dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
2488
JMYork1983
join:2004-10-31
Old Town, ME

JMYork1983

Member

ProcessGuard harmful?

I have processguard on one of my home computers since it was highly recommended. But ever since installing it I've been deluged with message boxes saying "allow/deny?" for programs I've never seen run before. I fear it might be opening a big can of worms. Can it damage windows to allow something you shouldn't or to denying something good?

Wayne DCS
Premium Member
join:2001-12-07
Australia

1 edit

Wayne DCS

Premium Member

ProcessGuard certainly isn't harmful. On the contrary actually - all of your security programs are at risk of being attacked (and rendered useless) if you don't run it. At worst you'll simply prevent a program from running (this would be as a result of your decision when it asks if you want it to run or not), but you can easily re-allow it to run whenever you choose. Alternatively you can turn off Execution Protection so that you won't get any alerts, but then you'll no longer have any control over what can/can't run on your system. It just depends how much security you want - ProcessGuard offers many layers of security. For example, one layer prevents the installation of malicious drivers, and that in itself is enough to stop the installation of rootkits and thus prevent infections completely. That layer is independent from the Execution Protection layer, so for example you can leave that on and turn Execution Protection off. It's entirely up to you. I'd also encourage you to have a browse through the helpfile as there is a lot of information in there which will open your eyes to many things you otherwise might not be aware of, as well as several tips and tricks

Cheers,
Wayne

ironwalker
World Renowned
MVM
join:2001-08-31
Keansburg, NJ

1 edit

ironwalker to JMYork1983

MVM

to JMYork1983
If whatever ya wanted to run flagged you with a processguard msg than its obvious you want it allowed.But if ya deny the msg from PG and a program ya wanted to work doesnt work...you know what prevented it from working and as wayne said re allow it.The best thing about this is you have total controle f when something runs.Imagine surfing net or playing with a program and something wants to run but you didnt click nothing...PG alerts you.My advice...if ya dont know what it is...click deny.If after,whatever you were doing doesnt...well do.Click allow or re allow.

After some time...some paitience...some learned disipline you wont even notice the flags as an annoyance.

or maybe you will:)

just remember...if ya didnt have PG...all this would be taken place without your permission......good or bad;)

alamarco
Premium Member
join:2003-06-18
Windsor, ON

alamarco to JMYork1983

Premium Member

to JMYork1983
Has anyone tried SSM? (»maxcomputing.narod.ru/ss ··· ?lang=en )

Is it around the same thing? Would running this be a good thing?

I tried the PG free before and I liked it but don't have the money to buy the paid version. With the free I had some problems with it protecting Outpost which would of been solved by the paid. SSM is free so I was wondering how does it compare.

Uriel3
join:2001-11-26

Uriel3 to ironwalker

Member

to ironwalker
said by ironwalker:

just remember...if ya didnt have PG...all this would be taken place without your permission......good or bad;)
I recommend you place a check mark beside 'Learning Mode' until most of your on-board executable files have been utilized once, then uncheck it to protect your computer from malware. ProcessGuard is the most valuable and most powerful security program on my system along with Data Execution Prevention (DEP) fully turned on, boot.ini entry 'NoExecute=OptOut' with a AMD 64 CPU.

Jason_DCS
join:2002-12-17

1 recommendation

Jason_DCS to alamarco

Member

to alamarco
said by alamarco:

Has anyone tried SSM? (»maxcomputing.narod.ru/ss ··· ?lang=en )

Is it around the same thing? Would running this be a good thing?

I tried the PG free before and I liked it but don't have the money to buy the paid version. With the free I had some problems with it protecting Outpost which would of been solved by the paid. SSM is free so I was wondering how does it compare.
I have used SSM quite a bit after the author asked me find an issue between ProcessGuard v2.0 and his latest BETA. Hopefully another SSM user will post a comparison, however I will try and be as unbiased as I can. Please also remember that the latest SSM which I am discussing is in BETA status so might not be relevant to the final program when released. You can't compare ProcessGuard to the non kernel mode versions of SSM because they aren't really in the same league, so most of my comparison will be limited to the BETA.

The latest SSM beta compares very well to the free version of ProcessGuard v3.xxx on features. The full version of ProcessGuard does edge it out features, however SSM is currently freeware so that is in it's advantage. SSM isn't designed to run well under XP fast-user-switching either, so if you use that feature it may be a problem.

SSM runs on Windows 9x, which is another benefit of the program. I might point out that the method it uses on Windows 9x to protect the system (like MadCodeHook used in TrojanHunter and some anti-spyware applications) is insecure if software detects the protection mechanism in place. This is the reason the latest SSM beta handles things in kernel mode under Windows NT/2K just like ProcessGuard has been doing, since if done right it can be secure. However, since most malware doesn't "detect" this protection it can provide a lot of security for Win9x users.

Hopefully some other SSM BETA users can provide some reports on stability, but on some of our test machines it proved to be a little unstable. I think some work needs to be done for the kernel mode driver under Windows NT/2K/XP, as previous versions which did not have kernel mode protection in them used to run fine on the same machines. It is BETA software however so hopefully the issues will be worked out before final.

The interface still needs some work in my opinion (it has stayed pretty much the same since early versions), as I found it quite hard to use and some of the GUI doesn't seem to act like it should. The SSM interface however has a lot of features packed into it, which I'm sure some people will find useful. I know a lot of ProcessGuard v2.0 users emailed us complaining about the interface (how they wouldn't dare letting their mothers or partners use it due to complexity), which is one of the areas we tried to improve the most in the latest v3.0 version.

Overall SSM still needs time to improve. There are certain parts of it's kernel mode core which still need to be added and tested that I think users want (at least from the feedback we receive from customers). Speaking from first hand experience I understand the amount of time required to improve and work on something like PG/SSM. I think this is the reason why future versions of SSM might also become shareware. ProcessGuard's kernel mode technology has been in development for over 2 years, and that is with continual 5 day a week research, development and coding over that period.

I do hope SSM continues to be developed because I think only good things can come out of some competition. At the moment ProcessGuard is pretty lonely where it is sitting. With DiamondCS pretty much the only company really trying to tell users that this is one of the best ways to keep your computer protected from malicious software. When there are other products that are similar it makes more sense for magazines, and computer sites to do reviews and comparisons and things like that which get the word out to more people.
mrgeek
Premium Member
join:2002-12-13
Dundee, IL

mrgeek to JMYork1983

Premium Member

to JMYork1983
After I installed PG3, I had the same kind of alerts for a few programs, even after leaving learning mode on. It kind of "freaked" me out for a second till I checked and made sure all were ok, then I gave them the necessary permission. I am impressed with PG, and find it a great addition to my security set-up.
JMYork1983
join:2004-10-31
Old Town, ME

JMYork1983

Member

So I guess the odd's are, no harm done. OK, thanks. I could run learning mode but I'll never be able to run everything I'm ever going to use in just a short period of time.

alamarco
Premium Member
join:2003-06-18
Windsor, ON

alamarco to Jason_DCS

Premium Member

to Jason_DCS
Thanks for your input. So if I'm correct using SSM is better then not using anything. Also it's good enough until I can get some money together for a purchase?

The question really is whether or not to us SSM while waiting for some money. It seems I should. When I tried PG 2.0 I liked it a lot so even if I get used to SSM I'll probably still buy it when I get the chance.

By the way, is there an option where I could buy PG with life time upgrades/updates? I'm pretty sure I saw one with TDS but not sure if there is one for PG.

Thanks again.
said by Jason_DCS:

I have used SSM quite a bit after the author asked me find an issue between ProcessGuard v2.0 and his latest BETA. Hopefully another SSM user will post a comparison, however I will try and be as unbiased as I can. Please also remember that the latest SSM which I am discussing is in BETA status so might not be relevant to the final program when released. You can't compare ProcessGuard to the non kernel mode versions of SSM because they aren't really in the same league, so most of my comparison will be limited to the BETA.

The latest SSM beta compares very well to the free version of ProcessGuard v3.xxx on features. The full version of ProcessGuard does edge it out features, however SSM is currently freeware so that is in it's advantage. SSM isn't designed to run well under XP fast-user-switching either, so if you use that feature it may be a problem.

SSM runs on Windows 9x, which is another benefit of the program. I might point out that the method it uses on Windows 9x to protect the system (like MadCodeHook used in TrojanHunter and some anti-spyware applications) is insecure if software detects the protection mechanism in place. This is the reason the latest SSM beta handles things in kernel mode under Windows NT/2K just like ProcessGuard has been doing, since if done right it can be secure. However, since most malware doesn't "detect" this protection it can provide a lot of security for Win9x users.

Hopefully some other SSM BETA users can provide some reports on stability, but on some of our test machines it proved to be a little unstable. I think some work needs to be done for the kernel mode driver under Windows NT/2K/XP, as previous versions which did not have kernel mode protection in them used to run fine on the same machines. It is BETA software however so hopefully the issues will be worked out before final.

The interface still needs some work in my opinion (it has stayed pretty much the same since early versions), as I found it quite hard to use and some of the GUI doesn't seem to act like it should. The SSM interface however has a lot of features packed into it, which I'm sure some people will find useful. I know a lot of ProcessGuard v2.0 users emailed us complaining about the interface (how they wouldn't dare letting their mothers or partners use it due to complexity), which is one of the areas we tried to improve the most in the latest v3.0 version.

Overall SSM still needs time to improve. There are certain parts of it's kernel mode core which still need to be added and tested that I think users want (at least from the feedback we receive from customers). Speaking from first hand experience I understand the amount of time required to improve and work on something like PG/SSM. I think this is the reason why future versions of SSM might also become shareware. ProcessGuard's kernel mode technology has been in development for over 2 years, and that is with continual 5 day a week research, development and coding over that period.

I do hope SSM continues to be developed because I think only good things can come out of some competition. At the moment ProcessGuard is pretty lonely where it is sitting. With DiamondCS pretty much the only company really trying to tell users that this is one of the best ways to keep your computer protected from malicious software. When there are other products that are similar it makes more sense for magazines, and computer sites to do reviews and comparisons and things like that which get the word out to more people.

Jason_DCS
join:2002-12-17

Jason_DCS

Member

said by alamarco:

Thanks for your input. So if I'm correct using SSM is better then not using anything. Also it's good enough until I can get some money together for a purchase?

The question really is whether or not to us SSM while waiting for some money. It seems I should. When I tried PG 2.0 I liked it a lot so even if I get used to SSM I'll probably still buy it when I get the chance.

By the way, is there an option where I could buy PG with life time upgrades/updates? I'm pretty sure I saw one with TDS but not sure if there is one for PG.

Thanks again.
Buying ProcessGuard entitles you to all future upgrades for free. Even when the price of ProcessGuard was $19.95, those users still got the upgrade to v2.0 (which was $24.95) and now v3.0 (which is $29.95) for free.

The free version of ProcessGuard v3.0 has been changed, so now you can protect as many processes as you want from attack. In earlier FREE versions you could only protect one process from attack. As to which you should use SSM or ProcessGuard FREE, I would suspect that in the end it would just come down to which one you "like" better.

alamarco
Premium Member
join:2003-06-18
Windsor, ON

alamarco

Premium Member

said by Jason_DCS:
Buying ProcessGuard entitles you to all future upgrades for free. Even when the price of ProcessGuard was $19.95, those users still got the upgrade to v2.0 (which was $24.95) and now v3.0 (which is $29.95) for free.
Thanks for that information. Will make buying PG more beneficial now .
said by Jason_DCS:
The free version of ProcessGuard v3.0 has been changed, so now you can protect as many processes as you want from attack. In earlier FREE versions you could only protect one process from attack. As to which you should use SSM or ProcessGuard FREE, I would suspect that in the end it would just come down to which one you "like" better.
Well that's awesome. I'll probably try the free again and see the differences. Thanks .