Gss hangs on shutdown????

Discussion in 'Ghost Security Suite (GSS)' started by ghostriderg, Oct 16, 2006.

Thread Status:
Not open for further replies.
  1. ghostriderg

    ghostriderg Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    16
    Hi all!

    using gss suite with regdefend paid and appdefend beta unpaid (but hopefully not for long!)

    win2k

    newbie questions

    1.) When I shut down my box it hangs before complete shutdown with a dialogue from appdefend asking if smss can shutdown Gss. If I ignore this the system will take anywhere from 10-15 minutes before complete shutdown!!! However if I select allow once the system shuts down as would be expected. The question is what is the correct procedure.

    2.) I have tried to install both dropmyrights and the same feature in secureit both without success it would seem that Gss is in someway blocking the process each time for each app as I get the dialogue "drop exe" "procedure entry point safer create could not be located in ADVAPI32.dll".

    3.) I also have a question on whether or not to allow this action

    KEY_LOCAL_MACHINE\System\Currentcontrolset\Control\Session manager | BootExecute | | SET VALUE, DELETE VALUE | spywareterminator.exe | 2

    (text) autochk autochk*

    This is spyware terminator asking for permission to perform this action. I have set it to block in regdefend but was wondering if this is the correct thing to do?

    I tried contacting Jason a week ago about this but thus far I have had no reply, so any and all help would be appreciated as I have many more questions.

    thanks in advance
     
  2. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    Hello ghostriderg, smss is a part of the operating system and should be set to allowed always. Nothing wrong with spyware terminator asking for privelages, I use it and it asks for the very same thing you can set it to allow or always allow its up to you. The only way dropmyrights is going to work is if you allow all to all of the prompts when GSS flags the program, but just my opinion since there are ways to bypass user rights privelages , dropmyrights program is kind of useless, I personally rely on GSS to flag stuff from starting up.
     
  3. ghostriderg

    ghostriderg Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    16
    Hi there yankinNcrankin

    keep it real

    Thanks for your reply!

    A few questions.

    RE: smss

    If I always allow this process does gss still protect smss. My logic is this smss must be outside of Gss in order to terminate it. So if some-such malware were to take over the smss process could it effectively close Gss and other processes unhindered and unchecked?

    RE: Spyware Terminator

    I know you said to allow this but ST is still on my grey list at the moment - (great program with nice features for a freebie good flexibilty and fast HIPS reminds me of MSAS in some ways) - as there are a few things I have to look into at the moment as to what it does.
    The question here is I suppose why does it want to go down to the system disk check level which I assume is what autochk autochk* is, none of my other security programs have asked for this. This may not be a bad thing but I would be interested to know.

    RE: Dropmyrights/Securit

    I did allow all processes on install but checking with filemoniter the system seems to accept it then reject ito_O? I mainly wanted to use this for the kids when they surf the net and email their friends ( I qoute "this computer is like prison cell" un-quote; you get my drift) and download all kinds of games.... oh well.

    RE: Jason!

    Havent seen his precence in this forum for longest while or am I wrong?

    Thanks in advance
     
  4. turion

    turion Registered Member

    Joined:
    Apr 5, 2006
    Posts:
    58
    smss is responsible for starting the user session. It launches winlogon & csrss processes. After that it waits till one of these 2 processes to end. If this happens normally the system will shut down. If it happens unexpectedly it will cause the system to hang. In other words you have to give smss full permission (always allow in GSS) but remember the file is located in the C:windows\System32. There are several viruses trying to run as smss (in a different location) to trick you. If a virus takes over smss you might have problem starting up windows.

    Secureit an encryption tool, i guess you don't want your kids to get access to certain files :cool:
     
  5. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Just to complement Turions explanation of SMS

    When in doubt about a process or .dll's function you can always Google for it, however there are a few sites that provides decent info on these.
    Here is a couple I find useful:

    http://www.processlibrary.com/ or http://www.processlist.com/
    They dont always have everything in their databases but it sure helps a lot... :thumb:
     
  6. ghostriderg

    ghostriderg Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    16
    Hi All and thank you for your replies!

    Sorry for not getting back and checking this but I had previously posted a reply which doesn't seem to hereo_O? Anywhoo.

    I have enabled smss and given ST permission for autochk and so far all is well, the system shuts down as it should so thanks for the advice and knowledge.

    Turion LLLOL :D no I dont have such files (Securit is a system hardening tool----that sounds even worse :blink:) I suppose I,m just fed up of them downloading iffy games and music files.

    Anyone else had a problem with implementing dropmyrights or the secureit version?

    ghostriderg
     
Thread Status:
Not open for further replies.