Allow?

Discussion in 'ProcessGuard' started by Rico, Apr 9, 2006.

Thread Status:
Not open for further replies.
  1. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,702
    Location:
    Texas
    Hi Guys

    Trojan Hunter 4.5 asked to use physical memory & was denied by PG, should I "allow?"

    Also I used SnagIt 8 for pic, which asked to create a "global mouse hook", should I "allow?"

    Also I seem to recall Spysweeper asking to terminate IE, and is denied by PG, should I "allow"?

    Or security app's in general should they be given the permissions they ask for in PG?

    I have all "global protections options" ticked + execution protection, I munderstand that's why PG asks the above; but should security apps be exceptions to the rule + maybe snag ito_O??

    Thank & Take Care
    rico
     

    Attached Files:

    • PG1.jpg
      PG1.jpg
      File size:
      83.8 KB
      Views:
      288
  2. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Rico,

    Just my personal opinion here - valid applications should be allowed to function with their full complement of implemented behaviors. This may create some hypothetical security issues, but the tradeoff is often system/application stability. So my general rule, if the program is valid and I know it's clean, I always allow the designed behavior to occur.

    The single exception to this general approach in my hands is program access to outbound Internet communication. Occasionally I do restrict that on a per case basis.

    Blue
     
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    for trojanhunter, my guess is its resident protection scans memory. id allow it.

    for snagit, it may use global hooks for shortcuts. its up to u.

    for spysweeper, i never remember it needing to terminate iexplore.exe, so im not sure.

    i cant give solid answers but i hope it helps even a lil bit.
     
  4. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    Rico,

    I have all three of the programs on my system that you mention. I allow them to do what they need/want to do for proper functioning all around.

    Spy Sweeper does this as part of its memory scan when a sweep is requested.
     
  5. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,702
    Location:
    Texas
    Messrs: BlueZannetti, WS Fuser, & Silconman01 many thanks!

    Take Care
    rico
     
  6. buffet

    buffet Registered Member

    Joined:
    Mar 31, 2006
    Posts:
    53
    What settings would be better applied for some windows services:
    userinit.exe (should/not: terminate/install driver)
    svchost.exe (should/not: terminate/install driver)
    services.exe (should/not: terminate)
    ;)
    It seems that msi package installations use msi.exe (windows service) to install drivers -> I often let PG with "driver/rootkit protection" on and have services.exe and msi.exe the previllege driver install; it works; if lock msi.exe, it wont.

    Thx for any advices.
     
    Last edited: Apr 12, 2006
Thread Status:
Not open for further replies.