Computer Reboots After Login

I installed PG 1.3, and rebooted. All was going well. I shutdown my laptop. When I turned it on, it came to the login prompt. I typed in my username and pasword, as my desktop starts to load my computer restarts.

Temp Solution is that I have set procguard.sys to manual and I start it manually

I have tried to diagnose what exactly is conflicting with Process Guard. As it happens after typing in the username and password it isn't a conflict with another service. I guess this makes it a program that starts with the user profile. I tried removing THGuard, but that didn't fix it.

Here is Autostart Viewer's list of what runs at startup on my computer.

DiamondCS Autostart Viewer (www.diamondcs.com.au) - Report for Khaine 02-11-2004
c:\windows\system32\autoexec.nt
C:\WINDOWS\system32\mscdexnt.exe
C:\WINDOWS\system32\redir.exe
C:\WINDOWS\system32\dosx.exe
c:\windows\system32\config.nt
C:\WINDOWS\system32\himem.sys
c:\windows\system.ini [drivers]
timer=timer.drv
c:\windows\system.ini [boot]\shell
C:\WINDOWS\Explorer.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
C:\WINDOWS\Explorer.exe
HKCR\htafile\shell\open\command\
C:\Program Files\Internet Tools\Script Sentry\ScriptSentry.exe "%1" %*
HKCR\vbsfile\shell\open\command\
C:\Program Files\Internet Tools\Script Sentry\ScriptSentry.exe "%1" %*
HKCR\vbefile\shell\open\command\
C:\Program Files\Internet Tools\Script Sentry\ScriptSentry.exe "%1" %*
HKCR\jsfile\shell\open\command\
C:\Program Files\Internet Tools\Script Sentry\ScriptSentry.exe "%1" %*
HKCR\jsefile\shell\open\command\
C:\Program Files\Internet Tools\Script Sentry\ScriptSentry.exe "%1" %*
HKCR\wshfile\shell\open\command\
C:\Program Files\Internet Tools\Script Sentry\ScriptSentry.exe "%1" %*
HKCR\wsffile\shell\open\command\
C:\Program Files\Internet Tools\Script Sentry\ScriptSentry.exe "%1" %*
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\00THotkey
C:\WINDOWS\System32\00THotkey.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\000StTHK
C:\WINDOWS\system32\000StTHK.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\TFNF5
C:\WINDOWS\system32\TFNF5.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SynTPLpr
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SynTPEnh
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\TouchED
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SigmaTel StacMon
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\LtMoh
C:\Program Files\ltmoh\Ltmoh.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\AGRSMMSG
C:\WINDOWS\AGRSMMSG.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\NvCplDaemon
RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ScriptSentry
C:\Program Files\Internet Tools\Script Sentry\ScriptSentry.exe /check
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\TPSMain
C:\WINDOWS\system32\TPSMain.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\TFncKy
TFncKy.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\THGuard
C:\Program Files\TrojanHunter\THGuard.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\SystemSafe
C:\Star Wars\Utilities\System\System Safety Monitor\SysSafe.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\System32\webcheck.dll
C:\WINDOWS\System32\stobject.dll
C:\Documents and Settings\Khaine\Start Menu\Programs\Startup\Process Guard.lnk
C:\Program Files\ProcessGuard\procguard.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BestCrypt Auto Open.lnk
C:\Program Files\BestCrypt\BestCrypt.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\eDexter.lnk
C:\Program Files\Internet Tools\eDexter\eDexter.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Flashget.lnk
C:\Program Files\FlashGet\flashget.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\JAP.lnk
C:\Program Files\Internet Tools\Jap\JAP.jar
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PGPtray.lnk
C:\Program Files\PGP\PGPtray.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Proxomitron.lnk
C:\Program Files\Internet Tools\Proxomitron\Proxomitron.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SpywareGuard.lnk
C:\Star Wars\Utilities\System\Ad Removers\SpywareGuard\sgmain.exe
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
pgdfgsvc C 1
OODBS
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
HKLM\System\CurrentControlSet\Control\WOW\cmdline
C:\WINDOWS\system32\ntvdm.exe
HKLM\System\CurrentControlSet\Control\WOW\wowcmdline
C:\WINDOWS\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\
C:\WINDOWS\system32\mswsock.dll
C:\WINDOWS\system32\rsvpsp.dll
HKLM\System\CurrentControlSet\Services\VxD\JAVASUP\
C:\WINDOWS\system32\JAVASUP.VXD

I am at a loss to as to what is conflicting with process guard. Along with the upgrade from 1.2, I also updated Trojan Hunter and Firebird fox. All of the other programs ran fine alongside process guard.

Any help would be greatly appriciated

 

did you try giving winlogon.exe and userinit.exe full allowances ?

 

Winlogon has these privilages : (whihc is what PG gives it by default)

Long Path :- c:\windows\system32\winlogon.exe
Short Path :- c:\windows\system32\winlogon.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- None

userinit didn't have any privilages so I'll see if that can fix anything

 

I'd check the shell too (i.e. Explorer.exe). And of course you can run msconfig.exe and disable all the start-up applications you load, to rule them out.

In any case, I have to wonder if this is a bug in Process Guard. I can see a program crashing here and there when denied certain privileges, but this is the third case of spontaneous rebooting I've heard or known about, where Process Guard is concerned. I really think that these reboot issues are merely a symptom of an underlying problem.

 

Rename PG_msgprot.exe to PG_msgprot1.exe and reboot. See if that fixes your "startup" crash. Also try removing Close Message Handling on any applications you have added it to.

-Jason-

 

I've found out what ProcessGuard is conflicting with. I am running ProcessGuard on a Toshiba M30 laptop. The laptop came with some power management software, that enabled you to dynamicly switch between different power profiles.

ProcessGuard conflicts with this power management software. Toshiba Power Saver can be downloaded from here http://www.isd.toshiba.com.au/cgi-bin/ai1.exe/topic/content/driver_search_list.jsp?BV_SessionID=%40%40%40%400783218602.1076476086%40%40%40%40&BV_EngineID=eadcjigdmjdebfdhcjkcfgldkh.0&theAction=true&CATOID=-15058&MODE=NPRO&ProductMenu_0=Notebooks&ProductMenu_1=Satellite&ProductMenu_2=295846&x=25&y=7

Hopefully you guys at Diamondcs can find a way to solve this conflict.

I'm just glad that I can my computer normally, with Process Guard enabled, and with minimum fallout

 

Are you certain it is that software?

-Jason-

 

I'm am pretty sure that this is the conflicting software. I have rebooted many times with rocessGuard enabled, and Toshiba Power saver disabled and its been working fine