New registered user of PG :) never tested free version, since it was highly recomended by someone I know.
System: Compaq laptop P3m 1.2Ghz XP SP1 Home "too many tweaks to list"

On first install I chose to add the default protections and was getting "could not attach errors" so I read through this forum and decided to uninstall in safemode, which went ok but on re-install it still did it again, so I tried the bootvis suggestion, which I found bootvis times out on this laptop (ZA Pro and NSW loads to slow for bootvis) :-[ so then I cancelled bootvis, rebooted and started getting BSOD's >:( So I uninstalled again and also uninstalled norton systemworks pro (loads too slow anyway) Went back to running SAV for now.

Ok so I defragged, reboot and re-installed PG and all is good now :P
But on install this time I didn't choose to enable default protections and now I don't see the option after reboot.

I would like to enable them without going through another uninstall ;)
Also I would like to know: How to protect SAV 8.1, BOClean 4.11 and ZA Pro 4.5.538 ?
Just choose the .exe's in the program folders ?
And I would like to know what MS processes should I protect and how ?

Mabey a sticky thread or a general list of how to protect common firewalls, antivirus programs, MS processes, ect... would be a good addition to this forum.

Thanks in advance for any info you can provide.

Hello Protek & welcome :) Glad you got there in the end!
Here is a screanie showng the basic list

Thanks for the welcome and reply :)
So should I assume that there is no way to enable the protections offered at install without doing them manually now ?

Is that screenshot showing me all the protections that would have been enabled if I chose yes on install ? (looks like more were below on your scroll bar)

Still would like to find out if I just choose the .exe's in the program folders of my firewall = ZA Pro 4.5.538 , anti trojan = BOClean 4.11, anti virus = Symantec Anti Virus CE 8.1 will that be enough to properly protect those processes. (thinking there's more to it than that)
Thanks

Click on add file to prtect . Then search your c drive program files for the exe. s that you want protected. The right click on each one. A box will pop up and at the top it will have [Select] . Click on Select and it is done. Then just go to the next.

When you protect the exe's you are protecting associated processes as well.
Protecting every application capable of connecting to the Internet is important, so are your systemfiles
Dolf

Protek, I just showed the default ones that PG sets up on first install.
There may be a registry way of making PG re ask but Jason will have to answer that.

ZA already has shutdown protection I believe though I am not sure about Close Message Handling.
Download APT from DCS and try it against the programmes you want to protect. http://www.diamondcs.com.au/index.php?page=apt

You may find as you add to the list that logging occurrs a lot with certain apps so then you can enable the Allow buttons for that process this will stop a lot of logging, the allow functions are only applicable within the PG list so it will not compromise your security

HTH Pilli

Thanks for the quick answers :)
Now that I have my system back running stable I was wanting to enable all the protections that were offered on install to find out for sure what exactly caused the BSOD's
I think it was NSW loading so slow which caused bootvis to time out and mess up boot defrag. But the funny thing is that bootvis used to run on this system before I installed PG and now it always times out even after uninstalled PG and big ole NSW.
Mabey there is another boot defrag tool besides bootvis? ???

I know windows "tries" to boot defrag itself (it is enabled), but it doesn't seem to do a good job of it and since bootvis screwed up that time, my system seems to boot slower. :-\
I could run Drive Image and restore my disk back to a couple months ago but I would rather not lose all I've done since then... Might aswell do a fresh install if it comes to that point.
:o An MS OS that has lasted 2 years without any BSOD's :o
I never would have belived it :D

If you can find one, use a registry cleaner & defragger before using BootViz as after time the registry does get itself into a real mess and normal defrag does not do the job.
I use the one in System Suite from www.vcom.com which requires a reboot to defrag the registry properly

{QUOTE-> Protek, I just showed the default ones that PG sets up on first install.
There may be a registry way of making PG re ask but Jason will have to answer that <-QUOTE}

I had a problem a while back where I had to reinstall PG.
To get the default list readded, I found this registry entry.

HKLM\Software\Diamond Computer Systems\Process Guard\BeenRun

Change this from 1 to 0 and PG will ask you to add the default processes next time you start it. ;D

The screenshot also omitted iexplore.exe which is PG also adds by default.

Yes I do that regularly (probably why XP been running 2 years) and have done so several times since the problem.
But I use jv16 Power Tools to clean the reg and then Registry Tool Kit which defrags the registry and then reboots system.
I have found nothing that re- organizes boot files besides bootvis.
I used NSW for system defrag before trouble. And have went back to Disk Keeper for system defrag since uninstalled NSW. But still bootvis times out and system boots slower than before.

Maybe the one you mentioned is better, but I can't afford to buy another prog right now, Xmas got all my money now ;D

@Shelb wow we posted at exactly the same second ;D
Thanks for that reg key I will try that. ;)

EDIT: Yes that value change worked THANKS ;D

Yes thanks for that Shelb,:)

And you are correct I do not use IE so I removed it from the list :(

Have a Karma cookie!

I'd leave IE in the list, simply because it is integrated into the OS and I doubt you have removed it (unless you use XPLite :))

A trojan could shell iexplore.exe instead of the default browser and inject into it, which some do. Although it isnt in your firewall ruleset is it ? ;) But I'd prefer to prevent the injection in the first place :)

Thanks Gavin, Will do, a very useful tip for most users :)

i think you should try uninstalling PG, and then reinstall it. it might even help to straighten out your slow-boot problem.. it is not that much trouble to do. just make sure PG is not running when you uninstall it (if you uninstall it). try it. :)

Yeah no help on the slow boot after re-install again... :(
Well guess I'll just do a restore of backup image, or maybe a fresh install of the OS ;) I haven't decided how much time I want to spend on this yet.

But I have noticed a ton of logging in PG from my anti-trojan "BOClean"
it's trying to gain access to all the programs that are protected, so I allowed BOC all privlages and still it is logging a ton of access attempts in PG.

How do I avoid all that logging ? ???

If BoClean is on your list try ticking all the Allowed boxes, I assume this is what you did, this will allow BC to access listed programmes and perhaps prevent so much logging. You may have to close procguard.exe and re-open for the effect to take place

HTH Pilli

Yes that's what I was saying, I did allow BOC all privlages (ticked all boxes)
Still it seems that PG and BOC don't play well together :-\ the same amount of logging is still going on. Seems like I've had a few things lock up due to them fighting over control here.

Don't know what else I could do... well it doesn't seem like I have anything else I can try besides uninstalling one of them ???

Hmm Sorry to hear that, Does BC run OK without causing logging when not listed in PG?
Hopefully Jason or Wayne maybe able to offer a solution, they will be dropping in here over the holiday period or possibly another BC user may respond.

Pilli

Ok, well thanks for your help. :)
I tried taking BOC out of the list and rebooting but it's still trying to gain access to all protected processes.
I will wait and see if a solution can be found.

Happy Holidays
;)

ProteK, Thanks for your patience. :)

The seasons greetings to you

Strange new developments ???

IE has been shut down twice now by: DRWTSN32.EXE ( DrWatson Postmortem Debugger )
Ok I've never had IE just shut down and dissapear from my screen before ???
It's clearly logged in PG as access was denied but yet it still kills it.
I have no idea why this drwatson is doing this now... it never happened before :(

Welcome to DiamondCS Process Guard.
This program does not need to be running for your system to be protected.

[17:01:12] - Window Log Started
[17:01:20] - Process Guard Protection is ACTIVE
[17:01:35] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\windows\system32\smss.exe [796]
[17:01:36] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\windows\system32\winlogon.exe [880]
[17:01:37] - [P] - c:\progra~1\symant~1\symant~1\rtvscan.exe [732] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\windows\explorer.exe [1976]
[17:02:16] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\windows\system32\services.exe [928]
[17:02:20] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\windows\system32\lsass.exe [940]
[17:02:30] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\windows\system32\svchost.exe [1124]
[17:02:30] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\windows\system32\svchost.exe [1432]
[17:02:39] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\windows\explorer.exe [1976]
[17:02:54] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\processguard\pg_msgprot.exe [1228]
[17:02:55] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\processguard\procguard.exe [1256]
[17:02:57] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\windows\system32\svchost.exe [1408]
[17:03:32] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\internet explorer\iexplore.exe [2392]
[17:20:23] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\internet explorer\iexplore.exe [3744]
[17:22:53] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\internet explorer\iexplore.exe [3944]
[17:35:07] - [P] - c:\windows\system32\drwtsn32.exe [2636] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\internet explorer\iexplore.exe [3944]
[17:35:54] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\internet explorer\iexplore.exe [2700]
[17:50:13] - [P] - c:\windows\system32\drwtsn32.exe [3704] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\internet explorer\iexplore.exe [2700]
[17:55:41] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\internet explorer\iexplore.exe [1920]
[17:58:00] - [P] - c:\progra~1\nsclean\boclean\boclean.exe [1192] tried to gain WRITE,TERMINATE,SET INFO,SUSPEND access on c:\program files\internet explorer\iexplore.exe [2128]

Well there's a new thing for you guys to look at ;)

Hey protek seems we both have the same problem on the bo clean logs hopefully these kind folks will get it fiqured out for you and i.I have also ticked all the allowed flags and still keep getting all these logs about bo clean trying to gain access.

{QUOTE-> quoting: Protek link=board=40;threadid=18225;start=15#msg113433 date=1072307417]
IE has been shut down twice now by: DRWTSN32.EXE <-QUOTE}
I don't know what caused IE to crash but it's NOT drwatsn32.exe
For all that logging I suggest to give boclean.exe and rtvscan.exe full allow privileges.
Dolf

Please view this thread in regards to DOS based pathnames , ie c:\progra~1 in your listing, and how PG currently has an issue with these.

http://www.wilderssecurity.com/showthread.php?t=17451


-Jason-

Ok, so I gave up and restored my system with my backup disk image.
Re- installed and updated all programs I had running before ever trying PG.
My system was running fine after couple days of testing.
Ran Bootvis and it ran fine, optimised and improved boot time ;)
So I decide to give PG another try and after install reboot and BSOD ::)
Ok so I reboot 2 more times and get my pc running ok again... but getting driver could not attach error from PG :o

Ok so I try bootvis and it doesn't help at all... still getting no attach error.
Really frustrating... so because I'm a perfectionist :P I had to do some more testing and I found that if I go into administrative tools / services, and change the task scheduler service from automatic to manual and then run bootvis
Bootvis will time out and not complete its cycle but it will fix the kernal driver could not attach error ??? So after several reboots and restarts (which were slower) PG auto starts just fine... but system boots slower.
So thinking I had the "could not attach error" solved I wanted to run bootvis and speed boot back up as it was prior to when I changed task scheduler service from auto to manual.

So I set task scheduler service back to auto and ran bootvis succesfully but then the PG driver could not attach error is back now >:(

So I tried taking PG out of autostart in MS config and put it in startup folder... no luck :-\ still same error. So I can not get PG to auto start without letting bootvis time out and slow down my system boot timing. Which is unacceptable to me so I have to start it manually "after" system boot.

Ok so now I had to fish through my registry and re-do the "c:\progra~1" entries to stop all the logging I posted previously which after some time I did get resolved but it was a kind of a hassle :-X

Well hopefully the info I provided will possible help you find and fix the problems with BSOD's after install, could not attach errors, and logging of "c:\progra~1" dos short name incompatibility problems.

THANKS ;)

Protek, Thanks for your reply, I am sure that Jason will consider all your hard work very carefully & make the necessary changes to accommodate these errors.
BTW The timing errors are a known nit. :)

Yes I have added DOS short path support in the latest driver, it works ok for the short paths I have tested so the issue should be fixed for you in 1.200 .

The timing issue will be resolved before 1.200 is released also.

-Jason-

Great news !!!
Thanks for the reply, I do appreciate it.
;)

Newbie

Karma: 0

Online

Posts: 1



I'm a llama!

Re:Failed to Attach Driver Kernel
« Reply #48 on: January 16, 2004, 07:28:51 PM »

--------------------------------------------------------------------------------
I HAVE THE SAME ERROR #2.
I USED asviewer TO DELETE AT STARTUP.
---------------------------------------------------------------------------------------------------------------------
THIS IS BEFORE
-DiamondCS Autostart Viewer (www.diamondcs.com.au) - Report for oldones@OLDONES-
R8ESKBH, 01-16-2004
c:\windows\system32\autoexec.nt
C:\WINDOWS\system32\mscdexnt.exe
C:\WINDOWS\system32\redir.exe
C:\WINDOWS\system32\dosx.exe
c:\windows\system32\config.nt
C:\WINDOWS\system32\himem.sys
c:\windows\system.ini [drivers]
timer=timer.drv
c:\windows\system.ini [boot]\shell
C:\WINDOWS\Explorer.exe
c:\windows\system.ini [boot]\scrnsave.exe
C:\WINDOWS\System32\logon.scr
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
C:\WINDOWS\Explorer.exe
HKCU\Control Panel\Desktop\scrnsave.exe
C:\WINDOWS\System32\logon.scr
HKCR\vbsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\vbefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wshfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wsffile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\RegProt
c:\regprot\regprot.exe /start
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ProcGuard_Startup
C:\TDS\ProcessGuard\procguard.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\System32\webcheck.dll
C:\WINDOWS\System32\stobject.dll
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
HKLM\System\CurrentControlSet\Control\WOW\cmdline
C:\WINDOWS\system32\ntvdm.exe
HKLM\System\CurrentControlSet\Control\WOW\wowcmdline
C:\WINDOWS\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\
C:\WINDOWS\System32\dcsws2.dll
C:\WINDOWS\system32\mswsock.dll
C:\WINDOWS\system32\rsvpsp.dll
---------------------------------------------------------------------------------------------------------------------
THIS IS AFTER

DiamondCS Autostart Viewer (www.diamondcs.com.au) - Report for oldones@OLDONES-R8ESKBH, 01-16-2004
c:\windows\system32\autoexec.nt
C:\WINDOWS\system32\mscdexnt.exe
C:\WINDOWS\system32\redir.exe
C:\WINDOWS\system32\dosx.exe
c:\windows\system32\config.nt
C:\WINDOWS\system32\himem.sys
c:\windows\system.ini [drivers]
timer=timer.drv
c:\windows\system.ini [boot]\shell
C:\WINDOWS\Explorer.exe
c:\windows\system.ini [boot]\scrnsave.exe
C:\WINDOWS\System32\logon.scr
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
C:\WINDOWS\Explorer.exe
HKCU\Control Panel\Desktop\scrnsave.exe
C:\WINDOWS\System32\logon.scr
HKCR\vbsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\vbefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wshfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wsffile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\RegProt
c:\regprot\regprot.exe /start
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\System32\webcheck.dll
C:\WINDOWS\System32\stobject.dll
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
HKLM\System\CurrentControlSet\Control\WOW\cmdline
C:\WINDOWS\system32\ntvdm.exe
HKLM\System\CurrentControlSet\Control\WOW\wowcmdline
C:\WINDOWS\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\
C:\WINDOWS\System32\dcsws2.dll
C:\WINDOWS\system32\mswsock.dll
C:\WINDOWS\system32\rsvpsp.dll

IT WILL STILL GET THE ERROR CODE #2 IF I DONT LET ENOUGHT TIME GO BY AFTER A REBOOT THE SYSTEM I GET THE SAME ERROE CODE #2 oH BTY I DID THE INSTALL ON A CLEAN INSTALL / NO OTHER PROGRAMS
BUT PROCESS GUARD... I AM USING A MB M7NCD BY BIOSTAR W/nVIDIS nFORCE 2 AND A AMD 2400 CPU , 256 RAM/ 400. ALL AT STANDARD SETTINGS. IT LOOK LIKE IT WORK OK.

IN OTHER MESSAGES I LOOKED AT IT (SAID GRAF.INTERFACE SO USER COULD SEE WHAT IS HAPPENING AND LOAD OTHER PROCTECTING PROGRAMS) IT WORK FOR ME ON TWO SYSTEMS RUNNING XP-PRO... ;D

asviewerAFTER.txt
« Last Edit: January 16, 2004, 08:08:12 PM by OLDONES » Report to moderator Logged

Newbie

Karma: 0

Online

Posts: 1



I'm a llama!

Re:Failed to Attach Driver Kernel
« Reply #48 on: January 16, 2004, 07:28:51 PM »

--------------------------------------------------------------------------------
I HAVE THE SAME ERROR #2.
I USED asviewer TO DELETE AT STARTUP.
---------------------------------------------------------------------------------------------------------------------
THIS IS BEFORE
-DiamondCS Autostart Viewer (www.diamondcs.com.au) - Report for oldones@OLDONES-
R8ESKBH, 01-16-2004
c:\windows\system32\autoexec.nt
C:\WINDOWS\system32\mscdexnt.exe
C:\WINDOWS\system32\redir.exe
C:\WINDOWS\system32\dosx.exe
c:\windows\system32\config.nt
C:\WINDOWS\system32\himem.sys
c:\windows\system.ini [drivers]
timer=timer.drv
c:\windows\system.ini [boot]\shell
C:\WINDOWS\Explorer.exe
c:\windows\system.ini [boot]\scrnsave.exe
C:\WINDOWS\System32\logon.scr
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
C:\WINDOWS\Explorer.exe
HKCU\Control Panel\Desktop\scrnsave.exe
C:\WINDOWS\System32\logon.scr
HKCR\vbsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\vbefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wshfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wsffile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\RegProt
c:\regprot\regprot.exe /start
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ProcGuard_Startup
C:\TDS\ProcessGuard\procguard.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\System32\webcheck.dll
C:\WINDOWS\System32\stobject.dll
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
HKLM\System\CurrentControlSet\Control\WOW\cmdline
C:\WINDOWS\system32\ntvdm.exe
HKLM\System\CurrentControlSet\Control\WOW\wowcmdline
C:\WINDOWS\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\
C:\WINDOWS\System32\dcsws2.dll
C:\WINDOWS\system32\mswsock.dll
C:\WINDOWS\system32\rsvpsp.dll
---------------------------------------------------------------------------------------------------------------------
THIS IS AFTER

DiamondCS Autostart Viewer (www.diamondcs.com.au) - Report for oldones@OLDONES-R8ESKBH, 01-16-2004
c:\windows\system32\autoexec.nt
C:\WINDOWS\system32\mscdexnt.exe
C:\WINDOWS\system32\redir.exe
C:\WINDOWS\system32\dosx.exe
c:\windows\system32\config.nt
C:\WINDOWS\system32\himem.sys
c:\windows\system.ini [drivers]
timer=timer.drv
c:\windows\system.ini [boot]\shell
C:\WINDOWS\Explorer.exe
c:\windows\system.ini [boot]\scrnsave.exe
C:\WINDOWS\System32\logon.scr
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
C:\WINDOWS\Explorer.exe
HKCU\Control Panel\Desktop\scrnsave.exe
C:\WINDOWS\System32\logon.scr
HKCR\vbsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\vbefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wshfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wsffile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\RegProt
c:\regprot\regprot.exe /start
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\System32\webcheck.dll
C:\WINDOWS\System32\stobject.dll
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
HKLM\System\CurrentControlSet\Control\WOW\cmdline
C:\WINDOWS\system32\ntvdm.exe
HKLM\System\CurrentControlSet\Control\WOW\wowcmdline
C:\WINDOWS\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\
C:\WINDOWS\System32\dcsws2.dll
C:\WINDOWS\system32\mswsock.dll
C:\WINDOWS\system32\rsvpsp.dll

IT WILL STILL GET THE ERROR CODE #2 IF I DONT LET ENOUGHT TIME GO BY AFTER A REBOOT THE SYSTEM I GET THE SAME ERROE CODE #2 oH BTY I DID THE INSTALL ON A CLEAN INSTALL / NO OTHER PROGRAMS
BUT PROCESS GUARD... I AM USING A MB M7NCD BY BIOSTAR W/nVIDIS nFORCE 2 AND A AMD 2400 CPU , 256 RAM/400. ALL AT STANDARD SETTINGS.

asviewerAFTER.txt
« Last Edit: January 16, 2004, 08:08:12 PM by OLDONES » Report to moderator Logged

New version 1.200 will be out soon... hopefully that will solve your error problems.
;)