Running System Safety Monitor with Process Guard.

SSM version 1.9.4 Beta
PG version 1.150
OS. XP Pro:

If you do not protect SSM with PG constant logging will occur by PG as SSM scans running apps.

Below is a screanie of PG showing the SSM set up which prevents endless PG logging:

for me, ssm and pg don't seem to get along.. when ssm is protected by PG, i first notice an ssm window popping up during shutdown, then after that my computer starts rebooting when i press "shut down". ssm seems to run ok along with PG when it is not protected by PG.

As long as you give the other program (SSM in this case) ALLOW privileges then there shouldn't be any issues :)
And then if you also want to protect that program from various process attacks (termination, code modification etc), then you can also add BLOCK flags :)

I have PG set up like Wayne said and it is working great ;).......but, I can't have close message handling enabled for SSM.

Regards,
Jade.

agree with Bowserman and Wayne, SSM and PG works great together, but because SSM popups are windows, the close message handling is not handy for SSM and even quite annoying.
But such protection could be added by the author itself :)

I have the new PG 1.200 Beta under test & was wondering if now that SetWindowsHook is enabled by default will SSM need CMH anyway?

BTW SWH appears to be working well with no visible resource use. I still have quite a few other checks to make and one nit not yet analysed. I have not had any BSOD's on start up & procguard.exe attaches without any problems do far.

Yes Close Message Handling is still needed, because it's different than SetWindowsHookEx and that SSM can be closed that way.

However i don't use CMH on SSM because SSM popups often and i have a CMH window each time :-\

I have written to the author about this issue.

(he Pilli, isn't my english better ? :) )

@GK
{QUOTE-> (he Pilli, isn't my english better ? <-QUOTE}

Never noticed it was bad ;) I would say improved from good to better :)

Hello,To all

Well need someone to help me i just installed
Ver 1.150 but i don't get it how do you know
what to add i did try adding say PGP & then
i closed it but i did not see anything happen

what is it that i should be looking for to happen
anyone at all well you all have a great one

Good luck ;D

Rojas, As a guide, add all applications that are covered by your firewall rules - Browsers, email clients, AV, AT & firewall itself, except ZA (which has protection)
+ The defaults that are included when you first start PG

HTH Pilli

Hey,Pilli

Ok i see what you are saying but i also see
this in options Allow Flags so how do you
know what to add to this option & once it
is added what do i allow oh all that i have
been adding are exe files no dll files do i
add all the dll files to the exe's i add to PG

Thank you ::)

Right I'll try and explain it as I see it, no doubt DCS programmers will correct me if wrong :)

When you add an .exe to the list a .dll file cannot (under normal circumstances} be injected into the .exe's memory space.

In options ,Blocked & Allow only applies to listed .exe's and Allow overides the blocked flag - Thus stopping a lot of undiserable logging.

Close Message Handling will stop any protected .exe being closed by most methods and requires a Human input via the Human Interface before closure is allowed.
You can try this out using DCS's Advanced Process Termination available here: http://www.diamondcs.com.au/index.php?page=products
Ensure that Protection & General Protection option are all enabled

So rule of thumb leave exe's standard blocking, watch the logging and add allows to the ones that show a lot of logging.

The default settings on the default list are agood example:

The new version 1.200 is under beta test at the moment and adds further enhancements including control of SetWindowsHookEx + fixes for driver contention & dos path issues