PG and Outpost 2.5

You're giving valuable advice, P2K, as usual. It doesn't solve the basic problem with OP, yet. Let me explain:

• Applying your steps doesn't cause any problem when shutting down the computer. The HID window appears, there is no time to enter the 5 letters and the shut-down process might take some moments longer as usual. But in the end OP is terminated, of course.
• Problems arise, however, whenever you change from one account to another. I always work and surf under my user account, but sometimes I cannot avoid logging in as an administrator. If SMH is enabled there is again no opportunity to enter the 5 letters when logging out. Now the problem: When I log into my user account the HID windows is still visible (!) but not accessible. Then an error message appears and OP is shutdown.

Because of this problem SMH is not applicable for me (unless you have a solution for this issue). The true cause for this problem is the fact that in Outpost the service and the GUI are not separated like, e.g., in Kaspersky Anti-Virus. Any malware might shutdown the KAV GUI - well, who cares: the KAV service is still running well protected by PG (without the need of SMH). In OP the service and the GUI are combined in one file outpost.exe (with the absurd side-effect that even a restricted user can easily terminate the service).

So IMHO the only real solution is a redesign of Outpost. We as OP users should make this request to Agnitum.

 

Are you logging out and logging back in again or using Fast User Switching? If logging in/out, ensure that csrss.exe is given Terminate privilege in PG (this tries to close processes on logout). If you are using FUS, then Outpost has bigger issues with it - I'd suggest checking the Outpost forum Switch Users thread for more details.

 

Thanks for pointing this thing out; OP users wouldn't notice this. If it is really, OP should fix this out asap? I am not a coder, but this is no good.
thanks.

 

No, I'm not using FUS. I will try if your hint regarding crss.exe will solve my problem.

I was aware of that. Thanks for your help.

 

Please see the Outpost forum thread Please install process killing prevention for a discussion on this. If Outpost is running as a service - the Outpost window will include (Service Mode) if it is - then it cannot be terminated via Task Manager without Administrator access (though there are plenty of other ways to disable it).

 

IMHO Agnitum should indeed fix this asap. It might be that by using SMH with Paranoid2000's hint regarding crss.exe you can circumvent this problem (I will try out). Nevertheless I stick to my conviction that a missing separation of service and GUI is a bad design for a security-related software.
If I surf under a user account and not as an administrator I do that delibaterately: I do not want to have full rights as one measure of protection against malware. That I'm nevertheless able to shut down the OP service - well, that's what I call absurd.

Since this discussion is OP and not so much PG related I think we should continue it in the OP forum.

 

That's correct.

... and that's the problem we are talking about. That's why SMH is necessary - if it is applicable. Well, as mentioned: I will try out

 

Back at home I realized that csrss.exe had already been given terminate privilege. In other words, I still have no solution to the discussed problem ...

 

Hit Cancel in reply to the PG HID when logging out then - I do this and have no problem.

 

I wonder how you do this.
When I log out I click the Log Off button in the Start menu (no HID pops up) and then a second time - now the HID pops up but the log out process is too fast to even press the cancel button. Is it different on your computer? I'm puzzled...

 

When I log out, the HID appears almost immediately - I have to click Cancel twice and then I get the login screen. The delay in your case may be due to other processes running which use their own termination protection (e.g. KAV, TrojanHunter, etc).