Main Area and Open Discussion > General Software Discussion

[suggestion] ProcessGuard and RegDefend

(1/2) > >>

mob:
ProcessGuard and RegDefend are both top of the line security programs in their categories.

Together, they can secure a system from virtually any threat and all with very very very little use of resources.

They compliment any firewall/antivirus by filling in the gaps and vulnerabilities left open by those programs and provide an added layer of security to protect any PC.

No PC should function without these two programs.

This is why I think they deserve a nice review from donationcoder.com :)

----------------------------------------------------------

To learn more about these programs visit:

ProcessGuard Website: http://www.diamondcs.com.au/processguard/
RegDefend Website: http://www.ghostsecurity.com/index.php?page=regdefend

ProcessGuard Forum: http://www.wilderssecurity.com/forumdisplay.php?f=13
RegDefend Forum: http://www.wilderssecurity.com/forumdisplay.php?f=72

mouser:
i've heard some very good things about process guard from a friend who rescued a computer filled with viruses/spyware, and used process guard to hold the infections at bay while he cleaned it.

mob:
i've heard some very good things about process guard from a friend who rescued a computer filled with viruses/spyware, and used process guard to hold the infections at bay while he cleaned it.
-mouser (April 04, 2005, 10:52 PM)
--- End quote ---

That's what it does best :)

ProcessGuard is a very powerful program. It works at the Kernel Level which means it has higher authority over virtually anything you run on your computer.

Just a few examples of why it's so important to have this program:

1) Even if you have a firewall and an antivirus installed and running, there are so many leaks and vulnerabilities that will render those security programs useless. You can see a list of the most common leaktests here: http://www.firewallleaktester.com :and just so you know, these leaks are common and KNOWN! Yet still today firewalls and antivirus software fail to block some of these threats and are actually having difficulties finding ways to stop them. ProcessGuard was not even designed to block these leaks but the nature of the software blocks them effortlessly.

2) There are tons of viruses/trojans/worms that will detect which firewall/antivirus software you are using and simply close them down or disable them and then run their malicious coding or connect to the internet. And your Antivirus/firewall can't do anything about it! Your security software is just going to think you are shutting it down or disabling it. Now ProcessGuard is designed to protect any application you choose from being closed or disabled. And since it works at the kernel level which is the lowest level of your operating system, it is virtually unstoppable. Read the processguard forum and the info on their website to find out about many more things this program will do for you.

To make the long story short, no process guard = no security.

Scott:
I'd hold off on the "No PC should function without these two programs" recommendation for now.

ProcessGuard is a very powerful program. It works at the Kernel Level which means it has higher authority over virtually anything you run on your computer.-mob (April 05, 2005, 05:13 PM)
--- End quote ---

All drivers work "at the kernel level".  ProcessGuard only has a real shot if it prevents malware from installing; not if that malware is already installed.  And the kicker is that the authors of ProcessGuard, DiamondCS, recommend disabling ProcessGuard during software installs.  This is ironic, since that's exactly when malware often creeps in.

So, OK, ignore that advice, and keep ProcessGuard enabled while installing software?  This can be a recipe for a headache, if ProcessGuard blocks a driver, service, or hook that your new software needs to have installed and working.  And the result of blocking it may be a botched install.  Usually, you can just re-run the installer, but sometimes you'll have a mess to clean up, or worse.

And the fact that you must allow some software to install drivers and/or service, or to use system hooks, means that it's a guessing game as to what you can trust.  Just try blocking all drivers, services, and system hooks sometime, and you will quickly see what I mean.

Even if you have a firewall and an antivirus installed and running, there are so many leaks and vulnerabilities that will render those security programs useless. You can see a list of the most common leaktests here: http://www.firewallleaktester.com-mob (April 05, 2005, 05:13 PM)
--- End quote ---

My personal firewall software stops all known leak tests.  I'm not going to say what it is, because I don't want to engage in a back-and-forth about it.

There are tons of viruses/trojans/worms that will detect which firewall/antivirus software you are using and simply close them down or disable them and then run their malicious coding or connect to the internet. And your Antivirus/firewall can't do anything about it!-mob (April 05, 2005, 05:13 PM)
--- End quote ---

Can you name any of them off the top of your head?  I can't, though I know they exist.  In any case, no malware is going to kill your firewall or anti-malware application if it is recognized and intercepted by the latter.  Please don't read into the word "if" in that sentence; I am not saying that security-software-terminating malware isn't a concern, but this is a mitigating factor worthy of note.

Your security software is just going to think you are shutting it down or disabling it.-mob (April 05, 2005, 05:13 PM)
--- End quote ---

Only if (1) The malware isn't detected; and (2) Your security software has no self protection features of its own (most decent ones these days do).

To make the long story short, no process guard = no security.-mob (April 05, 2005, 05:13 PM)
--- End quote ---

This is a gross misstatement of reality.  Security is a direction, not an end point.  Shades of grey, not black and white.  You're not "secure with ProcessGuard" and "totally insecure without ProcessGuard".

I'll close by pointing out that I (and others) have reported several bugs to DiamondCS that made it easily possible to totally bypass ProcessGuard.  I also pointed out a way to kill applications that ProcessGuard was supposedly "protecting".  I have no idea if all of those bugs have been fixed, as I grew tired of being their unwitting beta tester.
 

mouser:
i have to say i tried processguard and did not have much success with it.
I tried using process tamer gui to kill apps and process guard didn't seem to be able to prevent it.


the friend of mine who found it useful says he doesn't keep it running on his machine, but has used it in an emergency when an installed virus or trojan would not let itself be stopped.  process guard was the only thing he found to keep it from running until he was able to clean the system.

Navigation

[0] Message Index

[#] Next page