PROCESSGUARD V3

Discussion in 'ProcessGuard' started by Infinity, Sep 10, 2004.

Thread Status:
Not open for further replies.
  1. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Blaze, if you take a look at how long the unlock code is, you will realize it is quite substantial. Now tell me, does it matter if the "data" in the license is given as text, or stored in a file? :)

    Hackers will never be able to make a key that we ourselves will be fooled by. There is protection in the key which is unbreakable for this particular aspect. That is our biggest problem, and we have solved it.
     
  2. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    yeah i seen the key it might be a littile longher then hyper snap dx 5 lol but ehhhhhhh

    its your guys company i know i cant spell and i know alot of you dont think im sharpest tool

    but in this fild im i dont know resonably knowledgeable i like to think

    but ok sigh

    :(
     
  3. Khaine

    Khaine Registered Member

    Joined:
    Oct 2, 2002
    Posts:
    127
    Have you seen how long the Alcohol 120% unlock code is ?
     
  4. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    777
    @Mr Blaze ...

    Don't keep DCS off their work, i am waiting all night
    for the link to download V3 and i have drunk 50 Liters of coffee

    let them work, the only thing left to do is to make the Beta available.

    :doubt:
     
  5. Khaine

    Khaine Registered Member

    Joined:
    Oct 2, 2002
    Posts:
    127
    One Question about the Beta

    Will previous versions pguard.dat files be compatible ?
     
  6. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :D LOL Alcohol 120% IM SURPRISE THERE NOT BANKRUPT YET FROM ALL THE BANDWITH STEALING AND PIRATING LOL

    Yeah i guess it dont matter i just like dcs like i liked kevin and nancy except they listhened hmmmmmmmmm

    sometimes the very young do not listhen

    blaze stroll over to tenford
     
  7. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Khaine, I would advise complete uninstall including the .dat files, the new learning mode goes a long way to solving the pain IMHO :)
     
  8. Khaine

    Khaine Registered Member

    Joined:
    Oct 2, 2002
    Posts:
    127
    Ok thanks Pilli :)

    I plan to wait until the final version is released. So I really want to see some screenshots of the new features and gui
     
  9. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    I recommend you DONT wait, its worth updating right NOW :) Plus you could give us some valuable feedback..

    Old PGUARD.DAT and PGHASH.DAT files are NOT compatible, but the enhanced learning mode can set up everything for you. Choose your protection level, run your system in Learning mode and it will set itself up ;)
     
  10. Khaine

    Khaine Registered Member

    Joined:
    Oct 2, 2002
    Posts:
    127
    You talked me into it

    Wish me luck :)

    I'll post some screenshots for all you people wanting to see the new features
     
  11. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Looks really good, has a more "solid feel" to it, faster, much easier to change protection options, overall great! :)

    Only a couple minor things come to mind after using it a whole 10 mins; changeable color schemes like the last version (another option besides pastel pink and purple... please... :D ), a right click menu, and automatic scrolling on the alerts window.

    Is there no more human verification dialog and "disabled" tray icon?
     
    Last edited: Sep 20, 2004
  12. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :cool: Clean uninstall
    reboot

    clean install
    reboot

    registration of product just copy and paste but its a bit tripy as the key inserted places the registration in a layout difrent then the one in your notepad from left to right to middile

    The interface is clean easy to understand check

    The interface is cool in a none sherlaunt way check

    The interface is extreamly newbie friendly check

    bug 1 pg went to task bar like normal i went to look in it closed it afterwards with x did not return to task bar

    bug 2 called pg 3 out worked went to minimize - but did not dissapeared no confirmation code required for change

    bug 3 cant call pg 3 out no more interface will not display

    i am on celeron 700 mhz 120 gig ext hd 80 gig int hd 20 gig intr hd
    gateway essinthial pc 512 sd ram

    All dcs products zap nav 2002 system works juno 7

    does pg protection work if not on task bar

    or did you put the hide icon feature i requested where pg is on start up but no icon needed on system tray?

    pg still cant be called out
     
  13. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :cool: pgaccount on start up
    processguard on start up

    two new things on start up?

    this useally means longher to start up

    i was shock not to see code confimations nore a options menue for how to handle start ups

    process gurad not working no more it is in the process section but no cpu ussage 00

    i also see exec.exe 00 cpu exec.exe 00 cpu
     
  14. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    rebooting to see if pg3 is working looked like it crashed but does not effect the pc

    crashing bad but not effecting the pc thats a good thing
     
  15. Starrob

    Starrob Registered Member

    Joined:
    Apr 14, 2004
    Posts:
    493
    I have a question? Is there any reason to allow any program to access the physical memory? For instance...should I allow antivirus programs or AT programs like TDS-3 to access physical memory or is that not necesarry?

    The program looks good. Looks like there might be a few minor issues but I will know that over the next few days. On my second reboot...the program would not initialize at first. I was getting ready to uninstall and re-install again but first I clicked on the program again and it was running.....sort of a delayed effect.

    We will see how it plays out.



    Starrob
     
  16. frogfoot

    frogfoot Registered Member

    Joined:
    Aug 8, 2004
    Posts:
    116
    Location:
    Yeovil UK
    Some initial observations from me.

    1) Block Global hooks seems to work better on my system, My Wacom Tablet now works when I allow the process 'Allow global hooks ' priv. (It didnt work previously)

    2) After the initial install, I disabled Learning mode (no check in box), and applied the changes. However when I run new programs they are allowed to run (no confirmation box). It seems that Learning mode is stuck on!
    I then rebooted and things seemed better. But after a few minutes I am getting no prompts.

    3) Closed message handling still not working on my system. I gave Agnitum Outpost 'Securly handle Closing' option and then tried to close it, A verification dialogue popped up. I pressed Cancel without (typing the verification string in) A second Verification window was displayed, I pressed cancel again and Outpost closed.
    I would not expect a second verification window after pressing cancel and would certainly not expect the application to close.

    4) Assuming that the CMH will work as expected , when I shut down the system It is annoying to have to enter the verification string for all protected apps, Is it possible to give winlogon the privs to shut down the protected apps without a verification window? (ie give Winlogon Terminate privs) ans is this safe?

    5) Disabling all protection in the main window (Clearing 'Enable Protection' box) does not prompt for a verification dialogue box, is this correct?
    Thanks
    Tom
     
  17. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    2:55am pg is on task bar algain
    rigtclick on icon just as i suspected no start up or hide icon option or exit
    turn on zap turn on juno acessing internet
    curently 4 icons on systemtray
    process guard nav juno zap

    3:02 am processguard pop up
    svchost.exe
    genric host process for win 32 services
    folder c\system32\ folder

    process guard pop up for hypersnap lol
    trying to take pic of first pop up

    not good i seem to be geting alot of these pop ups

    seems to be a cross between boclean's exclude fuction just nicer desghien and a firewall
    these pop ups freez ever program untill you either deny or permit the application

    this will be hard on newbies

    since there no toggle switch i have moved this up to intermidiate status
    not a beginer application but the interface is easy and newbie friendly

    but its other features can be hard on a beginer
     
  18. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Frog foot. I assume as it is your firewall that it was running when you tried CMH?
    Close message handling needs to be enabled when the program is not running, once running the file pguard.dll should be injected into the process allowing CMH to work properly
     
  19. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    ---Process Guard Log Started---
    Mon 20 - 02:11:55 [EXECUTION] "c:\windows\system32\psdrvcheck.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\windows\system32\psdrvcheck.exe" -checkreg ]
    Mon 20 - 02:11:57 [EXECUTION] "c:\progra~1\maxtor\onetouch\utils\onetouch.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\progra~1\maxtor\onetouch\utils\onetouch.exe" ]
    Mon 20 - 02:11:57 [EXECUTION] "c:\progra~1\common~1\symant~1\script~1\sbserv.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ c:\progra~1\common~1\symant~1\script~1\sbserv.exe ]
    Mon 20 - 02:11:58 [EXECUTION] "c:\windows\mxoaldr.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\windows\mxoaldr.exe" ]
    Mon 20 - 02:11:59 [EXECUTION] "c:\program files\photodex\proshowgold\scsiaccess.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ "c:\program files\photodex\proshowgold\scsiaccess.exe" ]
    Mon 20 - 02:11:59 [EXECUTION] "c:\god's shild\processguard\pgaccount.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\god's shild\processguard\pgaccount.exe" ]
    Mon 20 - 02:12:00 [EXECUTION] "c:\progra~1\norton~1\speedd~1\nopdb.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ c:\progra~1\norton~1\speedd~1\nopdb.exe ]
    Mon 20 - 02:12:00 [EXECUTION] "c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ "c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe" ]
    Mon 20 - 02:12:01 [EXECUTION] "c:\windows\system32\wdfmgr.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ c:\windows\system32\wdfmgr.exe ]
    Mon 20 - 02:12:02 [EXECUTION] "c:\god's shild\processguard\procguard.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\god's shild\processguard\procguard.exe" -minimize ]
    Mon 20 - 02:12:02 [EXECUTION] "c:\program files\hhvcdv5sys\vc5secs.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ "c:\program files\hhvcdv5sys\vc5secs.exe" ]
    Mon 20 - 02:12:03 [EXECUTION] "c:\program files\hhvcdv6sys\vc6secs.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ "c:\program files\hhvcdv6sys\vc6secs.exe" ]
    Mon 20 - 02:12:08 [EXECUTION] "c:\windows\wanmpsvc.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ "c:\windows\wanmpsvc.exe" ]
    Mon 20 - 02:12:10 [EXECUTION] "c:\program files\virtual cd v6 fs\system\vc6fserv.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ "c:\program files\virtual cd v6 fs\system\vc6fserv.exe" ]
    Mon 20 - 02:12:17 [EXECUTION] "c:\windows\system32\imapi.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ c:\windows\system32\imapi.exe ]
    Mon 20 - 02:12:19 [EXECUTION] "c:\program files\common files\symantec shared\ccpwdsvc.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ "c:\program files\common files\symantec shared\ccpwdsvc.exe" ]
    Mon 20 - 02:12:20 [EXECUTION] "c:\windows\system32\alg.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ c:\windows\system32\alg.exe ]
    Mon 20 - 02:12:22 [EXECUTION] "c:\windows\regedit.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\common files\symantec shared\ccpwdsvc.exe" [2084]
    [EXECUTION] Commandline - [ regedit.exe /e "c:\program files\common files\symantec shared\ccreg.dat" "hkey_local_machine\software\symantec\ccreg" ]
    Mon 20 - 02:12:35 [EXECUTION] "c:\windows\regedit.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\common files\symantec shared\ccpwdsvc.exe" [2084]
    [EXECUTION] Commandline - [ regedit.exe /e "c:\program files\common files\symantec shared\commonclient.dat" "hkey_local_machine\software\symantec\commonclient" ]
    Mon 20 - 02:12:43 [EXECUTION] "c:\windows\system32\notepad.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\windows\system32\notepad.exe" c:\documents and settings\god\desktop\processguard v3.0.txt ]
    Mon 20 - 02:13:06 [EXECUTION] "c:\windows\system32\wuauclt.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1024]
    [EXECUTION] Commandline - [ "c:\windows\system32\wuauclt.exe" /runstoreascomserver local\[400]susdsf34599a511888a4caac2ee6ae87cf365 ]
    Mon 20 - 02:14:43 [EXECUTION] "c:\program files\zone labs\zonealarm\zlclient.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\program files\zone labs\zonealarm\zlclient.exe" ]
    Mon 20 - 02:14:56 [EXECUTION] "c:\windows\system32\zonelabs\vsmon.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [676]
    [EXECUTION] Commandline - [ c:\windows\system32\zonelabs\vsmon.exe -service ]
    Mon 20 - 02:15:46 [EXECUTION] "c:\program files\juno\exec.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\program files\juno\exec.exe" ]
    Mon 20 - 02:15:51 [EXECUTION] "c:\program files\juno\exec.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\juno\exec.exe" [2820]
    [EXECUTION] Commandline - [ exec 95db625hsjl ]
    Mon 20 - 02:16:44 [EXECUTION] "c:\god's shild\processguard\procguard.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\god's shild\processguard\procguard.exe" ]
    Mon 20 - 02:17:14 [EXECUTION] "c:\program files\internet explorer\iexplore.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\juno\exec.exe" [2832]
    [EXECUTION] Commandline - [ "c:\program files\internet explorer\iexplore.exe" -nohome "http://my.juno.com/s/sp?r=al&cf=sp&mem=yourblazey&key=5f01e12aafecc718161f8efd83fbfd20&ts=414ea0b8&a=353309640000699&b=1073289600000&c=1044345600000&d=0&i=7.jh4&n=pl&o=i" ]
    Mon 20 - 02:18:22 [EXECUTION] "c:\god's shild\processguard\procguard.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\god's shild\processguard\procguard.exe" ]
    Mon 20 - 02:19:00 [EXECUTION] "c:\god's shild\processguard\procguard.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\god's shild\processguard\procguard.exe" ]
    Mon 20 - 02:19:39 [EXECUTION] "c:\program files\microsoft money\system\urlmap.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [940]
    [EXECUTION] Commandline - [ "c:\program files\microsoft money\system\urlmap.exe" -embedding ]
    Mon 20 - 02:28:13 [EXECUTION] "c:\god's shild\processguard\procguard.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\god's shild\processguard\procguard.exe" ]
    Mon 20 - 02:34:38 [EXECUTION] "c:\windows\system32\taskmgr.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\winlogon.exe" [632]
    [EXECUTION] Commandline - [ taskmgr.exe ]
    Mon 20 - 02:36:48 [EXECUTION] "c:\program files\microsoft money\system\urlmap.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [940]
    [EXECUTION] Commandline - [ "c:\program files\microsoft money\system\urlmap.exe" -embedding ]
    Mon 20 - 02:38:06 [EXECUTION] "c:\god's shild\processguard\procguard.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\god's shild\processguard\procguard.exe" ]
    Mon 20 - 02:38:37 [EXECUTION] "c:\windows\pchealth\helpctr\binaries\msconfig.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\windows\pchealth\helpctr\binaries\msconfig.exe" ]
    Mon 20 - 02:39:31 [EXECUTION] "c:\program files\microsoft money\system\urlmap.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [940]
    [EXECUTION] Commandline - [ "c:\program files\microsoft money\system\urlmap.exe" -embedding ]
    Mon 20 - 02:42:55 [EXECUTION] "c:\windows\system32\taskmgr.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\winlogon.exe" [632]
    [EXECUTION] Commandline - [ taskmgr.exe ]
    Mon 20 - 02:46:10 [EXECUTION] "c:\windows\system32\taskmgr.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\winlogon.exe" [632]
    [EXECUTION] Commandline - [ taskmgr.exe ]
    Mon 20 - 02:47:26 [EXECUTION] "c:\god's shild\processguard\procguard.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1388]
    [EXECUTION] Commandline - [ "c:\god's shild\processguard\procguard.exe" ]
    Mon 20 - 02:47:29 [EXECUTION] "c:\program files\microsoft money\system\urlmap.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [940]
    [EXECUTION] Commandline - [ "c:\program files\microsoft money\system\urlmap.exe" -embedding ]
    Mon 20 - 02:48:48 [EXECUTION] "c:\program files\microsoft money\system\urlmap.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [940]
    [EXECUTION] Commandline - [ "c:\program files\microsoft money\system\urlmap.exe" -embedding ]
    Mon 20 - 02:50:32 [EXECUTION] "c:\program files\microsoft money\system\urlmap.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [940]
    [EXECUTION] Commandline - [ "c:\program files\microsoft money\system\urlmap.exe" -embedding ]
    Mon 20 - 02:51:19 [EXECUTION] "c:\windows\system32\logonui.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\winlogon.exe" [632]
    [EXECUTION] Commandline - [ logonui.exe /status /shutdown ]
    Mon 20 - 02:51:50 [EXECUTION] "c:\windows\system32\wuauclt.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1024]
    [EXECUTION] Commandline - [ "c:\windows\system32\wuauclt.exe" /runstoreascomserver local\[400]susds9326e837ee113841900363853cc41e5f ]

    ---Process Guard Log Started---
    Mon 20 - 02:53:30 [EXECUTION] "c:\program files\dantz\retrospect\retrorun.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ "c:\program files\dantz\retrospect\retrorun.exe" ]
    Mon 20 - 02:53:32 [EXECUTION] "c:\program files\maxtor\onetouch\utils\onetouch.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\progra~1\maxtor\onetouch\utils\onetouch.exe" ]
    Mon 20 - 02:53:33 [EXECUTION] "c:\windows\mxoaldr.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\windows\mxoaldr.exe" ]
    Mon 20 - 02:53:34 [EXECUTION] "c:\god's shild\processguard\pgaccount.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\god's shild\processguard\pgaccount.exe" ]
    Mon 20 - 02:53:35 [EXECUTION] "c:\program files\common files\symantec shared\script blocking\sbserv.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ c:\progra~1\common~1\symant~1\script~1\sbserv.exe ]
    Mon 20 - 02:53:35 [EXECUTION] "c:\program files\photodex\proshowgold\scsiaccess.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ "c:\program files\photodex\proshowgold\scsiaccess.exe" ]
    Mon 20 - 02:53:36 [EXECUTION] "c:\program files\norton systemworks\speed disk\nopdb.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ c:\progra~1\norton~1\speedd~1\nopdb.exe ]
    Mon 20 - 02:53:37 [EXECUTION] "c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ "c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe" ]
    Mon 20 - 02:53:38 [EXECUTION] "c:\god's shild\processguard\procguard.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\god's shild\processguard\procguard.exe" -minimize ]
    Mon 20 - 02:53:38 [EXECUTION] "c:\windows\system32\wdfmgr.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ c:\windows\system32\wdfmgr.exe ]
    Mon 20 - 02:53:38 [EXECUTION] "c:\program files\hhvcdv5sys\vc5secs.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ "c:\program files\hhvcdv5sys\vc5secs.exe" ]
    Mon 20 - 02:53:39 [EXECUTION] "c:\program files\hhvcdv6sys\vc6secs.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ "c:\program files\hhvcdv6sys\vc6secs.exe" ]
    Mon 20 - 02:53:45 [EXECUTION] "c:\windows\wanmpsvc.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ "c:\windows\wanmpsvc.exe" ]
    Mon 20 - 02:53:47 [EXECUTION] "c:\program files\virtual cd v6 fs\system\vc6fserv.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ "c:\program files\virtual cd v6 fs\system\vc6fserv.exe" ]
    Mon 20 - 02:53:54 [EXECUTION] "c:\windows\system32\imapi.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ c:\windows\system32\imapi.exe ]
    Mon 20 - 02:53:55 [EXECUTION] "c:\program files\common files\symantec shared\ccpwdsvc.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ "c:\program files\common files\symantec shared\ccpwdsvc.exe" ]
    Mon 20 - 02:53:56 [EXECUTION] "c:\windows\system32\alg.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ c:\windows\system32\alg.exe ]
    Mon 20 - 02:53:58 [EXECUTION] "c:\windows\regedit.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\common files\symantec shared\ccpwdsvc.exe" [2088]
    [EXECUTION] Commandline - [ regedit.exe /e "c:\program files\common files\symantec shared\ccreg.dat" "hkey_local_machine\software\symantec\ccreg" ]
    Mon 20 - 02:54:16 [EXECUTION] "c:\windows\regedit.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\common files\symantec shared\ccpwdsvc.exe" [2088]
    [EXECUTION] Commandline - [ regedit.exe /e "c:\program files\common files\symantec shared\commonclient.dat" "hkey_local_machine\software\symantec\commonclient" ]
    Mon 20 - 02:54:36 [EXECUTION] "c:\windows\system32\wuauclt.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1012]
    [EXECUTION] Commandline - [ "c:\windows\system32\wuauclt.exe" /runstoreascomserver local\[3f4]susds6669facabe3bea469a1a5fcf92d5df0c ]
    Mon 20 - 02:55:18 [EXECUTION] "c:\windows\system32\notepad.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\windows\system32\notepad.exe" ]
    Mon 20 - 02:56:58 [EXECUTION] "c:\program files\zone labs\zonealarm\zlclient.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\program files\zone labs\zonealarm\zlclient.exe" ]
    Mon 20 - 02:57:08 [EXECUTION] "c:\windows\system32\zonelabs\vsmon.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ c:\windows\system32\zonelabs\vsmon.exe -service ]
    Mon 20 - 02:59:06 [EXECUTION] "c:\program files\juno\exec.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\program files\juno\exec.exe" ]
    Mon 20 - 02:59:07 [EXECUTION] "c:\program files\juno\exec.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\juno\exec.exe" [2876]
    [EXECUTION] Commandline - [ exec 95db625hsjl ]
    Mon 20 - 02:59:20 [EXECUTION] "c:\program files\juno\exec.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\program files\juno\exec.exe" ]
    Mon 20 - 02:59:21 [EXECUTION] "c:\program files\juno\exec.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\juno\exec.exe" [2876]
    [EXECUTION] Commandline - [ exec 95db625hsjl ]
    Mon 20 - 03:06:00 [EXECUTION] "c:\windows\system32\svchost.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [680]
    [EXECUTION] Commandline - [ c:\windows\system32\svchost.exe -k imgsvc ]
    Mon 20 - 03:06:00 [EXECUTION] "c:\program files\microsoft money\system\urlmap.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [928]
    [EXECUTION] Commandline - [ "c:\program files\microsoft money\system\urlmap.exe" -embedding ]
    Mon 20 - 03:06:08 [EXECUTION] "c:\program files\hypersnap-dx 5\hprsnap5.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\program files\hypersnap-dx 5\hprsnap5.exe" ]
    Mon 20 - 03:06:09 [EXECUTION] "c:\program files\internet explorer\iexplore.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\juno\exec.exe" [2932]
    [EXECUTION] Commandline - [ "c:\program files\internet explorer\iexplore.exe" -nohome "http://my.juno.com/s/sp?r=al&cf=sp&mem=yourblazey&key=1b54678f35083785a8cac05982169612&ts=414eaaf2&a=353309640000709&b=1073289600000&c=1044345600000&d=0&i=7.jh4&n=pl&o=i" ]
    Mon 20 - 03:06:11 [EXECUTION] "c:\windows\system32\wuauclt.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1012]
    [EXECUTION] Commandline - [ "c:\windows\system32\wuauclt.exe" /runstoreascomserver local\[3f4]susdsfedc27a7c26602459e062378b95e77c8 ]
    Mon 20 - 03:06:12 [EXECUTION] "c:\program files\hypersnap-dx 5\hprsnap5.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\program files\hypersnap-dx 5\hprsnap5.exe" ]
    Mon 20 - 03:06:14 [EXECUTION] "c:\program files\hypersnap-dx 5\hprsnap5.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\program files\hypersnap-dx 5\hprsnap5.exe" ]
    Mon 20 - 03:06:16 [EXECUTION] "c:\program files\hypersnap-dx 5\hprsnap5.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\hypersnap-dx 5\hprsnap5.exe" [3420]
    [EXECUTION] Commandline - [ "c:\program files\hypersnap-dx 5\hprsnap5.exe" ]
    Mon 20 - 03:06:18 [EXECUTION] "c:\program files\hypersnap-dx 5\hprsnap5.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\hypersnap-dx 5\hprsnap5.exe" [3568]
    [EXECUTION] Commandline - [ "c:\program files\hypersnap-dx 5\hprsnap5.exe" ]
    Mon 20 - 03:06:41 [EXECUTION] "c:\program files\hypersnap-dx 5\hprsnap5.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\hypersnap-dx 5\hprsnap5.exe" [3588]
    [EXECUTION] Commandline - [ "c:\program files\hypersnap-dx 5\hprsnap5.exe" ]
    Mon 20 - 03:10:37 [EXECUTION] "c:\windows\system32\wbem\wmiprvse.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [928]
    [EXECUTION] Commandline - [ c:\windows\system32\wbem\wmiprvse.exe -embedding ]
    Mon 20 - 03:10:38 [EXECUTION] "c:\program files\microsoft money\system\urlmap.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [928]
    [EXECUTION] Commandline - [ "c:\program files\microsoft money\system\urlmap.exe" -embedding ]
    Mon 20 - 03:10:38 [EXECUTION] "c:\program files\hypersnap-dx 5\hprsnap5.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\program files\hypersnap-dx 5\hprsnap5.exe" ]
    Mon 20 - 03:10:40 [EXECUTION] "c:\program files\hypersnap-dx 5\hprsnap5.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\hypersnap-dx 5\hprsnap5.exe" [1408]
    [EXECUTION] Commandline - [ "c:\program files\hypersnap-dx 5\hprsnap5.exe" ]
    Mon 20 - 03:14:51 [EXECUTION] "c:\program files\microsoft money\system\urlmap.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [928]
    [EXECUTION] Commandline - [ "c:\program files\microsoft money\system\urlmap.exe" -embedding ]
    Mon 20 - 03:19:42 [EXECUTION] "c:\program files\hypersnap-dx 5\hprsnap5.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\program files\hypersnap-dx 5\hprsnap5.exe" ]
    Mon 20 - 03:19:43 [EXECUTION] "c:\program files\hypersnap-dx 5\hprsnap5.exe" was allowed to run
    [EXECUTION] Started by "c:\program files\hypersnap-dx 5\hprsnap5.exe" [2104]
    [EXECUTION] Commandline - [ "c:\program files\hypersnap-dx 5\hprsnap5.exe" ]
    Mon 20 - 03:22:27 [EXECUTION] "c:\program files\microsoft money\system\urlmap.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\svchost.exe" [928]
    [EXECUTION] Commandline - [ "c:\program files\microsoft money\system\urlmap.exe" -embedding ]
    Mon 20 - 03:22:29 [EXECUTION] "c:\windows\system32\notepad.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\explorer.exe" [1376]
    [EXECUTION] Commandline - [ "c:\windows\system32\notepad.exe" c:\god's shild\processguard\logs\pglog_09_2004.txt ]
     
  20. frogfoot

    frogfoot Registered Member

    Joined:
    Aug 8, 2004
    Posts:
    116
    Location:
    Yeovil UK
    Thanks Pilli, Will try that now.
    Tom
     
  21. Bowserman

    Bowserman Infrequent Poster

    Joined:
    Apr 15, 2003
    Posts:
    510
    Location:
    South Australia
    Hi frogfoot :). If you use a program like Process Explorer, you should see pguard.dll loaded in any program with CMH enabled. See screeny.

    Regards,
    Jade.
     

    Attached Files:

  22. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :cool: 1 lol cool
     

    Attached Files:

    • pg1.jpg
      pg1.jpg
      File size:
      31.1 KB
      Views:
      270
  23. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Blazie on trusteds apps when you get a pop up click the permit + always tickbox and it will not bother you again unless the .exe is changed :)
     
  24. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :cool: yup newbie interface
     

    Attached Files:

    • pg2.jpg
      pg2.jpg
      File size:
      34.2 KB
      Views:
      273
  25. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :D yup just runing it threw the blaze test lol
     

    Attached Files:

    • pg 3.jpg
      pg 3.jpg
      File size:
      35.6 KB
      Views:
      269
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.