10. mekon

    mekon Registered Member

    Joined:
    Apr 3, 2004
    Posts:
    10
    To Snook. Good on Ya Man. The thing I appreciated most even with PG free was the ability to have control over which .exe's were allowed to run. XP by default allows so much stuff to run, it's beyond belief. Ports like port 5000 the PnP one and Windows messenger, port 135.Totally unesessary to be open by default. Go to www.grc.com for a couple of tools to close these ports. Generally though I believe PG to be very good. There are a few glitches (probably XP related) but apart from that, the ability to block .exe's, end messages, .dll injections, installation of drivers & services, and thwarting the keyloggers with the global hooks block, it must be worth having, and at a very low cost. When you consider how complicated writing good security programs is, a 10% edge is worth having on the Black Hats out there. Mekon.
     
  11. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    System Safety Monitor also provides control over what programs can be run (although it can be bypassed more easily than PG, it does offer more granularity so you could allow program A to be run by program B but not by C) and does Registry monitoring too. Some of Diamond's other programs (TDS-3 I believe) also offer execution protection.

    WWDC is a handy utility for closing unneeded Windows services also.
    The Global Hooks block is, in my experience, almost useless with the Free version since there are quite a few legitimate uses for it (mouse drivers for instance) and PG Free will only allow you to create one exception (to be fair, Diamond are providing an incentive to get the licence). However the other features are worth having, especially for the price. ;)
     
Thread Status:
Not open for further replies.