write access on TDS

Discussion in 'ProcessGuard' started by Shelb, Dec 9, 2003.

Thread Status:
Not open for further replies.
  1. Shelb

    Shelb Registered Member

    Joined:
    Dec 3, 2003
    Posts:
    76
    Hi,
    Sorry if this has been addressed before, but I keep encountering the following message regarding a write attempt on TDS from Process Guard. It has occured several times over the past few nights. I am using the version 1.15

    Is this something to be concerned about? Is there any reason for these processes to gain access over TDS?
    Thanks,
    Shelb
     
  2. DolfTraanberg

    DolfTraanberg Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    676
    Location:
    Amsterdam
    Hi Shelb,
    Those processes should already be in your protected list. Just give them allowed rights. And no, you don't have to be concerned about this.
    You will see in PG all kinds of access attempts but these are legitimate
    Dolf
     
  3. Shelb

    Shelb Registered Member

    Joined:
    Dec 3, 2003
    Posts:
    76
    Thanks for the reply!
    I am still using the demo version and cold only protect one process.
    I will be purchasing a license shortly.
    Aside from critical system processes, firewall, antivirus and my DiamondCS products is there anything else you would suggest putting on the protected list?
     
  4. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Any program which starts as a service, and any program which starts automatically when your system is booted. Ensure that if you are adding Windows services to be protected you give them proper access. Process Guard adds all the common services itself so you shouldn't have a problem with the Windows services themselves.

    I suspect in the future to try and get around programs like Process Guard, that malware won't target specific processes, but rather enumerate all running processes and find one that is suitable for its needs. Since Process Guard handles all the common services which are always running and have all the access, malware is extremely limited in what it can do, even if it manages to get into a process, it would have to be something like notepad. :)

    Another suggestion would be to add all the programs which have internet access in your firewall, this way no trojan will be able to inject into a program which has real internet/network access.

    -Jason-
     
  5. DolfTraanberg

    DolfTraanberg Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    676
    Location:
    Amsterdam
    hmm, when your firewall and PG have been right configured you won't need TDS or PE :D
     
Thread Status:
Not open for further replies.