Just been doing some tests with Secure Meassge Handling - Formerly known as Close Meaasge Handling - Latest and, hopefully, last V3 beta. Here is a copy of the Alert text: Fri 22 - 16:16:45 [TERMINATE] c:\winnt\system32\svchost.exe [720] was blocked from terminating c:\tds3\tds-3.exe [3852] Fri 22 - 16:16:50 [GLOBAL HOOK] [1244] was blocked from creating a global Call Wndproc Return hook Fri 22 - 16:16:56 [EXECUTION] "c:\winnt\system32\drwtsn32.exe" was blocked from running [EXECUTION] Started by "Unknown Process" [3808] [EXECUTION] Commandline - [ c:\winnt\system32\drwtsn32 -p 3808 -e 544 -g ] Fri 22 - 16:17:00 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:04 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:06 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:06 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:08 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:08 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:08 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:08 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:08 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:08 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:08 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:08 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:08 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:08 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:08 [MODIFY] c:\documents and settings\alan\desktop\utils\apt2c.exe [1244] was blocked from modifying c:\tds3\tds-3.exe [3852] Fri 22 - 16:17:54 [EXECUTION] "c:\tds3\ext.sys\execprot.exe" was allowed to run [EXECUTION] Started by "c:\program files\processguard\procguard.exe" [1812] [EXECUTION] Commandline - [ c:\tds3\ext.sys\execprot.exe tds|tdsdll-test:c:\program files\processguard\\logs ] Fri 22 - 16:17:57 [EXECUTION] "c:\tds3\ext.sys\execprot.exe" was allowed to run
Please help me with some strange things on my box PG3b2: - now, I set "SMH" to proguard.exe, then I try to add an app to the protect list,proguard gui shutdowned/gone when I use keyboard to type in filename field of file browser window (right at the first key pressed) - it repeats. - Incdsrv.exe still run and PG3b2 did not catch or report it blocked; InCDSrv.exe was not in the allowable-run-list (I added it later on). InCDSrv.exe came from installing Nero InCD program (packet cd/dvd writting prg). Thanks. [sorry for my poor english]
