earth1
October 17th, 2004, 02:41 PM
Hi,
I am new to Process Guard and to Wilders, so please bear with me. I apologize for this long introductory post.
Process Guard has incredible potential, in my opinion, but after 4 crashes in 6 days on an otherwise stable system, I started hunting for clues. It usually crashed shortly after a script that piped data through multiple programs in succession, so I tried running an endless script. The results were both simple and strange.
I've tried to make it reproducible and hope to find out if it happens for anyone else. The following DOS batch file (crash.bat) is the simplest example that crashed my system.
@echo off
:AGAIN
cmd /c echo "Here we go again"
goto AGAIN
If I open a DOS window and run crash.bat with "Execution Protection" disabled (Protection Settings), everything is fine. It would probably run forever. However, if I run it with "Execution Protection" enabled, the system is doomed.
There are two different scenarios.
1) A quick, clean blow to the head:
Click on the 'PG' tray-icon, and close the main window of procguard.exe (making the 'PG' icon disappear from the tray), then open a DOS window and run crash.bat. Within a minute, I get an Application Error on dcsuserprot.exe (reference out of bounds). At this point, you can still close some windows, but the system is pretty much dead. You can manage a graceful shutdown using Ctrl-Alt-Delete-->Shutdown.
2) Slow death by strangulation:
With procguard.exe still running ('PG' icon is still in tray) the results are more complicated. To see what is happening, start Task Manager, select the Processes tab, click on the colum head entitled "CPU" so that largest percentage of time (probably System Idle Process) is at the top. When this is ready, open a DOS window and start crash.bat. At first, DCSUserProt.exe will probably be at the top, while procguard.exe will consume very few CPU cycles. Soon, however, procguard.exe starts using more and more of the CPU until 99% of the CPU is going to procguard.exe. After it runs a bit longer, I get a similar Application Error on dcsuserprot.exe. The system is now in a state much like the first scenario. Again, shutdown with Ctrl-Alt-Delete-->Shutdown.
I don't think there is a conflict between the applications I use, because I retested this after disabling my FW, AV, AT, AS and even 'Direct CD'. My discretionary startup is virtually nil except for Process Guard. The results are the same with no other startup programs active. Also, I retested a thrd time after successfully uninstalling, then re-installing Process Guard.
I'm using Windows 2000 (sp4) on an old Dell laptop (P3-800), so my description may be off for XP users. I'm anxious to hear if this happens for anyone else, because I'm hoping that Process Guard will be making my computer safer for a long time to come.
I also hope there is a chance to (quickly) address a situation where Process Guard generates some pretty excessive overhead, but I'll start a new thread for that.
Many thanks,
Mike
I am new to Process Guard and to Wilders, so please bear with me. I apologize for this long introductory post.
Process Guard has incredible potential, in my opinion, but after 4 crashes in 6 days on an otherwise stable system, I started hunting for clues. It usually crashed shortly after a script that piped data through multiple programs in succession, so I tried running an endless script. The results were both simple and strange.
I've tried to make it reproducible and hope to find out if it happens for anyone else. The following DOS batch file (crash.bat) is the simplest example that crashed my system.
@echo off
:AGAIN
cmd /c echo "Here we go again"
goto AGAIN
If I open a DOS window and run crash.bat with "Execution Protection" disabled (Protection Settings), everything is fine. It would probably run forever. However, if I run it with "Execution Protection" enabled, the system is doomed.
There are two different scenarios.
1) A quick, clean blow to the head:
Click on the 'PG' tray-icon, and close the main window of procguard.exe (making the 'PG' icon disappear from the tray), then open a DOS window and run crash.bat. Within a minute, I get an Application Error on dcsuserprot.exe (reference out of bounds). At this point, you can still close some windows, but the system is pretty much dead. You can manage a graceful shutdown using Ctrl-Alt-Delete-->Shutdown.
2) Slow death by strangulation:
With procguard.exe still running ('PG' icon is still in tray) the results are more complicated. To see what is happening, start Task Manager, select the Processes tab, click on the colum head entitled "CPU" so that largest percentage of time (probably System Idle Process) is at the top. When this is ready, open a DOS window and start crash.bat. At first, DCSUserProt.exe will probably be at the top, while procguard.exe will consume very few CPU cycles. Soon, however, procguard.exe starts using more and more of the CPU until 99% of the CPU is going to procguard.exe. After it runs a bit longer, I get a similar Application Error on dcsuserprot.exe. The system is now in a state much like the first scenario. Again, shutdown with Ctrl-Alt-Delete-->Shutdown.
I don't think there is a conflict between the applications I use, because I retested this after disabling my FW, AV, AT, AS and even 'Direct CD'. My discretionary startup is virtually nil except for Process Guard. The results are the same with no other startup programs active. Also, I retested a thrd time after successfully uninstalling, then re-installing Process Guard.
I'm using Windows 2000 (sp4) on an old Dell laptop (P3-800), so my description may be off for XP users. I'm anxious to hear if this happens for anyone else, because I'm hoping that Process Guard will be making my computer safer for a long time to come.
I also hope there is a chance to (quickly) address a situation where Process Guard generates some pretty excessive overhead, but I'll start a new thread for that.
Many thanks,
Mike