I've just downloaded the latest version (3.2),in the help file file it says somthing about loading the driver even earlier by going to control panel,system,hardware,device manager,unhiding hidden devices,double-click procguard,and in the driver part,it says to change the startup type to system so that it loads even earlier. But when i look in the driver part,it only says :- driver details,update driver,rollback driver and uninstall driver,there is nothing about changing the startup type.
Have i changed a setting somwhere so i cant view that bit? please help

thanks

{QUOTE-> I've just downloaded the latest version (3.2),in the help file file it says somthing about loading the driver even earlier by going to control panel,system,hardware,device manager,unhiding hidden devices,double-click procguard,and in the driver part,it says to change the startup type to system so that it loads even earlier. But when i look in the driver part,it only says :- driver details,update driver,rollback driver and uninstall driver,there is nothing about changing the startup type.
Have i changed a setting somwhere so i cant view that bit? please help

thanks <-QUOTE}What OS is this. WinXP, SP1 or SP2; Win2000, other?

sorry,its win xp sp2,all updates etc.

{QUOTE-> sorry,its win xp sp2,all updates etc. <-QUOTE}Okay - same here: WinXP Pro, SP2.

new user, You are a very good reader of help files!
I had not seen this.

Just to make sure first off, you are not getting:

Start | Control Panel | System | Hardware | Device Manager | View | Show hidden devices | View | Devices by connection
| procguard (double click) |

and see these at the Driver tab?

http://public.billaku.jetemail.net/procguard_system001

My sys original entry
Startup Type: Automatic (Started)

The other two tabs my sys:

General tab
Device usage: Use this device (enable)

Details tab
procguard
Device Instance Id
ROOT\LEGACY_PROCGUARD\0000


For a change from the existing Automatic to System to be retained, I exited all my system protections (PG, LookNStop, WinPatrol, etc.).
Reverted to, actually stayed at, Automatic first couple of trys not doing so.

Did find upon reboot that my AntiVirus Eset NOD32 was blocked from loading by PG where it had never been previously.

Went to PG Alerts and found msdtc.exe also now blocked, never before. Not even in PG Protection or Security lists.

Based on this info from WinPatrol Plus{QUOTE-> Microsoft’s Distributed Transaction Service Coordinator - MSDTC

The Microsoft Distributed Transaction Service Coordinator (MSDTC) allows for distributed transaction processing in a clustered or distributed environment. MSDTC runs on all Windows platforms and is installed by applications such as the Microsoft’s Personal Web Server, or Microsoft SQL Server. It coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. <-QUOTE}, I decided to add it to PG protection list.
First tried Authorize to Read (only)
and
Protect from Termination, Modification - the defaults
(Still those settings.)

Upon reboot, msdtc.exe appeared in PG Security list as 'Permit Always'.
I had put PG in Learing Mode prior to making entry, rebooting.
Have left msdtc.exe at 'Permit Always' for now.


After setting procguard driver startup type from automatic to system and first reboot:

---ProcessGuard 3.200 Log Started---
15:06:06 [EXECUTION] "c:\windows\system32\msdtc.exe" was blocked from running
[EXECUTION] Started by "c:\windows\system32\services.exe" [936]
[EXECUTION] Commandline - [ c:\windows\system32\msdtc.exe ]
15:06:10 [EXECUTION] "d:\dprogramfiles\eset\nod32krn.exe" was blocked from running
[EXECUTION] Started by "c:\windows\system32\services.exe" [936]
[EXECUTION] Commandline - [ "d:\dprogramfiles\eset\nod32krn.exe" ]
....


After above, add msdtc.exe as further above, another reboot:

---ProcessGuard 3.200 Log Started---
15:16:41 [EXECUTION] "c:\windows\system32\msdtc.exe" was allowed to run
[EXECUTION] Started by "c:\windows\system32\services.exe" [940]
[EXECUTION] Commandline - [ c:\windows\system32\msdtc.exe ]
15:16:46 [EXECUTION] "d:\dprogramfiles\eset\nod32krn.exe" was allowed to run
[EXECUTION] Started by "c:\windows\system32\services.exe" [940]
[EXECUTION] Commandline - [ "d:\dprogramfiles\eset\nod32krn.exe" ]
...


In both boots, msdtc.exe, nod32krn.exe first two entries.
Appears Nod32 dependent on msdtc

Glad when did as in above post did not get BSOD.

Read pertaining help file after-the-fact.

Here is what it says: For Advanced Users{QUOTE-> This information is for ADVANCED USERS.


ProcessGuard driver startup

The ProcessGuard driver (procguard.sys) is loaded before any user logs into a system, with a driver load option called AUTOMATIC.
This offers heavy protection, however users can experiment with this option to load the driver even earlier. This could provide better protection in exceptional circumstances, but should only be attempted by experienced users as this could also lead to crashes.
We have tested this extensively however, so this should work correctly on most if not all machines.

If you have any bluescreen crashes (BSOD, bluescreen of death), boot to Safe Mode and set the driver start back to AUTOMATIC.
Also note that ProcessGuard should only ever use AUTOMATIC or SYSTEM. No other options are valid.

To set the driver to SYSTEM:
1) Disable ProcessGuard protection.
2) Open Device Manager (Control Panel > System > Hardware > Device Manager).
3) Click View > Show Hidden Devices.
4) Expand the "Non-Plug and Play Drivers".
5) Find "procguard" and double-click it.
6) In DRIVER, change the Startup type to SYSTEM.

Now enable LEARNING MODE

Once you restart your computer, the driver will now load very early in the bootup sequence. This should also mean more detected processes starting. Ensure the SECURITY list has these new processes detected and they are ALLOWED. Learning Mode takes care of this, otherwise they show up as "Allow Once (unable to ask user)" since you were not logged in. Ensure any trusted startup programs are set to Always Allow - and change them if needed. <-QUOTE}Yup - sure did then detect msdtc.exe which it had not before - and blocked it - which blocked nod32krn.exe (kernel-type anti-virus .exe)
from loading.

Taken care of per info in Help File - before reading Help File - :blink:

Glad it worked out for ok you billaku,but i still dont know how you got it,i do the following:-

Start | Control Panel | System | Hardware | Device Manager | View | Show hidden devices | View | Devices by type (by connection is same result)
| procguard (double click) |

i have three tabs,
general- says this device is working properly/enabled
driver- says about driver provider,date version etc. three buttons- details (says no files are required or have been loaded for this device),update driver,rollback,uninstall
details- says device instance id - root\legacy_procguard\0000

Nowhere does it say startup type.

{QUOTE-> ...
Nowhere does it say startup type. <-QUOTE}Is your WinXP the Pro or Home?

If Home - that could be the difference?

I'm on XP home and saw this advanced trick in the help file yesterday for the 1st time myself.

It works like a charm for me. It does indeed load much earlier.

On my XP Home machine after showing hidden devices, under Non-Plug and Play Drivers, on the second tab for procguard properties, the option to change the Startup from Automatic to System is right there as the help file indicated.

{QUOTE-> Is your WinXP the Pro or Home?

If Home - that could be the difference? <-QUOTE}

I have xp home,does anyone elses say that the driver is unknown,date and version are not available,and it is not digitally signed? maybe i need to reinstall?

It still sounds like you are on a different version ! Are you perhaps logged in as a limited user ? are you on a Windows NT domain ?