Hi all

I would like to report what it seems to be an incompatibility between PG v, 3.000/3.050 and Outpost v. 2.5 build 370.

I was running last PG version and Oupost 2.1, with no problems. Right after upgrading Outpost to v. 2.5 build 370, and after rebooting, I began receiving the message error "Cannot open mutex 2". On the other hand, PG stopped to function adequately, as pgaccount.exe is not loaded on system startup.

Outpost upgrade was performed manually, and after closing all running applications (including PG closed and with protection disabled).

I tried solving the problem uninstalling PG and assuring pguard.dat, pguard.hash, procguard.sys and procguad.dll were all removed. Reinstalled PG again, but it gave me consistently the same error! And the same happened when I tried version 3.000

Pgaccount.exe is not loaded!

Reverted to Outpost v. 2.1 and the problem disappeared. It seems thar are times when upgrading is not a very good idea...

Does anyonone running Outpost v. 2.5 has problems wiith PG v. 3.000/3050?

Regards

Rui

I having running Process Guard 3050 and Agnitum Outpost 2.5.369 for a month already. Zero problem. The latest build of Outpost, build 370, may be problematic. My experience tells that Process Guard 3050 is very stable and does not conflict at least with Outpost and Sygate Personal Firewall 5.5.

Did you check out www.outpostfirewall.com for an answer? I am a licensed user of Outpost 2.5 myself. I am delaying the update because build 370 does not sound that great...

I don't have any problem too...

I am running PG 3.050 + Outpost 2.5.370 with zero problems. :)

Hi Wanchan

Thank you very much for your reply.
It is also my experience that PG is a very stable application. According to what I guess, Outpost, and not PG, is probably the culprit. Considering Outpost 2.5.369 problems, mentioned in the Outpost Forum, I decided to delay the upgrade from version 2.1 to version 2.5. Unfortunately, version 2.5.370 behaves so badly in my system, I will have to postpone the upgrade till a later build comes out. I regret I have already renewed my license!...
Regards
Rui

Hi wanchan, VaMPIRIC_CRow and Don Pelotas

It seems I have solved the problem of the alleged incompatibility (at least in my system) between PG 3.050 and Outpost 2.5.370.

The instructions provided by Agnitum concerning Outpost upgrading (from version 2.1 to version 2.5) make the user suppose that you can upgrade installing version 2.5 build 370 over version 2.1. In fact, when performing the upgrade in such a way, the installation program recognizes the existence of an Outpost previous version, and one gets inded the message that this version is being uninstalled. I do not know why, but the upgrading process performed this way went wrong: hence the problems with PG, as well as having a new Outpost version which didn't work at all!!

Taking your opinions in consideration, as well as recommendations from the Outpost Forum, I tried doing the upgrade in a different way. This means that, instead of installling version 2.5 on top of version 2.1, I uninstalled first version 2.1, rebooted the machine, and only then performed a "clean" installation of version 2.5.370.

All went well, as problems with PG disappeared and Outpost version 2.5 is working smoothly in my system!

So, my advice to anyone considering upgrading Outpost is: avoid problems uninstalling fully the old version before installing the most recent one.

Thanks to all of you
Regards
Rui

Yep, I've uninstalled the previous version and installed the new...

I forgot to said that...

-{ Quote: "....In fact, when performing the upgrade in such a way, the installation program recognizes the existence of an Outpost previous version, and one gets inded the message that this version is being uninstalled. I do not know why, but the upgrading process performed this way went wrong: hence the problems with PG, as well as having a new Outpost version which didn't work at all!!" }-Did you shutdown Outpost first? If not, then the installer would have tried to - and would have then been blocked by Process Guard which could well be the cause of your problem!

It is well worth keeping a sharp eye on Process Guard's alerts whenever installing or uninstalling an application for this very reason. Alternatively you could (temporarily) disable Process Guard but this is a little more risky (though only minimally so as long as you are disconnected from the Internet).

-{ Quote: "Did you shutdown Outpost first? If not, then the installer would have tried to - and would have then been blocked by Process Guard which could well be the cause of your problem!

It is well worth keeping a sharp eye on Process Guard's alerts whenever installing or uninstalling an application for this very reason. Alternatively you could (temporarily) disable Process Guard but this is a little more risky (though only minimally so as long as you are disconnected from the Internet)." }-
Hi Paranoid2000

I did shut down not only Oupost but all other applications running in systray - including, of course, Process Guard. Anyway, thanks for your concern!
Regards
Rui

-{ Quote: "I did shut down not only Oupost but all other applications running in systray - including, of course, Process Guard. Anyway, thanks for your concern!" }-Just closing Process Guard via the system tray would not have disabled its protection - the "Protection Enabled" box needs to be cleared. Did you do this?

Outpost 2.5 build 370 seems stable after a clean reinstall here also. I did have some problems before the reinstall but they had nothing to do with PG.

I am runing PG3.1 and Outpost v2.5.370.4626, work fine. :)

Hi
I have experienced the same problems identified in the first post. In that upon reinstalling xp pro and PG I too go he 'cannot open mutex 2' error. Except in my case it totally messed my system up and I was unable to boot to windows. I couldn't even boot to safe mode or use the set up disk to fix the problem. Therefore I reformatted and re-installed xp pro. Everything was working ok until I installed PG. Outpost couldn't start because of an error and drwtsn32 was blocked from modifying it. This also caused a loss of internet connection. I uninstalled PG and now Outpost and everything else works fine. I don't want to not use PG so hoped someone migh be able to help?
Previously (before first reformat) PG 3.1 and Outpost 2.5 (369) worked fine together.

Cheers
MattG

Hi Matt, Try disabling OP completely (disconnect from the internet firat) so that it's service does not start when you re-boot with windows & the same for any other resident security programs.
Re-install ProcessGuard and leave it in learning mode, reboot and enable the four general tabs, re-enable OP Reboot you should still be in learning mode, run your other security apps and reboot. You should now be out of learning mode.

HTH Pilli

Hi Pilli

Thanks for your reply.
What do you mean by enable the four general tabs?

Kind regards

MattG

PS sorry for posting twice!

-{ Quote: "What do you mean by enable the four general tabs?" }-
Hi MttG,

I think Pilli meant the four General Protection Options.

Nick

Hi

Thanks Pilli and Nick S for your help and advice.
I done as you said Pilli and it has improved the situation a little. However about 1 in 3 boots result in the Outpost icon appearing in the system tray but when I hover the mouse pointer over it it disappears. I have checked to see if the process (outpost.exe) is running via task manager and it isn't! Which I assume means my pc is not firewalled? Upon further investigation it appears that PG blocks Drwtsn32 from starting and this in turn is causing outpost not to start. I am starting to think this is a problem with outpost rather than PG. I am a memeber of the outpost forum and have posted a thread there tosee if anyone can help.
In the meantime could anyone advise of anything else I can do? Maybe I should allow Drwtsn32? Although previously that caused outpost to crash on every boot.
If I have any success (or not) I will be sure to post my results.

Thanks again for all the help!

Regards

MattG

Hi Matt, Make sure that outpost.exe(s) are on the protection list, you may need to play around with the different allows to see what, if any, effects these have.
OP is very funny about previous firewall installations or installation traces even its own previous versions in my experience, so it could well be an OP problem.
Anyway here are my PG settings for OP2.5.375.4822 (374) Which was updated today. XP SP2 fully patched.
Protect from. Termination & Modification
Authorised to. Modify protected programs & Read from protected programs.
I also have Secure Message Handling enabled but that is a personal choice :)

HTH Pilli

Hi Pilli

Many thanks for your help.
The problem seems to have dissappeared! Not entirely sure why, but re-installing PG (properly, with other securities turned off) and denying drwtsn32 to start has done something. Also, outpost updated to a newer version today, so maybe this has also helped. My PG settings are the same as yours (Pilli) for outpost.
I appreciate all the help I have been given here, this forum and the outpost forum are an excellent source of info and help!
I am pleased to say my machine is back to running how it used to! (For now....!)

Cheers!

MattG

Let us hope it stays that way :)

Pilli

Just took a look at your homepage and hoped I could sneek a few questions into this thread?

I have always thought I am quite well protected with my set-up (PG 3.1, Outpost 2.5, KAV, Ad-aware, Spybot, MS Antispyware), however after looking at your site I am thinking about TDS 3 and Wormguard. Is it worth me getting these and what are the advantages? Also, would I have any system problems or conflict problems?

Hope it wasn't rude to post this in this thread?

Thanks

MattG

-{ Quote: " I am thinking about TDS 3 and Wormguard." }-TDS3 is a dedicated Anti Trojan program with many other useful tools and a resident Execution Protection module. Wormguard sits quietly using no resources and hooks any bad scripts or worms heuristically. There are no known conflicts with your current security list.
Might I also suggest that you take a look at Port Explorer. the best port to process program around. :)

Pilli

Cheers Pilli!

I will cetainly look into those applictions. I think I'll ry one at a time and see how it goes, rather than overloading myself!

Thanks for all the help and advice, I am going to sign up properly to this forum after the fantastic sevice I have received!

MattG

Sorry for jump in and out of the topic a bit.

I have seen OP2.5.275.4832 (374) working very well with PG3x; except for turning on SMH on OP might confuse OP's users for everytime a OP's popup, whatever users reply to it, PG pops up HCR to verify the action, the confusion is with whether that windows being terminated is just PG's popup child windows or being tricked into terminating OP's main windows by malwares. When running OP in normal mode, if shutting down main windows of OP, OP is terminated too; but running OP in service mode without GUI for OP.

Hoope someone can help me more.

-{ Quote: "I have seen OP2.5.275.4832 (374) working very well with PG3x; except for turning on SMH on OP might confuse OP's users for everytime a OP's popup, whatever users reply to it, PG pops up HCR to verify the action" }-This is not just an issue with Outpost, but any application with prompt windows will trigger PG confirmations when these are closed. The best solution in my view is to have the ability to restrict SMH to specific windows.-{ Quote: "When running OP in normal mode, if shutting down main windows of OP, OP is terminated too; but running OP in service mode without GUI for OP." }-To get SMH working properly with Outpost, you do need to "train" it as per the PG help. I would advise the following steps: Disconnect from the Internet since you will be disabling Outpost; Hold down the Insert key while selecting either File/Exit and Shutdown from the Outpost main window or Exit and Shutdown from the Outpost system tray icon menu - Outpost will pop up a confirmation, answer "No" to this; Hold down the Insert key while selecting Policy/Disable and Policy/Allow Most from the system tray icon - these need to be covered by SMH also since Outpost can be bypassed by changing its policy (unfortunately, the policy can still be changed via Options/Policy without triggering a PG confirmation so this is not complete protection); Shutdown and restart Outpost to ensure that SMH is applied; Test the Exit and Shutdown/Disable/Allow Most actions - in all cases a PG confirmation prompt should now appear before any Outpost ones.

-{ Quote: " The best solution in my view is to have the ability to restrict SMH to specific windows.To get SMH working properly with Outpost, you do need to "train" it as per the PG help. I would advise the following steps:[...]
" }-

You're giving valuable advice, P2K, as usual. It doesn't solve the basic problem with OP, yet. Let me explain:




Applying your steps doesn't cause any problem when shutting down the computer. The HID window appears, there is no time to enter the 5 letters and the shut-down process might take some moments longer as usual. But in the end OP is terminated, of course.
Problems arise, however, whenever you change from one account to another. I always work and surf under my user account, but sometimes I cannot avoid logging in as an administrator. If SMH is enabled there is again no opportunity to enter the 5 letters when logging out. Now the problem: When I log into my user account the HID windows is still visible (!) but not accessible. Then an error message appears and OP is shutdown. >:(
Because of this problem SMH is not applicable for me (unless you have a solution for this issue). The true cause for this problem is the fact that in Outpost the service and the GUI are not separated like, e.g., in Kaspersky Anti-Virus. Any malware might shutdown the KAV GUI - well, who cares: the KAV service is still running well protected by PG (without the need of SMH). In OP the service and the GUI are combined in one file outpost.exe (with the absurd side-effect that even a restricted user can easily terminate the service).

So IMHO the only real solution is a redesign of Outpost. We as OP users should make this request to Agnitum.

-{ Quote: "Problems arise, however, whenever you change from one account to another. I always work and surf under my user account, but sometimes I cannot avoid logging in as an administrator. If SMH is enabled there is again no opportunity to enter the 5 letters when logging out. Now the problem: When I log into my user account the HID windows is still visible (!) but not accessible. Then an error message appears and OP is shutdown." }-Are you logging out and logging back in again or using Fast User Switching? If logging in/out, ensure that csrss.exe is given Terminate privilege in PG (this tries to close processes on logout). If you are using FUS, then Outpost has bigger issues with it - I'd suggest checking the Outpost forum Switch Users (http://outpostfirewall.com/forum/showthread.php?t=12701) thread for more details.

-{ Quote: " The true cause for this problem is the fact that in Outpost the service and the GUI are not separated like, e.g., in Kaspersky Anti-Virus. Any malware might shutdown the KAV GUI - well, who cares: the KAV service is still running well protected by PG (without the need of SMH). In OP the service and the GUI are combined in one file outpost.exe (with the absurd side-effect that even a restricted user can easily terminate the service).
So IMHO the only real solution is a redesign of Outpost. We as OP users should make this request to Agnitum." }-
Thanks for pointing this thing out; OP users wouldn't notice this. If it is really, OP should fix this out asap? I am not a coder, but this is no good.
thanks.

-{ Quote: "Are you logging out and logging back in again or using Fast User Switching? If logging in/out, ensure that csrss.exe is given Terminate privilege in PG (this tries to close processes on logout). " }-
No, I'm not using FUS. I will try if your hint regarding crss.exe will solve my problem.

-{ Quote: "If you are using FUS, then Outpost has bigger issues with it - I'd suggest checking the Outpost forum Switch Users (http://outpostfirewall.com/forum/showthread.php?t=12701) thread for more details." }-
I was aware of that. Thanks for your help.

-{ Quote: "Thanks for pointing this thing out; OP users wouldn't notice this. If it is really, OP should fix this out asap? I am not a coder, but this is no good.
thanks." }-Please see the Outpost forum thread Please install process killing prevention (http://www.outpostfirewall.com/forum/showthread.php?t=12782) for a discussion on this. If Outpost is running as a service - the Outpost window will include (Service Mode) if it is - then it cannot be terminated via Task Manager without Administrator access (though there are plenty of other ways to disable it).

-{ Quote: "Thanks for pointing this thing out; OP users wouldn't notice this. If it is really, OP should fix this out asap? I am not a coder, but this is no good.
thanks." }-
IMHO Agnitum should indeed fix this asap. It might be that by using SMH with Paranoid2000's hint regarding crss.exe you can circumvent this problem (I will try out). Nevertheless I stick to my conviction that a missing separation of service and GUI is a bad design for a security-related software.
If I surf under a user account and not as an administrator I do that delibaterately: I do not want to have full rights as one measure of protection against malware. That I'm nevertheless able to shut down the OP service - well, that's what I call absurd.

Since this discussion is OP and not so much PG related I think we should continue it in the OP forum.

-{ Quote: "Please see the Outpost forum thread Please install process killing prevention (http://www.outpostfirewall.com/forum/showthread.php?t=12782) for a discussion on this. If Outpost is running as a service - the Outpost window will include (Service Mode) if it is - then it cannot be terminated via Task Manager without Administrator access " }-
That's correct.

-{ Quote: "(though there are plenty of other ways to disable it)." }-
... and that's the problem we are talking about. That's why SMH is necessary - if it is applicable. Well, as mentioned: I will try out ;)

-{ Quote: "Are you logging out and logging back in again or using Fast User Switching? If logging in/out, ensure that csrss.exe is given Terminate privilege in PG (this tries to close processes on logout). " }-
Back at home I realized that csrss.exe had already been given terminate privilege. In other words, I still have no solution to the discussed problem ...>:(

Hit Cancel in reply to the PG HID when logging out then - I do this and have no problem.

-{ Quote: "Hit Cancel in reply to the PG HID when logging out then - I do this and have no problem." }-
I wonder how you do this. ???
When I log out I click the Log Off button in the Start menu (no HID pops up) and then a second time - now the HID pops up but the log out process is too fast to even press the cancel button. Is it different on your computer? I'm puzzled...

When I log out, the HID appears almost immediately - I have to click Cancel twice and then I get the login screen. The delay in your case may be due to other processes running which use their own termination protection (e.g. KAV, TrojanHunter, etc).