PG went into learning mode

I installed Registry Mechanic 4 and allowed a couple items I thought were related to Registry Mechanic install to run and on next boot PG went into learning mode.

This is the only thing that stood out.

Mon 03 - 08:31:52 [EXECUTION] "c:\windows\is-0gice.exe" was allowed to run
[EXECUTION] Started by "c:\windows\explorer.exe" [600]
[EXECUTION] Commandline - [ "c:\windows\is-0gice.exe" /reg ]

I do not know what is-Ogice is but RegRun caught it trying to attach to runonce at startup I allowed because again I thought it was related to Registry Mechanic install. Anyone have ideas?

Thanks,

Chris

 

Hi Chris, Maybe an email to Registry Mechanic 4 developers will shed some light as googling for that is-0gice.exe gets no hits but it could have been a tempory file used by the Reg Mech's installer.

Pilli

 

Hi Chris12923,

I tested the Registry Mechanic 4 (trial version) installation and did not see that behavior. Nothing executed from the C:\windows directory and no RunOnce key was created before or after enabling the various "scan at startup" options. Rebooted a couple of times but PG did not go into Learning Mode. I saved copies (in case you want to see them) of the PG and RegRun logs, and the unins000.dat from the Registry Mechanic directory before I re-imaged the system.

Nick

 

Thanks. I couldn't repro after restoring so I am not sure what is was. I did send it off to a friend for examination though. Thanks for your help.


Thanks,

Chris

 

hi Chris,
can you post a value of your registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Diamond Computer Systems\ProcessGuard v3.0\Reboots

Ty

Andreas