Allow?

Discussion in 'ProcessGuard' started by Rico, Apr 9, 2006.

Thread Status:
Not open for further replies.
  1. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    2,286
    Location:
    Canada
    Hi Guys

    Trojan Hunter 4.5 asked to use physical memory & was denied by PG, should I "allow?"

    Also I used SnagIt 8 for pic, which asked to create a "global mouse hook", should I "allow?"

    Also I seem to recall Spysweeper asking to terminate IE, and is denied by PG, should I "allow"?

    Or security app's in general should they be given the permissions they ask for in PG?

    I have all "global protections options" ticked + execution protection, I munderstand that's why PG asks the above; but should security apps be exceptions to the rule + maybe snag ito_O??

    Thank & Take Care
    rico
     

    Attached Files:

    • PG1.jpg
      PG1.jpg
      File size:
      83.8 KB
      Views:
      288
    Rico, Apr 9, 2006
    #1
  2. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Rico,

    Just my personal opinion here - valid applications should be allowed to function with their full complement of implemented behaviors. This may create some hypothetical security issues, but the tradeoff is often system/application stability. So my general rule, if the program is valid and I know it's clean, I always allow the designed behavior to occur.

    The single exception to this general approach in my hands is program access to outbound Internet communication. Occasionally I do restrict that on a per case basis.

    Blue
     
    BlueZannetti, Apr 9, 2006
    #2
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,639
    for trojanhunter, my guess is its resident protection scans memory. id allow it.

    for snagit, it may use global hooks for shortcuts. its up to u.

    for spysweeper, i never remember it needing to terminate iexplore.exe, so im not sure.

    i cant give solid answers but i hope it helps even a lil bit.
     
    WSFuser, Apr 9, 2006
    #3
  4. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    786
    Location:
    West Virginia (USA)
    Rico,

    I have all three of the programs on my system that you mention. I allow them to do what they need/want to do for proper functioning all around.

    Spy Sweeper does this as part of its memory scan when a sweep is requested.
     
    siliconman01, Apr 9, 2006
    #4
  5. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    2,286
    Location:
    Canada
    Messrs: BlueZannetti, WS Fuser, & Silconman01 many thanks!

    Take Care
    rico
     
    Rico, Apr 9, 2006
    #5
  6. buffet

    buffet Registered Member

    Joined:
    Mar 31, 2006
    Posts:
    53
    What settings would be better applied for some windows services:
    userinit.exe (should/not: terminate/install driver)
    svchost.exe (should/not: terminate/install driver)
    services.exe (should/not: terminate)
    ;)
    It seems that msi package installations use msi.exe (windows service) to install drivers -> I often let PG with "driver/rootkit protection" on and have services.exe and msi.exe the previllege driver install; it works; if lock msi.exe, it wont.

    Thx for any advices.
     
    Last edited: Apr 12, 2006
    buffet, Apr 12, 2006
    #6
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...