Jump to content

Anti-Virus to become obsolete.


Recommended Posts

I just saw this program - now that made me wonder - how does that compare to yours, Rhytmnsmoke ...

website:

http://www.diamondcs.com.au/processguard/

:unsure:

PS: here's a thread discussing that very piece of software ...  :)

http://www.wilderssecurity.com/showthread.php?t=54352

I have not played with this software in particular, but just by reading some small description from the website I can already point out a couple little things.

If you click on Products, and read the first description, it notes that they keep a "database" of known trojans. That's difference #1. It states that it updates daily. Wonder how much system resources that takes up? Also it updates daily, but how often does it scan? I haven't read everything, so I'm still looking.

The next 2 products sounds like they monitor network points. We are Host-based. And the last product describes that it uses heuristics and rules. To which we don't use that approach either. We have one simple rule..."Nothing Comes In unless you let it in".

Whooaa! I just read like the first couple of sentences from that thread, and I picked out another difference immediately.

Installing wasn't a problem and after the reboot I went into 'learning mode' opening almost all my applications so that PG would detect the programs I am using regularly and allow necessary permissions.
The current set up in learning mode requires users have a lot of time to spend opening and closing programs when a scanner may very well achieve the same results.

Nothing of the sort is done with ImmE. We stay out of the way of Windows. Upon reboot, you do nothing, except wait for ImmE to do it's analysis and "Automatically" build it's policies for every executable on the machine. Is there a network version of this software. I wonder how you do that in a network deployment type environment, if you have to manually open every "Most" used application. What do you have to do if you miss a program? Do you then have to go and reconfigure the software everytime you run across a program that you forgot to add at reboot. For instance, not to many people use MSPaint. But when you need it for that one time, then do you have to go configure the software to allow it? Again, I haven't finished reading, so I'm just asking some random questions. But it already sounds like a different animal than our software.

It seems their software is geared a lot towards giving information about your OS, and giving you the ability to configure certain parts of your OS. No configuration needed from ImmE. It's locked down "Automatically".

Here is another example. They made a little utility to monitor your registry. And will alert you when something changes in it. Here was the graphic taken from the site.

regprot_subseven.gif

It gives you a yes or know option. If this was a virus trying to change the registry, with ImmE, you wouldn't see this option, because the virus wouldn't even make it this far. It wouldn't even run, because it would be killed to begin with. Not after the fact that it tried to make a change.

*EDIT* Also taken from their website:

Trend Micro Antivirus users please note - RegProt is NOT spyware. Your antivirus product will incorrectly identify it as spyware. You should contact Trend Micro support and complain, email us for more information if you are unsure about this false alarm. We have tried to contact Trend Micro to have the problem fixed, with no response.

This is very interesting. Does this mean they change something in the OS for Trend to think it is spyware? ImmE changes nothing of the OS to do it's job. We don't even install an executable in System32 or the Windows folder. Because we are independent of the OS, you wouldn't have this problem.

Edited by rhythmnsmoke
Link to comment
Share on other sites


Just wondering...have any of you guys done a Google for ImmuneEngine? You might try it and then read. It may give you a bit more insight and realize that this is a valid application that appears to do what this guy is saying. That is...if you trust sites like fcw.com, eweek.com, castlecops.com, etc.

I'm definately interested in seeing if this program can do what you say it can. If so...wow. I battle viruses and spyware all the time and have a collection of viruses I used to infect a test workstation with to practice removing them. I've got 20-30 viruses including some nasty boot sector viruses I wouldn't mind seeing if it could protect against.

Link to comment
Share on other sites

I'm definately interested in seeing if this program can do what you say it can. If so...wow. I battle viruses and spyware all the time and have a collection of viruses I used to infect a test workstation with to practice removing them. I've got 20-30 viruses including some nasty boot sector viruses I wouldn't mind seeing if it could protect against.

Man, this brings back memories. I haven't mentioned this before in the previous pages, but here is the story. My boss and I went to this government facility for a formalized test of ImmE. The people testing are like a liason between the Gov. and the commercial world. Whatever they say is good, the gov. seeks to accquire. Now, keep in mind, the technology they were testing on was our "OLD" stuff. It was like ver. 8.1. We are now on ver. 8.2.1. 8.1 did not have the ability to analyze every executable before it was passed to the kernal. What it could do was monitor the memory stack, and kick things out of memory that didn't belong there. Anyhow, the took a CD with 600+ some odd viruses on it. They turned off the AV that was already on the machine. I think it was Norton. So, the only thing that was running was ImmE. They launched all 600+ viruses agains ImmE from this cd, and then afterwards turned the AV back on to do a scan to see how many viruses were able to infect the machine. Norton came back with 0 infections. And that is with our "OLD" stuff. If this was the new system, the viruses wouldn't have been able to run in the first place. With the new stuff, they wouldn't even have made it to the memory stack, just to be kicked out of it.

Link to comment
Share on other sites

well mr.smoke i hve gone through almost first 15 pages of ur demo policies or educative information what ever u say , can u jus tell me when is ur product coming for the home users or atleast a demo virsion . givme some dates not just a range . anyway nice fight u r keeping with some of these guyes ... :D

Link to comment
Share on other sites

Hey,

Well I did not read every page but just wondering...

Beta Testing any time soon..dont see it mentioned anywhere...

Thanks,

   Will

well mr.smoke i hve gone through almost first 15 pages of ur demo policies or educative information what ever u say , can u jus tell me when is ur product coming for the home users or atleast a demo virsion . givme some dates not just a range . anyway nice fight u r keeping with some of these guyes ...

I predict something like that will be available either later this year, or early next year.

wow, this thread has caused 2 new users to join and smam 1 whole post

Who is smam?

By the way, Dondamm was in the last demo. He probably will be on here to give his thoughts on the software.

Edited by rhythmnsmoke
Link to comment
Share on other sites

So, let me clarify something. In order to add a new program to the computer, you can't simply tell IE to allow it you have to disable IE complete. Is that not correct? This is what I'm referring to by it not replacing AV. If someone turns off IE and installs a program that turns out to contain a virus, when you turn IE back on, the virus is already there. And since it was installed while your program was disabled, it's now considered a part of the safe list and allowed to run. At least with traditional AV, even if the virus gets in you can still turn the AV back on and run a scan to remove it. Your program doesn't do that. Tell me where in your statements you said your program will remove existing viruses. This is exactly what I mean when I say it may complement traditional AV but will never replace it. The only place I can see this completely replacing AV is in locations where new programs are not regularly installed such as a business environment, but not your average home user.

Link to comment
Share on other sites

If you click on Products, and read the first description, it notes that they keep a "database" of known trojans. That's difference #1. It states that it updates daily. Wonder how much system resources that takes up? Also it updates daily, but how often does it scan? I haven't read everything, so I'm still looking.

Rhythmnsmoke, it doesn't update any database - we're talking about the product named ProcessGuard, right? It's nowhere stated that it keeps or updates any database at all. Furthermore it doesn't scan as any traditional AV would - as I've understood it merely requires you to grant any driver or process denial or acceptance to run. That makes it about as good as your product except it doesn't "sweep" anything from your HDD.

But I appreciate that you took your time to answer my question being "bombed" with replies of all sorts in this thread :lol:

But I suppose I'd gain some knowledge of that PG program if I try the free demo from the DiamondCS website ...

Speaking of which - you guys REALLY need to look into the potential customer aspect of the marketing process - yes - i know it's been said more than a few times in this thread - but if you've no chance whatsoever to try out the program - may that be as a locked demo or whatever - you don't see in your own environment if it would work as you desire. That makes that particular product fairly useless for the common user - and I suspect that, at some time, you people would want to enter that segment as well ...

But I guess that's enough ranting on my part for now, hehe :whistle:

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.


×
×
  • Create New...