Want to pass along something that occurred last week after the MS updates... Two fairly simelar computers... Gateway 2.2 and Dell 2.8, both XP home. Both running BID and PG V3.150, AVG PRO.. Prior to updates both PG programs put in "LEARN" mode. After updates, Gateway rebooted fine. Dell locked up with no start, no systray. Since no start, no access to other things, and power cycle only recourse. From safe mode, I did a restore to a week prior, and all was fine. I removed Black Ice, did the MS updates and on restart, found that BID was not the cause. Another Restore, removed BID and PG, then did MS updates. Reboot fine. Then re-installed BID, and PG, and left PG in learing mode. Next day all is fine, but following day, system locked up with no Start and Systray again. Processguard was removed in safe mode. All this was a week ago... No problems since... With PG removed from Dell. However, tonight, out of the blue, the Gateway started acting up... I was able to determine that the file that PG was blocking was wgatray.exe. Got into PG enough to tell it to allow memory execution.... Reboot. fine!!! PG is now allowing wgatray.exe to run now.... As a follow up to all this.... I have a hunch that BID also 'missed' something in the MS updates from last week as well, as I kept getting application protection prompts, even after the MS Updates (which were installed in the BID "Install" mode) and scanned afterward... What I did to get around that was Halt BID Application Protection, toss the BID checksum file, restart the application, and do another Basefile for Application Protection.... THEN BID was fine! My relatively un-professional guess is that something in the MS updates is getting past the Applications Protection portion of Processguard AND BID. Jan
i have not experienced any problems relating to PG and "windows updates".. i did have to add wgatray.exe to PG's protection so that wgatray.exe could "read" winlogon.exe (i have winlogon.exe protected from "read").. p.s. i don't know what "BID" is..
BID is BlackICE Defender, which I believe the post mentions. The issue may be related to Windows Genuine Advantage Notifications, which is technically a beta but is pushed out as a critical update. Unless you didn't install it, that is. Either way WGA is apparently fussing over your current setup. I haven't had any problems myself with no wgatray.exe in my list and with winlogon.exe protected from reading. I can't say for sure, but maybe WGA is flagging your systems' OS as pirated? This might explain why XP is having a fit in regards to normal boot, but this is just a shot in the dark.
I highly recommend you disable PG instead of Learning Mode. No chance of problems, Learning Mode on for 1 reboot instead if a reboot is required.
I've been watching the bootup on the computer that still uses PG, and I find that with EVERY Bootup, wgatray.exe is being blocked 105 times from accessing physical memory, then it stops... The number 105 is seen each day.... On same alerts screen there is a "allow Phys. Memory" button..... Should I let things continue as it is, or click on Allow Phys. Memory, or ? Thanks.
seeing it is an official windows exe ... i would say allow it to access Phys Mem if however you do want to block it and reduce the number of alert messages, try blocking it from execution (although with this particular exe it may have negative effects on windows update)
Well, given the numerous complaints about Windows Genuine Advantage, this is one time when people may feel justified in blocking an "official" Windows file. Jan J, you may wish to check out GKWeb's RemoveWGA as another option to deal with this unnecessary item.
imo, yes, jan, you should allow "wgatray.exe" to access memory since it apparently needs to access memory.. i would allow any legitimate programs to have whatever priviledges they need except that i have some of them set for "allow once"..
Microsoft was hit with second lawsuit over WGA http://news.zdnet.com/2100-3513_22-6090651.html @redwolfe I got the same thing. [edit]PG just asked me if I want iexplore.exe to access access memory