PG Doesn't Like Drag-and-Drop

Discussion in 'ProcessGuard' started by spm, Feb 29, 2004.

Thread Status:
Not open for further replies.
  1. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    If Windows Explorer (explore.exe) is a protected app, ProcessGuard objects to any application that attempts to use OLE drag-and-drop to an Explorer window (incl. the desktop).

    If you try this, you'll get a whole series of "WRITE, TERMINATE, SET INFO, SUSPEND" blocks logged.

    That said, so far as I can see the drag-and-drop operations appear to complete properly, but it would be nice if the PG warnings could be eliminated.
     
  2. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    can we have a sample of your logs ?
     
  3. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    Sure. Here's a selection created when dragging an attachment out of Outlook to the desktop:

    29 Feb 09:14:50 - Window Log Started
    29 Feb 15:58:02 - [P] c:\program files\microsoft office\office11\outlook.exe [1524] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\internet explorer\iexplore.exe [10940]
    29 Feb 15:58:02 - [P] c:\program files\microsoft office\office11\outlook.exe [1524] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\internet explorer\iexplore.exe [10940]
    29 Feb 15:58:02 - [P] c:\program files\microsoft office\office11\outlook.exe [1524] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\internet explorer\iexplore.exe [10940]
    29 Feb 15:58:02 - [P] c:\program files\microsoft office\office11\outlook.exe [1524] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\winnt\explorer.exe [1200]
    29 Feb 15:58:03 - [P] c:\program files\microsoft office\office11\outlook.exe [1524] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\winnt\explorer.exe [1200]
    29 Feb 15:58:03 - [P] c:\program files\microsoft office\office11\outlook.exe [1524] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\winnt\explorer.exe [1200]
    29 Feb 15:58:03 - [P] c:\program files\microsoft office\office11\outlook.exe [1524] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\winnt\explorer.exe [1200]
    29 Feb 15:58:03 - [P] c:\program files\microsoft office\office11\outlook.exe [1524] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\winnt\explorer.exe [1200]
    29 Feb 15:58:03 - [P] c:\program files\microsoft office\office11\outlook.exe [1524] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\winnt\explorer.exe [1200]
    29 Feb 15:58:03 - [P] c:\program files\microsoft office\office11\outlook.exe [1524] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\winnt\explorer.exe [1200]


    The same happens with any app that suports OLE drag/drop.
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Steve,
    I have Outlook 2003 as a trusted programme in my PG list with the default blocks and first four allows.
    I also add any trusted programme that has external access to the internet. :)
     
  5. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    Hi Pilli: Yes, but that doesn't really address the issue. By that argument, every application which supports drag-and-drop needs to be made trusted (and access to the internet is irrelevant to that). This doesn't make sense, and isn't what PG is for, I believe.
     
  6. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Sorry Steve Forgot to say I was looking at your log, I do not have any drag & drop problems with PG, maybe because I am running 1.320.
    Hopefully the new version will address your problem :)
     
  7. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    OK, understood. Well, if 1.320 does address the issue then that's great. If 1.320 is due out imminently I'll get to see. If not, I'd be happy to beta-test if that would help.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.