C:\windows\system32\services.exe Question

Discussion in 'ProcessGuard' started by Access Denied, Feb 12, 2004.

Thread Status:
Not open for further replies.
  1. Access Denied

    Access Denied Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    927
    Location:
    Computer Chair
    Is it a waste of PG if I allow this to install drivers/services so I don't have to disable PG while installing things. What I mean by that is can a malicious program use services.exe to do its dirty work if I have it allowed in my list. I am guessing that PG would block the attempt but I want to know before I add the allow option for it.

    Thanks,

    Eliot
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Elliot

    You might have to give services.exe. When I have Blocked Services and Drivers on AOL make a connection to go online unless it can install a service. The log will show you what you have to do.
     
  3. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Services.exe sometimes does install drivers/services for a specific application. So it is a bit of a risk allowing it to install drivers/services, on the other hand things like AOL,etc, are easier to use if you allow it. I'll leave it up to the user what they prefer. :)

    -Jason-
     
  4. Access Denied

    Access Denied Registered Member

    Joined:
    Aug 8, 2003
    Posts:
    927
    Location:
    Computer Chair
    :eek: I will make it have to be disabled then. I cannot allow anything to run rampant in here with all this security software. Thanks :)
     
  5. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    Funny that I was just coming here to ask about system32 services :D and here is a pre made thread for me to use :D

    Anyway yesterday I was on some shady site which crashed Opera and later I had a fatal error in windows XP which went into a safemode type enviroment and told me to reboot o_O Never seen that before... but since then I get PG logging:

    14 Feb 09:11:44 - [DRIVER/SERVICE] c:\windows\system32\services.exe [948] Tried to modify an existing driver/service named navex15

    It apears to want to modify my AV and I'm not sure if this should be allowed since I've never seen this before and I had that strange crash earlier.

    Any advice you can offer would be appreciated.
    Thanks !
    ;)
     
  6. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    786
    Location:
    West Virginia (USA)
    In my experience and opinion, you will be wise to provide Services.exe the Option of Drivers/Service Installation. Otherwise, you will experience random malfunctions from some programs. JMO and what I ended up doing. ;)
     
  7. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
  8. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    I guess what I'll try first is just shut down PG's driver protection and reboot to let services.exe do it's update to navex then re-enable PG's protection... hopefully I won't need to "always" allow services.exe to run free :doubt: but if it comes down to more problems with it I guess that's what I'll have to do.
    Thanks again for the info !
    ;)

    EDIT:
    After thinking about this a little more, I realized that I could just check the allow flag and reboot instead of shutting down PG's driver protection :rolleyes: hehee
     
  9. RDT

    RDT Registered Member

    Joined:
    Feb 21, 2002
    Posts:
    16
    I'm seeing this also even after I have allowed ccapp.exe driver/services install.

    6 Apr 08:18:39 - [DRIVER/SERVICE] c:\windows\system32\services.exe [632] Tried to modify an existing driver/service named navex15

    6 Apr 08:18:39 - [DRIVER/SERVICE] c:\windows\system32\services.exe [632] Tried to modify an existing driver/service named naveng

    Allowing driver/services install in ccapp.exe doesn't fix the problem

    Rick Thompson
     
  10. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    RDT

    Had exactly the same with my Norton 2002 -navex 15 and naveng just a few days ago. Didn't know how to sort it so dis'd the Block drivers etc.

    Have disabled Block Drivers and Services from Installing in the General Proctection Options and haven't had the problem since. I realise this isn't the answer but had a few probs with another app and the Block Global Hooks option, so at the mo I have all four General Protection options unticked (disabled). Far too cowardly to do anything else about it until I've found out a bit more about PG.

    Although it doesn't help you, at least you know its not only you!!


    :D
     
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    It isn't that AOL is easier to use. With the AOL 9.0 version I have you either disable blocking services install or give services.exe the privileges. Not doing one of the two means AOL simply can't go online. It becomes a matter of choosing the lesser evil. I chose to give services the privileges. That way at least other stuff is block from installing services.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.