No execution protection dialog?

When a new application runs, I never get the popup dialog asking me if the application should be allowed to run. PG just blocks it, and I get an error message from windows that it could not create a handle. I always must switch to Learning Mode to let any new application run. There is no button in the allerts window to allow it to start next time either.

I purchased PG because my computer was acting very strangely despite Zone Alarm, Spy Sweeper and SpyBot and NAV installed. I had to restore a prior configuration every week or my computer wouldn't boot. It is a relatively new machine that has been very flaky since I got it. Reinstalling Windows is too much of a hastle.

Is my problem do to PG, improper config, conflict, or system compromise?

 

Do you have block new and changed applications checked? See below.

Blue

 

Hi

I'm not sure about the acting strange bits. Make sure on the main tab that you untick block new and changed applications. That way you should get pop ups asking if you want the program to run and you can tell PG to remember the decision (assuming that PG is working properly on your comp).

 

You were both right. I guess the instructions are confusing or I'm not so smart. I figured it out right after the post. Thanks.

More questions:

1) Why does PG default to allow new applications to modify protected apps?

2)How do I know when its OK for a program to install global hooks/drivers/services and access memory? In particular I am concerned about MSMSG.EXE which loads itself often and tries to insatll global hooks.
I have this blocked and everything still works fine.

 

I think you'll find that they did that for ease of installation....presuming that PG would be installed on a clean machine.

PG is a very good protection tool, but it is not a cleaning tool. You may want to run some other scanners on your computer, including

MS Antispyware
CWShredder
Spybot S&D
Ad-Aware SE
Ewido
A2
perhaps trial versions of Spysweeper, TDS-3 (or Trojan Hunter)
and some other AV's
Kaspersky is currently the best AV out there.
Avast and AVG are free AV's. Their detection rate isn't that good, but always worth a scan <don't run two AV's at once>
Don't know if Nod32 has a trial, it seems to have the best heuristics of any AV
Regseeker is a very nice free registry cleaning tool (it finds heaps)
There are some other scanners, but others will have to advise you on them.

If msmsgs.exe is blocked and your comp runs fine, I would leave it on that setting. I have mine set to deny always, same for msgsys.exe, and dwwin.exe (the reporting function of Dr Watson).

With the global hooks setting, if you aren't sure whether to have it on, then simple trial and error will tell you...don't give programs permission, and if they work fine, don't worry about changing it...but at the end of the day, if you know they are clean (and know what they are for eg. they don't have server status for anything), as long as you have them protected with PG they are safe enough to give global hook permissions to them.

Also, generally speaking if a program needs permissions to bypass the global protection settings, you'll generally get a message saying *.exe tried to install a driver/service in the ALERTS screen. NAV's rtvscan.exe is an example, it needs to install a driver/service to run. Same goes for global hooks and other global protection settings.

Don't worry, there'll come a stage when PG will never alert you unless you
1. you want it to. eg. giving Permit Once permissions to an application like rundll32.exe
2. are installing something (best to either switch it off during this, or turn off your global protection settings)

 

The only programs that I give global permissions to are my security programs. I do this because I want to make sure they have all of their services available to them if, and when I am ever attacked. However, since I have KAV, PG, and RegDefend on, nothing has ever happened.

Of course, Windows gets everything it wants when I do updates or installs since I have PG Protection off.

Rich

 

Heh, in case you think you're getting contradictory advice, I also agree with Rich's way. I do have some things that don't strictly need permissions that I have given anyway (mostly to stop alerts and because I know they're safe), but I suppose they are few and far between.

Rich, you'll be happy to know I added Regdefend to my list of security products

 

Hi Vikorr,

I think the person who is really going to be happy is Jason who will be very pleased to know that another very knowlegeable user has decided that RegDefend is a product worth having.

Cya around,
Rich