ProcessGuard popup problem

Discussion in 'ProcessGuard' started by iceni60, Jan 11, 2005.

Thread Status:
Not open for further replies.
  1. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    hi :) i just had a PG popup about a program starting up. i needed to check out what the program was before i could decide what action to take. it was very difficult to do because the popup wouldnt move, so i couldnt read the infomation about the program from liutilities.com. can you make it so we can move the popup out of the way? thanks. :)
     

    Attached Files:

  2. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, iceni60

    Here an old Link:- wmiprvse.exe?

    Take Care,
    TheQuest :cool:
     
  3. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    hi, TheQuest :) . thanks for your help. i wasnt too worried about wmiprvse.exe, i'm pretty sure it's because i installed buzzsaw, i think it and dirms are brilliant. but, it's more the fact that the popup wont move out the way, so if i had a trojan and the infomation on the page about that was behind it, how could i see it o_O
     
  4. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, iceni60

    Yes I think that is the Idea, it stop eveything untill you give it a command. [just in case give it a run or refuse once only]

    Take Care,
    TheQuest :cool:
     
  5. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    I'd agree that not being able to move the window can be a problem (it's a huge improvement over the "secure desktop" of PG 2 though). Either it should be movable or there should be a "Hold Program" option which would minimise the prompt until you chose to answer it.

    Until DiamondCS address this, it may be worth considering System Safety Monitor - its Application Watching feature performs the same function and the popup window is movable. It can even do a virus scan on the file in question (provided you have specified an anti-virus program in Preferences/Options/Misc). It is still beta but will run in parallel with PG.
     
  6. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    as i see it now, there's a problem that needs to be corrected. am i right in thinking you dont see a it? if so, there's a few things that could be happening.

    1, most likely, as i think no one else has this problem, there's something i havent understood with regard to the popup.

    2, i havent put my point across very well.

    3, you havent understood the problem.

    say wmiapsrv.exe, not wmiprvse.exe as you wrote, was a brand new trojan and when i went to look it up, so i'd know if i should let PG run it, or not, only one trusted site had anything on it. and because it was so new they only had two sentences on it.

    what would happen if the bit which said it was a trojan was behind the popup? i would need to be able to move the popup so i could read it. there could be other sites, which i dont trust, and shouldnt be trusted, saying it's a MS application and has to be run.

    in that situation i would have let the trojan run. it would have been avoided if the popup could move.

    below is a screenshot showing what i mean (i have used task manager in place of the popup)
     

    Attached Files:

  7. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    hi, i didnt see your post, im a very slow typer :D . i downloaded Abtrusion Protector earlier today, i was having problems with Prevx, and in the end removed it. is SSM still OK to use? i heard people saying that they couldnt use their copies of it any more because it had gone shareware and had some kind of (date trigger?) which stopped it from working. and which would you choose SSM or AP? thanks. would they be used by themselves, or with PG? thanks
     
  8. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    The current version of SSM (1.9.6) has an expiry date of March 2005. The author does intend to make it shareware at some point but also intends to provide a free version (with restricted functionality). It is a beta so some people may have problems with it.

    I've not used AP myself but it appears to offer much less interaction or control (blocking all programs not identified as legitimate installs). SSM gives you a popup whenever an application runs or tries to manipulate another process, allowing you to permit or block that activity - it also includes plugins for registry and startup file monitoring. I use SSM with PG and have made a comparison between them previously.
     
  9. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    hi, PK2 :) thanks for the help. i installed SSM along side PG Free and it seemed to be running without any problems, but when i looked in task manager, RAM is fine, VM is just OK, but my CPU %, with every instance, goes from around 7/8 % to 20/2 % is that acceptable? Prevx used a constant 11/3 % with PG. PG, by it's self, runs at 4/5 % what should i do, run PG alone, or with one of the others?
     
    Last edited: Jan 12, 2005
  10. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    SSM does attempt to gain Write access over other processes so I would suggest allowing this in PG's settings (i.e. in the Protection entry for SSM, authorise it to Terminate and Modify). If this does not resolve the CPU issue then check PG's logs to find the cause of all the activity.

    If you are running PG Free then you will not have the Global options of Full (protecting from malicious service or driver installation) so you will need SSM to cover that avenue. PG Free can only protect specified processes from being modified or terminated rather than your whole system (and it can be disabled via a Physical Memory exploit which the full version blocks - though SSM will intercept and prompt with this). However PG Free's process protection should be better than SSM's making it worth running (especially to protect SSM).
     
  11. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    i went through everything, then saw your post, and followed it. and now everything looks to be working well together, thanks for your help, P2K :cool:
     
  12. gottadoit

    gottadoit Security Expert

    Joined:
    Jul 12, 2004
    Posts:
    601
    Location:
    Australia
    iceni60,
    I have exactly the same problem as you with the prompt and have asked DCS to include more information in the popup window to assist
    You should add a note to the "new features" thread to ask for the movable window and maybe even simple user configurable way of clicking through to check a website (like http://www.answersthatwork.com/Tasklist_pages/tasklist.htm or liutilities as you indicated)

    One thing that I have that you don't is a dual monitor setup, with that I don't have the problem because I simple move the browser to the other monitor and check....

    I'd suggest going for the dual monitor it makes lots of things a *lot* easier with the extra screen space, you'll wonder how you ever did without the second one and start thinking about how to justify a third...
     
  13. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    thanks for your ideas, gottadoit. i tried looking and searching for the "new features" thread, but i dont know where it is. i'll have a better look later, i feel abit brain-dead at the moment :rolleyes:
     
  14. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, iceni60

    First off I was getting your name wrong. :oops:

    Now:-
    I am sorry once again. :oops:

    Glad to see you have been able to sort it though. :)

    Take Care,
    TheQuest :cool:
     
  15. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    dont worry about the name, i get it wrong all the time, besides i got P2K's name wrong too, maybe it's this thread o_O

    thanks for helping anyway :)
     
  16. gottadoit

    gottadoit Security Expert

    Joined:
    Jul 12, 2004
    Posts:
    601
    Location:
    Australia
    It probably didn't help that I didn't use the correct name for the thread
    It is the sticky thread at the top ProcessGuard v3.xxx Suggestions / Wishlist
     
  17. war59312

    war59312 Registered Member

    Joined:
    Nov 30, 2002
    Posts:
    72
    Location:
    U.S.A
    Sounds good to me as well.
     
Thread Status:
Not open for further replies.