I have Wormguard running in the background and have had no problems except one peculiarity: Everytime I open the Proxomitron help file, Wormguard kicks in with a warning. What gives? Has anyone else experienced this?
Hi, Jooske. Thanks for the reply. A window pops up saying: "For security reasons, this program is temporarily blocked from executing."
Octogen, did you go into the admin utility of wormguard and allow more options when a suspicious file is found? As WG always tells if it is highly dangerous or suspicious due to reasons mentioned in it's first lines. Can imagine virus, infect, such words in the text. After that you have options to look inside in the safe mode and decide to run it anyway or not. I don't like to exclude helpfiles from scanning as there are some worms or viruses which love to infect especially helpfiles. Deep scanning could tell you if there is something the matter with this helpfile. What makes it suspicious, your system will contain hundreds of helpfiles with programs, so if WG is only alarming on this specific one, and even stopped from running i would certainly look much deeper into that. Please keep us informed how it's going with all settings enabled.
Thanks, Jooske. Your information is very useful as usual. Sorry it took a while to respond. I will try your suggestions once I get back to my computer.
Mwahh.. i've a few thousands of support emails from the developers and other operators, two whole support forums, several helpfiles and a more or less good memory, even though the exact names of the helpfile infectors slip my mind this moment so lot of possibilities to dig for ideas. Hope the ideas are not just useful but also help(file)ful for you, please keep us informed once you tried!
I had this same thing happen to me yesterday (twice). I let the helpfiles run. Later, I ran a/v and a/t and came up clean. I don't know enough to say why this is happening.
I'm sure in teh upper part of the message screen it says something more. Like "medium" or "high" alert, or suspicious, or "a line telling it contains "infection" or "virus" or "write" or "install" something like that. When you look in the safe mode, do you recognize anything? Did you in WG allow all possible options from looking and running and all that? Any ideas if the helpfile is recently renewed? What does TDS say of it when scanning the file? Please try to remember or copy the first few lines of the warning message as also DCS lab will need such messages. Is the file very big? IO ask this as i never use proxo, although i ever unzipped it and at opening the helpfile (which is then also rather old) via windows explorer i don't get any warnings at all. So there might have slipped in something either in the helpfile or proxo seems to be doing something which WG doesn't really trust. but with all your options in WG on, and if you try via explorer, do you get warnings?
Hi Octogen, I have had emails flagged because they mention things like "Viral" & "infection" I have just re- installed WG on this PC & believe that it is a false positive. The following taken from the help is almost certainly the cause: Installation and Eradication None needed really. Well, at least not in the normal sense... Unlike many Windows programs which seem to insinuate their way into your system like some parasitic organism, the Proxomitron...