FILE CHECKSUM TOOLS
  > CATEGORIES
  LEAK TESTING
  KILL TESTING
  ADVICES
  DOCUMENTS
  REWARDS
  > IN THE WILD
  > LINKS
  > FAQ
  > TOOLS

     SCAN YOUR COMPUTER

     TEST YOUR BROWSER
ProcessGuard 3.000, DiamondCS:



ProcessGuard is a process protector running at kernel mode, which means that it has more power than the admin himself, and can't be disabled by any threat running in user mode (like all viruses, and trojans).

ProcessGuard protects any software you want from being terminated and/or modified, which prevent most if not all threats in the wild to attack your security softwares such as the Firewalls and the AntiVirus.

ProcessGuard prevents too most keyloggers to run by blocking global hooks, and blocks rootkits installation by preventing unwanted drivers installation. As a side effect, it blocks half of the published leaktests by blocking process injection and modification. With it, your overall security is dramatically increased.

Since the 2.000 release, a new feature comes, Program Checksum. It is in fact an application monitoring or sandboxe, any new executable trying to run is asked to you by ProcessGuard if you allow it or not.



For beginners, or for users running a lot of programs, there is a learning mode which records and allows any executable running while in learning mode, of course, your computer must be clean in order to use it (to not automatically allow malwares). Then, if you want to lock your computer, you can check the option : any new executable which are not in your allow list is automatically killed and nothing new can run on your system, instead of popup a window to ask you what to do.

Pros of ProcessGuard against existing sandboxe softwares in my opinion, is that it does not trust any executable on all your harddrives, you can choose precisely what you want to run, ProcessGuard is a kernel mode driver, not a user mode software which can be disable by another user mode software, it protects itself and its configuration files, it has no overhead on your system unlike other sandboxe softwares which have a huge list of executable to check each time a new one run.

If anyway you want to use ProcessGuard and to keep your existing sandboxe software, the Program Checksum can be disabled simply.

With ProcessGuard installed and properly configured, you have a security software which can defeats all of the most advanced malwares.

Since the v3.0 version ProcessGuard now enables the user to control access to the \Device\PhysicalMemory and to block any malware to modify it (which can disable any security software.
Home      News      Contact      Online form      Mailing list