A little heads-up, groupies. I just installed the new version 1.200 of PE and had some serious system freeze problems on my XP Pro SP1 system. Anything I tried to do, even opening the start menu, was very s-l-o-w, sometimes over a minute, while PE was running. There seems to be a conflict between the new 1.2 PE and AMON. If you experience this problem, adding the PE exe to the exclude list in the AMON module will solve the problem. I did not have this trouble with the original release of PE.

HTH

Phil

Phil,
sorry to read so. I suppose you completely uninstalled, rebooted, installed the new version and rebooted again to make sure all was properly unregistered and registered again?

{QUOTE-> quoting: Jooske link=board=7;threadid=4931;start=0#32245 date=1037440976]
Phil,
sorry to read so. I suppose you completely uninstalled, rebooted, installed the new version and rebooted again to make sure all was properly unregistered and registered again?
<-QUOTE}

No I didn't, Jooske -- I installed on top. That is NOT my normal method but I didn't want to mess up my registration. I didn't see any info one way or the other. Should that be normal procedure (uninstall first) with PE?

Phil

I too have the same problems with the new versionas as Phil, after having read Jooskes answer to Phil I tried uninstalling and reboting but it still works very slow.
Bibbe

Now I even tried to exclude the hole portexplorer directory in amon and it still works slower than before, though it is better without amon.
Bibbe

{QUOTE-> quoting: bibbe link=board=7;threadid=4931;start=0#32249 date=1037443371]
Now I even tried to exclude the hole portexplorer directory in amon and it still works slower than before, though it is better without amon.
Bibbe
<-QUOTE}

Put your AMON GUI on screen and see if it is scanning some other files. Depending on your OS, it may also be scanning vdmdbg.dll and psapi.dll. You may have to exclude those also. I did on XP Pro SP1 because it was scanning them thousands of times in response to PE.

HTH

Phil

Gents,

In order to make sure this problem is indeed related to NOD32 in any way:

Does the same problem occurs when disabling the AMON (even temporarily disabling NOD32 from starting up)?

regards.

paul

In the meantime would like to ask if this is only with NOD32 users or other windows versions and not-NOD32 users have the same or other problems?

With PE it's best to completely uninstall PE and reboot, because of one of the main files, to be sure it is really unrigistered. It should not be 100% be necessary, but we know all those different computer systems, keeping things, restoring them maybe while we don't want them, etc etc and to make sure the new version is really properly registered we do reboot and might see a difference.

I don't start PE with windows startup but manually afterwards when all the other stuff is ready starting and scanning whatever it all wants to.

I just installed PE on my Win XP home version. This is the first install on my XP machine. I am running Norton AV 2003 with SPF.
PE seems to run just fine on this setup.

Are all you guys talking about the eval version of PE or some full versions too?
Is there any noticable difference (apart from the blocked functions) in relation to other programs or on the system?

For those using Windows XP

click START , PROGRAMS, ACCESSORIES, PROGRAM COMPATABILITY WIZARD................
select the program you want to test...



Hope this helps

{QUOTE-> quoting: Forum Admin link=board=7;threadid=4931;start=0#32252 date=1037446670]
Does the same problem occurs when disabling the AMON (even temporarily disabling NOD32 from starting up)?
<-QUOTE}

Paul,

All you have to do is temp disable AMON via the systray and the problem stops. As soon as you reenable, the problem returns.

Wayne is on the case. 8) He is investigating the problem and said he will try to reply the early part of next week. I will advise his findings if he doesn't drop in here himself. There is no rest for the weary, the wicked, OR software developers! ;D

Phil

{QUOTE-> quoting: Jooske link=board=7;threadid=4931;start=0#32254 date=1037451115]
With PE it's best to completely uninstall PE and reboot, because of one of the main files, to be sure it is really unrigistered.
<-QUOTE}

Thanks, Jooske. I'll keep that in mind for the next time. In this case, it made no difference.

{QUOTE->
I don't start PE with windows startup but manually afterwards when all the other stuff is ready starting and scanning whatever it all wants to.
<-QUOTE}

I just barely let Windows start with Windows startup! ;D ;D I try to keep my system boot as clean as possible. AMON and my fw are the ONLY things that make it to my systray on boot.

Phil

{QUOTE-> quoting: Jooske link=board=7;threadid=4931;start=0#32267 date=1037461759]
Are all you guys talking about the eval version of PE or some full versions too?
Is there any noticable difference (apart from the blocked functions) in relation to other programs or on the system?

<-QUOTE}

Mine is the full version. The only interaction I have seen so far is AMON and PE. NOD32 is somewhat known for having problems with some other low-level processes. I suspect the LSP calls in PE may be coming into play somehow. Hopefully the guys down under can get it sorted. It should be a little easier to track since the problem did not happen with the first release of PE.

Phil

I tried to watch amon working and to me it seems like it´s worst when Amon is scanning system.ini, portex.1exe, and iexplorer.exe. I am running windows ME.

Bibbe

{QUOTE-> quoting: bibbe link=board=7;threadid=4931;start=0#32276 date=1037466979]
I tried to watch amon working and to me it seems like it´s worst when Amon is scanning system.ini, portex.1exe, and iexplorer.exe. I am running windows ME.
<-QUOTE}

Humm -- interesting. I wonder what is accessing system.ini that much? Maybe that is normal. I have never used WinME so can't say one way or the other Simply excluding the PE exe helped my system greatly. I didn't really notice any improvement in sys response when I excluded the other files -- just with PE itself. You certainly would NOT want to exclude iexplore or system.ini from AMON scanning!

Phil

Well I have gone back to the old version of portexplorer now and it works fine. I hope the boys at DCS can fix the problems in the new version, but for me it´s just to slow. By the way, mine is paid for.

Bibbe

Phil,

{QUOTE-> All you have to do is temp disable AMON via the systray and the problem stops. As soon as you reenable, the problem returns. <-QUOTE}

Got it.

{QUOTE-> Wayne is on the case. He is investigating the problem and said he will try to reply the early part of next week. I will advise his findings if he doesn't drop in here himself. <-QUOTE}

I'm assured he'll drop by as soon as possible ;)

{QUOTE-> There is no rest for the weary, the wicked, OR software developers! <-QUOTE}

Grin...got that right! ;D.

regards.

paul

Phil, wasn't AMON for scanning emails? If so, could you live with starting that a little afterwards, for instance after PE?
I see in your post now that down't really help eh?
With a program like WinTasks it should be possible to configure the order of starting programs the one after the other without the need to do so manually.
Looking forward to DCS comments.
It must be possible to locate the problem, but solving it might be a next thing!

You know, the deveopers don't get rest, of course, as the users are using it all together 24/7 as well and sending comments :)
Glad you all do, of course, that's what it is for!

{QUOTE-> quoting: Jooske link=board=7;threadid=4931;start=15#32295 date=1037479948]
Phil, wasn't AMON for scanning emails? If so, could you live with starting that a little afterwards, for instance after PE?
<-QUOTE}

No, the AMON module is the primary on-access monitor. It is the "guard", the one that monitors every file execute for virus activity. I will not operate without AMON running.

{QUOTE->
I see in your post now that down't really help eh?
<-QUOTE}

Correct. The start order doesn't make any difference. Any time they are both running, there is trouble. Stop either one and the trouble goes away.

{QUOTE->
It must be possible to locate the problem, but solving it might be a next thing!

You know, the deveopers don't get rest, of course, as the users are using it all together 24/7 as well and sending comments :)
Glad you all do, of course, that's what it is for!
<-QUOTE}

Maybe if we keep them busy they won't get into any mischief. ;D

Phil

{QUOTE-> quoting: Phil link=board=7;threadid=4931;start=0#32250 date=1037443771]
Put your AMON GUI on screen and see if it is scanning some other files. Depending on your OS, it may also be scanning vdmdbg.dll and psapi.dll. You may have to exclude those also. I did on XP Pro SP1 because it was scanning them thousands of times in response to PE.

HTH

Phil
<-QUOTE}

Hi Phil - i checked AMON also and it constantly scans the vdmdbg.dll file...i didn't know that was related to PortExplorer until i read your thread here. i tried excluding it in AMON's exclude list but AMON continues to scan it no matter how many times i tried to exclude it (closing AMON, re-opening it, even rebooting) it still insisted on scanning the file over and over. Maybe i am missing something but i couldn't find any other instructions other than what's available to make AMON exclude that file.

if it is the activity of the above file being scanned over and over that is slowing things down with PE version 1.2, then i will wait before i update PE (i still have version 1.1) because i am not noticing any slow-down with my system yet (XP-Home SP1).

thank you for the heads-up Phil

snap

{QUOTE-> quoting: snapdragin link=board=7;threadid=4931;start=15#32306 date=1037484921]

Hi Phil - i checked AMON also and it constantly scans the vdmdbg.dll file...i didn't know that was related to PortExplorer until i read your thread here. i tried excluding it in AMON's exclude list but AMON continues to scan it no matter how many times i tried to exclude it (closing AMON, re-opening it, even rebooting) it still insisted on scanning the file over and over. Maybe i am missing something but i couldn't find any other instructions other than what's available to make AMON exclude that file.
<-QUOTE}

I suspect you are doing what I did when I first butted heads with AMON. First, dbl clk on the thumping gizzard to pause AMON. You can't just type in the file name in the box. You have to put the full path to the file or, better yet, click the "file" tick box and use the AMON File radio button to drill down to the file in question. It always works when you let AMON find the file with that utility. It can be a little confusing because sometimes you might use the Folder find and not the File find. After you add by path, restart AMON. A boot should not be needed. Try that and see if it works -- hope that helps! :)

{QUOTE->
if it is the activity of the above file being scanned over and over that is slowing things down with PE version 1.2, then i will wait before i update PE (i still have version 1.1) because i am not noticing any slow-down with my system yet (XP-Home SP1).
<-QUOTE}

It may be a good idea to wait because I have a feeling the problem is being worked on this weekend. Scanning that file constantly surely has *some* effect on system performance but I didn't really notice it that much on my 2Ghz system. The slower the system, the greater the effect. I do think it would be a good idea to exclude because the effect is cumulative. The REAL problem is with the main PE 1.2 execute file and AMON. That's what causes the system freeze

{QUOTE->
thank you for the heads-up Phil
<-QUOTE}

You are most welcome!
Phil

Why does PE appear more like a Beta than a released product?
Well @ least they aren't charging to test like MS does LOL

"thumping gizzard " ???

Hahahahahahahahah!

{QUOTE-> quoting: rodzilla link=board=7;threadid=4931;start=15#32345 date=1037502025]
"thumping gizzard " ???

Hahahahahahahahah!
<-QUOTE}

hehheh -- Yeah. I'm still searching for an apt description for that - that - whatever "that" is. That one seemed to fit for the moment. Maybe I shouldn't find out what it *really* represents 'cause I entertain myself making up names for it. ;D

Phil

LOLOLOL Thumping Gizzard is good phil

or AV with high blood pressure?

*writes Phil's name on cookie* if i could give you one right now i would! LOL!

yep! i had gone through the "Directory" and of course it didn't show me the file so i thought, alrighty, i'll just type the name of it in there-----but AMON didn't want it that way...so it hadn't worked.

i followed your directions Phil and AMON no longer scanned vdmdbg.dll but then started scanning the psapi.dll instead, so i put that one in the exclude list too and now AMOM is much quieter. :D

i think you deserve another cookie for solving another problem i had seen with PortExplorer's menu bar going black on me when i ran the mouse over it.....right now that doesn't seem to be happening. i am thinking since i excluded those two files from being scanned by AMON that it's fixed that too!

thank you Phil!

snap

oh....and it's a "beating web muscle"...;D....gizzard indeed! ROFL!

{QUOTE-> quoting: snapdragin link=board=7;threadid=4931;start=15#32372 date=1037510445]
*writes Phil's name on cookie* if i could give you one right now i would! LOL!
<-QUOTE}

Hey! ... I'm hungry, too!

{QUOTE->
yep! i had gone through the "Directory" and of course it didn't show me the file so i thought, alrighty, i'll just type the name of it in there-----but AMON didn't want it that way...so it hadn't worked.

i followed your directions Phil and AMON no longer scanned vdmdbg.dll but then started scanning the psapi.dll instead, so i put that one in the exclude list too and now AMOM is much quieter. :D
<-QUOTE}

That's GREAT! I'm glad it worked for you. You didn't know it but AMON was *always* scanning psapi.dll. It was just scanning the other one SO many times it was covering up the scan of vdmdbg. I guess it would be more correct to say vdmdbg is being called that much more by PE and AMON is properly scanning it for virus activity.

{QUOTE->
i think you deserve another cookie for solving another problem i had seen with PortExplorer's menu bar going black on me when i ran the mouse over it.....right now that doesn't seem to be happening. i am thinking since i excluded those two files from being scanned by AMON that it's fixed that too!

thank you Phil!
<-QUOTE}

You are very welcome. I'm glad the info helped. I guess AMON scanning those files could have caused the other problem. <shrug> It's Winders -- who can say!

{QUOTE->
oh....and it's a "beating web muscle"...;D....gizzard indeed! ROFL!
<-QUOTE}

Humm -- let me think about that for a minute.
<tapping fingers>
<scratching head>
Nah. I like the gizzard thing better. I do have *other* names for it like pulsing pimple and a few I better not mention. Once I had it on-screen and was asked what it was by a non-puter person. I told them it is a self-portrait of me as an embryo. ;D

Now, let's get back to those cookies....

Phil

{QUOTE-> quoting: Phil link=board=7;threadid=4931;start=15#32352 date=1037503719]
{QUOTE-> quoting: rodzilla link=board=7;threadid=4931;start=15#32345 date=1037502025]
"thumping gizzard " ???

Hahahahahahahahah!
<-QUOTE}

hehheh -- Yeah. I'm still searching for an apt description for that - that - whatever "that" is. That one seemed to fit for the moment. Maybe I shouldn't find out what it *really* represents 'cause I entertain myself making up names for it. ;D

Phil
<-QUOTE}

It's actually the beating heart of Vlad Tepes. (I think he was one of Palo's ancestors, but don't quote me on that.) :o

{QUOTE-> quoting: rodzilla link=board=7;threadid=4931;start=15#32390 date=1037517609]

It's actually the beating heart of Vlad Tepes. (I think he was one of Palo's ancestors, but don't quote me on that.) :o
<-QUOTE}

Oh, no! Not the Impaler!! You hang around Palo much late at night? ;D

Phil

1) I would like to know if people without NOD32 have the same problem.
Sorry for forgetting AMON is the heart of NOD32, haven't used it too long but it's on my wishlist. Many TDS users have it beside TDS, WG and PE.
I would not like to be without such scans too long either, but WinTasks or the like might streamline the order of starting processes anyway.
So this is why i urgently ask reactions of not NOD and other NOD users on various windows versions.

2) Both files you mention do originally not belong to PE. If you use for instance the frequently mentioned (free) tool Fabertoys (www.faberbox.com) you'll see a very valuable tool showing you exactly by program and process which files are started with them and more. These dll's you mention are not among them on my system.
So i don't know if those belong to XP, NOD32 or another program.
And mind: Snap tells to use the PE 1.1 version, and NOD32 / AMON scanning like crazy those files, but not causing the freezing effect there is with Phil with PE 1.200.
So Phil, are there any other files involved, can you please look with one of your tools or Fabertoys for what exactly is running with PE and NOD or AMON and if there might be other files involved in the scanning too?
Snap, are those files scanned that frequently with PE 1.1 not activated?
PE is always running in the background, the PE we start manually is only the GUI to look at what is happening inside the system: see when you start it, you'll see for IE or OE for instance already all the amount of packets sent and received since reboot, not start at 0 right after starting PE.
So this is why it is very surprising if this scanning would start the moment you open the PE GUI, but for the DCS developers might ease the location of the matter.


3) I don't see any reason for an unexpected problem a third party product causes suddenly because of the use of PE to name PE a beta product. It was beta tested thoroughly and no problems of this kind have showed up, or if there would have been it is ironed out. We all know NOD and PE 1.200 have been tested together thoroughly and will more to find the matter and both or at least one of them will have to look at their product. Be asured there are good contacts between those serious developers so they'll solve the problem asap as ever.
These things happen all over and never ever any third party product was mentioned a beta product because of such things.
The only constant beta we have to deal with is Windows, all operating systems and constantly under construction thanks to the millions of beta telike all of us.
Of course it is sad to run into this unexpected matter but for sure it does not degrade NOD nor PE to a beta product. It's the AMON going crazy, not PE, that one runs fine and stable as far as i understand the story.

> Oh, no! Not the Impaler!!

That's the dude!

> You hang around Palo much late at night?

Yeah ... we're old drinking buddies ... he still has the punctures on his neck from our last session.

{QUOTE-> quoting: Jooske link=board=7;threadid=4931;start=30#32395 date=1037520708]
2) Both files you mention do originally not belong to PE. If you use for instance the frequently mentioned (free) tool Fabertoys (www.faberbox.com) you'll see a very valuable tool showing you exactly by program and process which files are started with them and more. These dll's you mention are not among them on my system.
So i don't know if those belong to XP, NOD32 or another program.
<-QUOTE}

Hi Jooske

Here is a small capture of PE using those dlls just a few minutes ago on my system. No other app is using them. I can see literally thousands of these in a minute or so.

2:29:22 AM***PortExplorer.ex:940***IRP_MJ_QUERY_INFORMATION***C:\WINDOWS\System32\PSAPI.DLL***SUCCESS***FileNameInformation***
2:29:22 AM***PortExplorer.ex:940***IRP_MJ_CLEANUP***C:\WINDOWS\System32\PSAPI.DLL***SUCCESS
******
2:29:22 AM***PortExplorer.ex:940***IRP_MJ_CLOSE ***C:\WINDOWS\System32\PSAPI.DLL***SUCCESS
******
2:29:22 AM***PortExplorer.ex:940***IRP_MJ_CREATE***C:\WINDOWS\System32\VDMDBG.DLL***SUCCESS***Attributes: Any
Options: Open
***
2:29:22 AM***PortExplorer.ex:940***FASTIO_QUERY_STANDARD_INFO***C:\WINDOWS\System32\VDMDBG.DLL***SUCCESS***Size: 24064
***
2:29:22 AM***PortExplorer.ex:940***IRP_MJ_CLEANUP***C:\WINDOWS\System32\VDMDBG.DLL***SUCCESS
******
2:29:22 AM***PortExplorer.ex:940***IRP_MJ_CLOSE ***C:\WINDOWS\System32\VDMDBG.DLL***SUCCESS******

{QUOTE->
Of course it is sad to run into this unexpected matter but for sure it does not degrade NOD nor PE to a beta product. It's the AMON going crazy, not PE, that one runs fine and stable as far as i understand the story.
<-QUOTE}

Neither is going crazy. ;D PE is calling the dlls and AMON is scanning them as it is designed to do. I have every confidence the DCS guys will get this sorted.

Phil

{QUOTE-> quoting: Jooske link=board=7;threadid=4931;start=30#32395 date=1037520708]
So Phil, are there any other files involved, can you please look with one of your tools or Fabertoys for what exactly is running with PE and NOD or AMON and if there might be other files involved in the scanning too?

<-QUOTE}

Sorry, Jooske -- I missed this part.

No, there are no other files involved. As soon as I excluded the main PE executable file from AMON scanning, the system freezing stopped. I am still running ver1.2 now with NO problems after I did the exclusion. Remember, I did not have this problem with PE ver 1.101. It did not start until I installed ver1.2. AMON was scanning the dlls thousands of times with ver 1.101 but that was not causing any system slow down. That did not show up until ver 1.200.

Phil

{QUOTE-> quoting: Jooske link=board=7;threadid=4931;start=30#32395 date=1037520708]
....So i don't know if those belong to XP, NOD32 or another program. <-QUOTE}

Hi Jooske! - i also have both vdmdbg.dll and psapi.dll on my Win98se too. Infact, i have two instances of the psapi.dll on that system - one in the TrojanHunter folder (psapi.dll ver 4) and one in the WINDOWS\System folder (Psapi.dll ver 5).
* adding - on the XP i have 4 instances of psapi.dll.
1 in the Windows>ServicePackUninstall folder
1 in the Windows>ServicePackFiles>i386 folder
1 in the Windows>System32 folder and
1 in the ProgramFiles>TrojanHunter folder

only 1 instance of the vdmdbg.dll on each computer.

{QUOTE-> Snap, are those files scanned that frequently with PE 1.1 not activated? <-QUOTE}

on my Win98se, know they are not scanned hardly at all and i have the same applications running on that system as i do on the XP-Home system. On the Win98se system, i have not yet blocked the above mentioned files in AMON's exclude list, and AMON seems to mostly want to scan Sygate's (firewall) files on the Win98se system.

i unblocked both files on the XP system and AMON didn't scan them until i opened PE's GUI...then it scans over and over again within seconds between Sygate's smc.exe and the vdmdbg.dll. If i block the vdmdbg.dll and open PE's GUI, then AMON starts scanning between smc.exe and psapi.dll. If i block the psapi.dll, then AMON settles on smc.exe (which is ok with me) and any other file that might be activated as i use the system.

(sorry for posting so late...i was not at this computer for a bit)

hope that helps Jooske....and you are right, they will figure it out. This could be more an XP thingie too. ;)

snap

- edited to add the above*

So the files from your snap must be XP related maybe; are there more people with different windows versions to see if those are there? Not on my win98se.

Thought it was Snap's writing AMON scanning those files like crazy also in the PE 1.1 version, but not causing the problem (yet).
That's why i wondered if there were more new things showing of in the PE 1.2 , something extra or different which seems he possible culpit.
Of course i'm really sorry you run into this problem, but as we expect also many NOD32 users interested in PE (nodding kindly to Rodzilla) --and even in the about impossible case they would not be-- both developers will look to make them running smoothly together again.
So your determinations and observations are of great value with working to this solution.
Thanks a lot for your patience!

Jooske,

This might be of help: Taskmgr.exe utilizes a mix of the Process Status API (PSAPI.DLL) and the Virtual DOS Machine Debug API (VDMDBG.DLL) to present a uniform list of 16-bit and Win32-based applications.

regards.

paul

You are right Jooske - i am not having any system slow downs or freezes on either computer that i have noticed and i have everything open that i usually would on both of them (right now).

i also have PE version 1.1 and as stated above, AMON is scanning like crazy those files on the XP-Home, but seems to be leaving them pretty much alone on the Win98se.....why? i have no idea. LOL....but i don't think i would want to risk updating right now to the PE version 1.2, especially on the Win98se since it doesn't have the ability to hold the resources like XP and it also only has 128MB memory. LOL!

snap

*adding: i just remembered something.....NOD32 is different for Win98se isn't it? Maybe there is something in that difference that might be the reason it isn't scanning those files like it is on the XP's...??? just a thought and a guess. ;)

I am running windows Me with ZAP, NOD and regrun and I find the psapi.dll in C:\Program\Microsoft IntelliPoint 4.0\Mouse\SETUand inC:\Program\MicrosoftHardware\Keyboard the vdmdbg.dll I find in C:\WINDOWS\SYSTEM

Hi Snap, thanks for your explanations. I should have looked deeper, as i do have those files and indeed of the psapi.dll various instances; did not see them called by PE in the Faber Toys, so forgot their existence.
See now what it is good for, so can imagine it's called and thus scanned. (You'll love FT as much as i do for such analyses).

So do you have the NOD32 on the win98Se system too, and PE 1.1 to try that out? and if so, is it scanning there those two dll's in the fast run too the moment PE is started? Would be interesting to see what happens there with PE 1.2 and NOD32.
Not sure if the eval PE is version 1.2 too at the moment and would cause the same.

Good that Rodzilla came into this thread as well, to ensure in NOD was not changed a thing in the recent meantime, so we can concentrate on PE.

Jooske

Thanks for the tip on Faber Toys.. Looks like a pretty cool program.

I am wondering if anybody still uses Dr. Watson?

In WIndows XP System 32 folder

or just do a search for it with a *watson.*

Then you can right click on that and ad a shortcut to your desktop.

Even in the greatest trouble on my system long ago drwatson was always telling all was ok, so for me not really reliable.
Maybe in combination with the fully functional PE / TDS / WG / FT and whatever more we like (wintasks is a nice tool too).

{QUOTE-> quoting: Jooske link=board=7;threadid=4931;start=30#32395 date=1037520708]

2) Both files you mention do originally not belong to PE. If you use for instance the frequently mentioned (free) tool Fabertoys (www.faberbox.com) you'll see a very valuable tool showing you exactly by program and process which files are started with them and more.
<-QUOTE}

Jooske

I took a look at the tool you mention above and it seems a nice little process viewer with some added goodies. I have a preference for the tools from Sysinternals. You might want to take a look at their free offerings. There is no "install", you just unzip them where you want and run. They are all very small, very useful, and very cool. 8)

http://www.sysinternals.com/win9x/98utilities.shtml

The above link will take you to the 9x section. For the task at hand, I would recommend Process Explorer (similar to yours), Filemon (which shows all file access activity in real time), and Regmon. You may want to take a look at the others while there - a good description is provided for each. Enjoy!

Phil

Problem should be fixed in the next version. Thanks Phil and the rest.
-Jason-

{QUOTE-> quoting: Jason / DiamondCS link=board=7;threadid=4931;start=30#32578 date=1037588540]
Problem should be fixed in the next version. Thanks Phil and the rest.
-Jason-

<-QUOTE}

That's GREAT news, Jason! Thanks for the heads-up.

I have noticed what appears to be a little more weirdness in ver 1.200. Post here or email?

Phil

Thank you Jason and Jooske!

looking forward to the next version - meanwhile, i am just gonna play with it! ;D 'tis SO COOL!

snap

Phil if you think people will benefit from hearing the weirdness then post it here, otherwise send me an email :) . Doesn't matter which way.
-Jason-

I had the same winter freeze with (Win98) PE and Nod. I can't use PE at all presently. No biggy I will wait for next build.
zappa

We've identified why Nod32's scanner is having problems with PE and we've made some changes that should work around it - tests here indicate that the problem is now fixed. We hope to release the next update within the next day or two, thanks for your patience!

Wayne,

Care to share some details ?

I've had a long running problem with Amon on my Win2K system such that it appears to be constantly scanning smc.exe (Sygate Personal Firewall) and autoexec.bat.

Just wondering if this is a related problem...

Pitbull,
The resident part of Nod32 (ie. amon.exe) is an extremely aggressive resident scanner - it basically scans everything on your system immediately upon access. The advantage of this is that virus detection is very fast and thus decreases the likelihood of infection - the virus would usually be detected as soon as a file has finished downloading, or as soon as you click on a file. The disadvantage is that because it has so many 'triggers' which activate the scanner, the scanner is nearly always at work, leading to system and app slowdown/lack of response (no mouse movement, etc), and problems in some other cases. On a Pentium test system here even poor old explorer.exe was having a hard time, and it seems setup/install programs also have a rocky ride.

The problem relating to Port Explorer was due to amon.exe scanning a couple of Port Explorer's DLL files basically every second or so, as Port Explorer was accessing them every refresh, which brought the speed of Port Explorer down to a slow grind. We've managed to find a workaround for this by where Nod32 only scans PE at startup so PE runs smoothly after that. It's not exactly solving the problem - it's more avoiding the problem... :) - but we can only modify PE, not Nod32. I'd be very surprised if Port Explorer is the only program that has problems with amon.exe, but tonight/tomorrows release should fix all Nod32-related issues with Port Explorer.

Pitbull, I can't give you a reason why Nod32 would be scanning autoexec.bat repeatedly, but if it's scanning smc.exe repeatedly then it's almost certainly the same issue as the one we had - smc.exe would simply be accessing the same file(s) every second or so (use Sysinternals freeware Filemon utility to verify), and with every access comes a scan, even if the file has been scanned only one second earlier.

Best regards,
Wayne

[Edit - also note that you can add smc.exe and Port Explorer to Nod32's scan exclusion list - Phil reported that this solved the problem on his system, but if you don't want to do that then just wait for tonight/tomorrows update of Port Explorer]

{QUOTE-> quoting: Wayne - DiamondCS link=board=7;threadid=4931;start=45#32609 date=1037628623]
We've identified why Nod32's scanner is having problems with PE and we've made some changes that should work around it - tests here indicate that the problem is now fixed. We hope to release the next update within the next day or two, thanks for your patience!

<-QUOTE}

That's great news, Wayne. Looking forward to the update. Also, many thanks to both you and Jason for the assistance provided via email on this and other issues. That's what I call FIRST CLASS support. :)

Phil

That's certainly a great explanation. As many TDS and PE users also are using NOD32 this info and work around will help many people!
Thanks again a lot.
Hope to read your results with the new update too Phil and all the others.

;D
Here is a list of programmes that I have in my NOD32 exclude list.
I found the first three of these before the PE problem appeared.

Sygate Firewall - SMC.exe
WinMX - winmx.exe
sysem32 - DMDBG.dll - Not sure what process this is (have not looked :D )
Sytem32 - PSAPI.dll
And I have the PE directory excluded.

Win XP Pro, AMD2200+

NOD32 (AMON) now uses negligable resources resources :)

Yes yes yes, the new 1,25 works for me.

bibbe

{QUOTE-> quoting: Jooske link=board=7;threadid=4931;start=0#32245 date=1037440976]
Phil,
sorry to read so. I suppose you completely uninstalled, rebooted, installed the new version and rebooted again to make sure all was properly unregistered and registered again?
<-QUOTE}

Hi Jooske,

general question: I enjoy this forum but it takes a lot of time to read the different
threads concerning some major problems f.e. with PE.

Why not a temporarely helpfile to download / to actualize with known conflicts
under chapter "Troubleshooting" ?
Of course only with these programs everyone should have on his system like
virus-scanner etc.
I am using NOD32 too.So I read every posting here and copied the tips to try out
wether it helps.
What about a summery from you diamond-master-brains ? ;D

-Hank-

Working on a TDS- SS3 script with direct brain tapping connected to Wayne, Jason and Gavin on a 24/7 basis, but we're not experienced enough to succeed yet.
But they fill in that gap rather well themselves with frequenting the various forums and posting adequately.

There is a part in the PE - Helpfile about troubleshooting; not sure what has been solved between this thread for originally version 1.200 and nthe current 1.350 in relation to your possible items; hope all is well at the moment.
Wondering how the former NOD32 - relation to PE will be now also NOD32 came with a new beta.

You might have seen Jason's later recommendation for installing a new PE version not to uninstall but leave that part to the new version install. Sounds great of course, and i do hope it works fine that way in case of trouble with other programs......
Thought there was some actualisation on the PE site on problems as well?

The NOD32 problems have been fixed in Port Explorer since v1.200 :)
-Jason-