Recommended Settings Wanted

Discussion in 'ProcessGuard' started by PGNewUser, Apr 28, 2005.

Thread Status:
Not open for further replies.
  1. PGNewUser

    PGNewUser Registered Member

    Joined:
    Apr 28, 2005
    Posts:
    9
    When I run PG in learning mode after clearing out all the protections with a reboot the following always showup.

    agentsvr.exe
    logonui.exe
    wuauclt.exe
    wdfmgr.exe
    imapi.exe
    alg.exe
    wmiprvse

    Are any of them unsafe?

    Should any of them be set to permit once instead of permit always?
     
  2. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi PGNewuser,

    Assuming you have a clean machine, and all of these modules are clean modules (i.e. none have been replaced by trojans), they match up with modules that I have allowed and have given "permit always" permission.

    Rich
     
  3. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    same here ;)
     
  4. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    Hi PGNewUser,

    None are unsafe. These are my settings (which have caused no problems on my systems):

    agentsvr.exe - permit once

    logonui.exe - permit always

    wuauclt.exe - permit once; I only do manual Windows updates

    wdfmgr.exe - permit always

    imapi.exe - permit always

    alg.exe - has never executed on my systems; I set the ALG service to manual startup

    wmiprvse - permit always

    Nick

    Edit: I looked at my others systems and see I have no wdfmgr.exe (Windows User Mode Driver Framework service) in the Security List. On those systems, I have that service set to manual and it has never started.
     
    Last edited: Apr 28, 2005
  5. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    wdfmgr.exe is not needed unless you have the latest Rhapsody version 3Beta. It will be used in Longhorn.

    "At the time of writing this service gets installed on Windows XP when you either install Windows Media Player 10, or when you upgrade to Service Pack 2 for Windows XP. Introduced in September 2004....

    At the time of writing, 25‑Mar‑2005, we do not know of a single product which has implemented WDF drivers. Thus, the more advanced users may wish to set the Startup Mode of this service to Manual on the Services tab of The Ultimate Troubleshooter till the time that they one day need to install a WDF driver as, then, they will need to set the Startup Mode back to Automatic to enable the WDF drivers to work properly. Less advanced users should leave this service alone as, sometime later in 2005, we will start seeing drivers which need this service to be running."

    http://www.answersthatwork.com/Tasklist_pages/tasklist_w.htm

    Also see: http://www.microsoft.com/whdc/driver/wdf/wdf-intro.mspx
     
  6. SSK

    SSK Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    976
    Location:
    Amsterdam
    Nice one, Mele
    --> off to read your links, me is :D
     
  7. rickontheweb

    rickontheweb Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    129
    Thanks for the info on wdfmgr.exe Mele20.

    I remember seeing this service appear on my system but couldn't find and real answers on if it was necessary or not.

    I alway love it when I can set another UN-needed service to manual...
     
  8. PGNewUser

    PGNewUser Registered Member

    Joined:
    Apr 28, 2005
    Posts:
    9
    Thanks for all the info

    Application Layer Gateway was set to manual in services.msc

    Edit:
    WormGuard 3.1 Questions Removed
     
    Last edited: Apr 29, 2005
Thread Status:
Not open for further replies.