PG3.3b3 disabled!!!

Discussion in 'ProcessGuard' started by buffet, Apr 1, 2006.

Thread Status:
Not open for further replies.
  1. buffet

    buffet Registered Member

    Joined:
    Mar 31, 2006
    Posts:
    53
    Hi,
    Our machine is running PG3.3b3. Today, After reinstalled xp and everything, We noticed PG running, but NO SMH window popup would had been to be the case for Procguard.exe and Kaspersky Internet Security 6 avp.exe We had seen before; then, we did a check on the DCSUserProt.exe, it was terminated uing taskmanager with no termination privilege!!! Note that all was set up in protection correctly.
    The second thing we saw today, when we checked mark SHM onto pgcount.exe, then, every program window had a SHM popup window occured when it closed.!!! Reboot, it is gone!

    Any help. Thanks.
     
  2. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    If you had KIS2006's proactive defense enabled then it is likely to conflict with PG - try checking KIS's logs for any details.
     
  3. buffet

    buffet Registered Member

    Joined:
    Mar 31, 2006
    Posts:
    53
    ProactiveDefend is enabled in KIS6.0.0.297g. PG is in the trusted appl list of KIS.
    Before SHM worked for KIS, now it doesnot! For Proguard.exe, after awhile, it works back on it for PG. Some confuses here! help!!!!
     
  4. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    As I said, try checking your KIS logs. With SMH, Process Guard has to "inject" itself into the program so there is a higher likelihood of conflict with software like KIS which has a very high level of self-protection (SMH is unnecessary here anyway since Kaspersky's background service cannot be shut down by closing a window).
     
  5. buffet

    buffet Registered Member

    Joined:
    Mar 31, 2006
    Posts:
    53
    thx. You are right! When let KIS allow PG inject itself into KIS, it works as expect, otherwise, it wont.

    My box is Dell E510 desktop, with Ati X300 graphic card. I see SHM windows come with full black button and I have to drag it to see text redrawn on button controls. Is this a something with video driver and PG?

    Do you use KIS? You can give some instructions to lock the box down using both. thx.
     
  6. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    What is SHM?
     
  7. some made up name

    some made up name Registered Member

    Joined:
    Jan 31, 2006
    Posts:
    60
    Typo of SMH which stands for Secure Message Handling

    I assume.
     
  8. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii

    What is Secure Message Handling then?
     
  9. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    From the PG HELP file- Beginnings section, Part 3.

     
  10. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    That doesn't make much sense to me. I don't have PG currently installed so I can check the Help myself. I understand the "human confirmation dialog" part but why would an application be closed down due to "windows messages"?

    I guess I need to read the help file again when I reinstall PG as I don't recall reading anything about Secure Message Handling. :(
     
  11. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    To be honest, "due to windows messages" doesn't make any sense to me either... :D

    I think Diamondcs misstated something here. I guess I "know" what SMH does and just didn't pay any attention that "due to windows messages" part.
     
  12. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
  13. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    Well, I think most of us would understand more easily if the wording was changed from "about to be closed down due to windows messages" to "about to close down unexpectedly" or "about to be closed without user permission". :D
     
  14. some made up name

    some made up name Registered Member

    Joined:
    Jan 31, 2006
    Posts:
    60
    hmm .. those would give me the impression that SMH protects against the process crashing (which includes forced crashes) which i am quite sure it doesn't. Maybe an elaboration on what windows messages are for those who don't know may be a better approach ;)
     
Thread Status:
Not open for further replies.