Disappointed With Process Guard's Many Bugs

Hi Everyone,

I bought Process Guard ( have the whole set now!!) a few weeks ago and have installed it on a new PC and it never works properly. It is full of bugs and I am waiting a while for a fix. I was advised to come to the forum but I am not happy about that advice because I read a post the other day where someone had come to the forum with a LEGITIMATE problem and was sincere yet was accused of DCS bashing - obviously by a DCS fanatic who can't accept that DCS aren't GOD.

So I kindly request that only people who have some maturity and understanding reply to this post as I don't want to get into a fight or slanging match. All I want is for the product I paid for to work properly so PLEASE DON'T ACCUSE ME OF DCS BASHING BECAUSE I AM NOT DOING THAT . I just have problems and nobody, not even DCS seem to be able or willing to help.

I paid for the product and my problems are:

1. Tabs on pop-ups sometimes disappear or are black & purple and unclickable & I either have to do an ALT-F4 or reboot. I reported this problem about 6 weeks ago but no fix yet.

2. Many times Process Guard just loads 'turned off' (with a cross on the icon). I never used to worry about this but now I checked the log file it says both steps failed. Now this has happened ever since I bought the program but I used to just turn it on again thinking that it was nothing much but actually the driver has failed etc.

3. My PC is brand new. My video card is brand new. PC has had a routine check by a techician and passed with flying colours so please don't blame my PC.

4. I have no system crashes. No other problems with any other software on my PC EXCEPT Process Guard.

5. Intel Pentium 4 2.6C with Hyper-Threading, 1 GIG Ram, ASUS ATI 9600 XT,
Abit A17 motherboard with Uguru chip, Seagate 80 GB 7200rpm hard drive, Windows XP Home Edition SP1. PC purchased in February 2004.

OK now I haven't got any experience and I'm firstly not happy about being referred to a forum for tech support when I paid for the product. DCS are paid computer programmers & know their product better than anyone else and I have had problems being abused on this forum so I am very reluctant to come here because I feel very unwelcome. I used to come here and enjoy it until I noticed that one guy who referred TDS to other people and then some trojans got through posted and complained and was accused of DCS bashing. Some very immature people see any negative comments about DCS or their products as 'DCS bashing' and become very rude and discourteous to people who sincerely come to this forum seeking a solution to their problems.

I just wish I was able to beta test this product because then the bugs could have been found BEFORE it was released. I don't like the idea of an unfinished product being released and then the company leaving it to the forum to take care of customers.Troubleshooting & programming software is what DCS are paid and trained for not the forum or myself.

However IF I am treated with common courtesy then I will be more than happy to try any of your suggestions here but PLEASE don't misconstrue my intentions because it is not right when people are sincere and DCS IS in the wrong that people get all defensive and start making wild accusations of DCS bashing.

I love all of DCS's programs but I'm impatient for them to work properly especially when I have paid for it and am really excited about PG but can't use it.

Dave

 

Hi,

PG really should work fine on your PC. Feb 2004 is however not "new" since you could have been infected with anything in a few months, and also the BIOS may have had an update by now. My first suggestion was to check video drivers and the BIOS version and upgrade these to the latest drivers. Can you tell us what version of video driver you have, and who the manufacturer is ? The ATI latest drivers are what you should install, NOT the default Microsoft driver which could be installed (or the MS driver on Windows Update)

Please email me so we can go through a few things to check.. but for starters the AI7 (thats an i not the number 1) seems to be the board you have. The latest BIOS version is 1.6 released LATE Feb so I would assume you have 1.4 or lower which could influence it. HOWEVER, the BIOS version is less likely to be the problem, most likely would be a video driver.

Please remember we cannot reproduce this on any of our systems here, nor can any of the beta testers. I felt and still do feel it is something to do with your setup for that exact reason - I could replicate the problem on an older machine with old drivers and ended up fixing it, and yes PG was the ONLY thing which showed up the system instability. I think its likely that other things such as a 3D game could have showed up the instability too, but I hadn't tried that. I cannot replicate the problem again on that system, after weeks, so I count that as fixed

 

Of course you are MOST welcome here, as is everyone ! Please email us again though, so we can get back to trying to track down your specific problem

 

Hi Worldcitizen,

Thankyou for your feedback and report. Unfortunately, some people (but this is a very small minority) have experienced problems when using Process Guard, but the majority of people experience no problems at all, and what you refer to as "bugs" are almost certainly incompatibility issues rather than actual bugs, as bugs typically tend to affect everyone but the issues you're experiencing seem mostly isolated to your computer. It's also very possible that existing software on your system is causing the conflict(s) - low-level programs such as firewalls or anti-virus systems can often cause issues if they change the behaviour of the operating system.

This is why we offer a FREE version of Process Guard so that people can try and use Process Guard (for an unlimited time) on their system to ensure that they like it, that it's compatible with their system, etc, and we always recommend that people try the free version first, then there's no chance of problems like this happening.

Process Guard is a new type of security system - there is nothing like it in the world, and as such we've developed technologies that have never been used before, and that often use undocumented system functions in order to make Process Guard possible. The advantage of this is that it allows Process Guard to provide your system with unprecedented levels of security that you cannot otherwise achieve. The disadvantage is that it's very difficult for us to create such a program that works flawlessly on 100% of machines, the three main reasons being 1) everyone has different hardware, 2) everyone has different software installed on their system, and 3) it's impossible for us to test our software on all possible configurations of operating system and various installed software, but we've done everything we possibly can do to make the program as stable and compatible as possible - that's in everyones best interests (yours as a customer, and ours as the developer), so I assure you it is something we spend a lot of time on, but I hope you can understand why it is impossible to create driver-based programs that are 100% stable and compatible on 100% of systems.

A new build of Process Guard isn't too far away, if you could please email techsupport@diamondcs.com.au with 1) a list of problems you experience (and when you experience them, how to invoke the problem, etc), 2) your hardware specs, and 3) a list of installed programs, services and drivers, that'll help us in being able to isolate what might be happening on your particular system and hopefully then with any luck we'll be able to get you a build that sits happily on your system - fingers crossed!

Best regards,
Wayne

 

Thanks very much everyone!

I really LOVE this program because I noticed many benefits. Jason said the problems with the tabs had been reported by some users and he was working on a fix. The other problem seems to be cloaking itself. I would install PG and everything would be fine. Then after a day or 2 I noticed PG had a cross in the icon on start-up. This happened each time after I had installed PG but I used to just turn it back on thinking it failed to load properly at start up until yesterday I checked the log file and it said it had failed the two steps and that the driver was either not installed correctly or corrupted.

As to the bios version - I always update my mobo bios and so I have the latest which is version 16 and the latest ATI drivers which are the catalyist 4.4 so I'm covered there. XP Home Edition is installed with SP1.

So what I have done now is uninstall all security software. I have only NOD 32 and XP Firewall running.

1. I think this time all I can do is install PG and WAIT and when the driver gets corrupted or it turns off then what exact info should I post or send?. I always make the error of getting frustrated and uninstalling without keeping the logs or making a note so I'll do that this time. So I'll install PG now and read your posts again.

The biggest problem with Process guard is that it's the kind of program that people will fight over - it's that good - and so I just MUST have it and what really upsets me is I buy a new PC and the one program that I really like keeps getting corrupted but usually only after a few days using it. So it does work effectively for a while until SOMETHING attacks and disables PG and corrupts it's driver. Could it have been that I put it back into learning mode and forgot to turn learning mode off so the driver got corrupted? I had turned learning mode on because I was installing something. Also I ticked the dll and driver protection - was that right?

As to 3D games. I play SpellForce for 8 hours on end and it recommends a machine with 1.8 ghz and 1 gb ram and I have no crashes in such an intensive game so my video card is working just fine. As to my PC being infected. I install a fresh copy of Windows occasionally and I just did this a few days ago and did a full format and had a clean machine.

Where the situation stands now is it seems to be that something is corrupting the PG driver so I'll install it and wait and see what happens.
The other problem here is that I have all new hardware and some of the stuff on this PC is new to me - new drivers, new configurations and it's quite complicated. I have so many drivers to install and set-up now. I've got a Realtec Lan Connection which always shows up in my connections but I don't know what to use it for so I didn't install the drivers and turned it off. Also I have a 1394 Net Adaptor and haven't got a clue what that's for so I disabled it always. Things like this could be a problem if I am disabling things that should be on but I don't think I need these devices.

I REALLY APPRECIATE your help and understanding and I really feel good about the forum again. I though you were all going to get mad at me for getting frustrated so I'm sorry but it's all because I really like PG and want to have it as a permanent fixture on my PC.

Regards

Dave

 

OK Peter. I had uninstalled it the other day but today when I tried to install it I got a pop up message that it could not install the driver. Currently it is in learning mode but if the driver is not installed then am I protected or not? This is not clear because it's acting as if it's protecting me and I wouldn't have a clue whether a missing driver would stop that protection. So for the average user something needs to be included ot PG must refuse to work entirely if something goes wrong otherwise users will just think everything is fine until they get their security is breached. There is no communication here in 'my language telling me to re-install PG or that it is malfunctioning'

Here is the log:

Welcome to DiamondCS Process Guard.
This program does not need to be running for your system to be protected.

13 May 13:57:53 - Window Log Started
13 May 13:57:53 - Initializing Process Guard over 2 steps. If either step fails some protection may not be active.
13 May 13:57:54 - [1 of 2] Failure: Driver is not correctly installed or active.
13 May 13:57:54 - [2 of 2] Success: Process Guard's Protection is currently Enabled.
13 May 13:57:54 - General Protection Options
13 May 13:57:54 - [1 of 4] Block End-Task is disabled.
13 May 13:57:54 - [2 of 4] Block Appinit registry key is disabled.
13 May 13:57:54 - [3 of 4] Block Drivers/Services is disabled.
13 May 13:57:54 - [4 of 4] Block Global Hooks is disabled.

The driver didn't install so what does that mean and what should I do and WHY is what we want to know.

Really apprciate your help and great that things have just started to gop wrong straight away so we can get down to fixing this. Now I hope I will be believed that I am having problems.


Is there any way to get an email sent to me when a post has been replied to?

Regards

Dave

 

Worlcityzen, I have replied to your PM, Would you please post the items as requested by me so that we can have a deeper look

Thanks. Pilli

 

OK Pilli. PG is installed but the driver wouldn't install. Here is the log followed by Asviewer. PS: I don't know why Agnitum and Port Explorer are still on the list as I uninstalled them along with PG yet they are still showing up on this new install of PG. Good luck.

Process Guard v2.000 Protection List
Date Saved: 13 May 2004 at 14:41:13

Total items in list:- 24

001 - c:\program files\processguard\procguard.exe
002 - c:\program files\processguard\dcsuserprot.exe
003 - c:\windows\system32\lsass.exe
004 - c:\windows\system32\services.exe
005 - c:\windows\system32\svchost.exe
006 - c:\windows\system32\winlogon.exe
007 - c:\windows\system32\smss.exe
008 - c:\windows\system32\csrss.exe
009 - c:\windows\system32\wbem\winmgmt.exe
010 - c:\windows\system32\wbem\wmiadap.exe
011 - c:\windows\system32\drwtsn32.exe
012 - c:\windows\explorer.exe
013 - c:\program files\internet explorer\iexplore.exe
014 - c:\program files\outlook express\msimn.exe
015 - c:\wormguard\wguard.exe
016 - c:\program files\webroot\spy sweeper\spysweeper.exe
017 - c:\program files\webroot\spy sweeper\ndn01.exe
018 - c:\program files\webroot\spy sweeper\bt01.exe
019 - c:\program files\agnitum\outpost firewall\outpost.exe
020 - c:\program files\tds3\tds-3.exe
021 - c:\program files\port explorer\portexplorer.exe
022 - c:\program files\eset\nod32kui.exe
023 - c:\program files\eset\nod32krn.exe
024 - c:\program files\eset\nod32.exe

---001-----------------------------------------------
Long Path :- c:\program files\processguard\procguard.exe
Short Path :- c:\progra~1\proces~1\procgu~1.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- Allow Global Hooks


---002-----------------------------------------------
Long Path :- c:\program files\processguard\dcsuserprot.exe
Short Path :- c:\progra~1\proces~1\dcsuse~1.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- None


---003-----------------------------------------------
Long Path :- c:\windows\system32\lsass.exe
Short Path :- c:\windows\system32\lsass.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- None


---004-----------------------------------------------
Long Path :- c:\windows\system32\services.exe
Short Path :- c:\windows\system32\services.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- None


---005-----------------------------------------------
Long Path :- c:\windows\system32\svchost.exe
Short Path :- c:\windows\system32\svchost.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- None


---006-----------------------------------------------
Long Path :- c:\windows\system32\winlogon.exe
Short Path :- c:\windows\system32\winlogon.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- None


---007-----------------------------------------------
Long Path :- c:\windows\system32\smss.exe
Short Path :- c:\windows\system32\smss.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- None


---008-----------------------------------------------
Long Path :- c:\windows\system32\csrss.exe
Short Path :- c:\windows\system32\csrss.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- None


---009-----------------------------------------------
Long Path :- c:\windows\system32\wbem\winmgmt.exe
Short Path :- c:\windows\system32\wbem\winmgmt.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- None


---010-----------------------------------------------
Long Path :- c:\windows\system32\wbem\wmiadap.exe
Short Path :- c:\windows\system32\wbem\wmiadap.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- None


---011-----------------------------------------------
Long Path :- c:\windows\system32\drwtsn32.exe
Short Path :- c:\windows\system32\drwtsn32.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- None


---012-----------------------------------------------
Long Path :- c:\windows\explorer.exe
Short Path :- c:\windows\explorer.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
Option Flags :- Allow Global Hooks


---013-----------------------------------------------
Long Path :- c:\program files\internet explorer\iexplore.exe
Short Path :- c:\progra~1\intern~1\iexplore.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- Allow Global Hooks


---014-----------------------------------------------
Long Path :- c:\program files\outlook express\msimn.exe
Short Path :- c:\progra~1\outloo~1\msimn.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- Allow Global Hooks


---015-----------------------------------------------
Long Path :- c:\wormguard\wguard.exe
Short Path :- c:\wormgu~1\wguard.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- None


---016-----------------------------------------------
Long Path :- c:\program files\webroot\spy sweeper\spysweeper.exe
Short Path :- c:\progra~1\webroot\spyswe~1\spyswe~1.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- None


---017-----------------------------------------------
Long Path :- c:\program files\webroot\spy sweeper\ndn01.exe
Short Path :- c:\progra~1\webroot\spyswe~1\ndn01.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- None


---018-----------------------------------------------
Long Path :- c:\program files\webroot\spy sweeper\bt01.exe
Short Path :- c:\progra~1\webroot\spyswe~1\bt01.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- None


---019-----------------------------------------------
Long Path :- c:\program files\agnitum\outpost firewall\outpost.exe
Short Path :- c:\progra~1\agnitum\outpos~1\outpost.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- None


---020-----------------------------------------------
Long Path :- c:\program files\tds3\tds-3.exe
Short Path :- c:\progra~1\tds3\tds-3.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- None


---021-----------------------------------------------
Long Path :- c:\program files\port explorer\portexplorer.exe
Short Path :- c:\progra~1\portex~1\portex~1.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- None


---022-----------------------------------------------
Long Path :- c:\program files\eset\nod32kui.exe
Short Path :- c:\progra~1\eset\nod32kui.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- None


---023-----------------------------------------------
Long Path :- c:\program files\eset\nod32krn.exe
Short Path :- c:\progra~1\eset\nod32krn.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- None


---024-----------------------------------------------
Long Path :- c:\program files\eset\nod32.exe
Short Path :- c:\progra~1\eset\nod32.exe
Blocked Flags :- Write,Terminate,Suspend,SetInfo
Allow Flags :- None
Option Flags :- None


DiamondCS Autostart Viewer (www.diamondcs.com.au) - Report for David@WORLDCITIZEN, 05-13-2004
c:\windows\system32\autoexec.nt
C:\WINDOWS\system32\mscdexnt.exe
C:\WINDOWS\system32\redir.exe
C:\WINDOWS\system32\dosx.exe
c:\windows\system32\config.nt
C:\WINDOWS\system32\himem.sys
c:\windows\system.ini [drivers]
timer=timer.drv
c:\windows\system.ini [boot]\shell
C:\WINDOWS\Explorer.exe
c:\windows\system.ini [boot]\scrnsave.exe
C:\WINDOWS\System32\logon.scr
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
C:\WINDOWS\Explorer.exe
HKCU\Control Panel\Desktop\scrnsave.exe
C:\WINDOWS\System32\logon.scr
HKCR\vbsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\vbefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\jsefile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wshfile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKCR\wsffile\shell\open\command\
C:\WINDOWS\System32\WScript.exe "%1" %*
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Acronis*True*Image Monitor
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Acronis Scheduler2 Service
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\nod32kui
C:\Program Files\Eset\nod32kui.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\TkBellExe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MailShieldDesktop
C:\Program Files\MailShieldDesktop\mailshield.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\system32\SHELL32.dll
C:\WINDOWS\System32\webcheck.dll
C:\WINDOWS\System32\stobject.dll
C:\WINDOWS\Tasks\Scheduled Snapshot.job
C:\CPRSuite\ConfigSafe\SCHWIZEX.EXE
C:\Documents and Settings\David\Start Menu\Programs\Startup\Process Guard.lnk
C:\Program Files\ProcessGuard\procguard.exe
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
HKLM\System\CurrentControlSet\Control\WOW\cmdline
C:\WINDOWS\system32\ntvdm.exe
HKLM\System\CurrentControlSet\Control\WOW\wowcmdline
C:\WINDOWS\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\
C:\WINDOWS\system32\imon.dll
C:\WINDOWS\system32\mswsock.dll
C:\WINDOWS\system32\rsvpsp.dll
HKLM\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\
C:\WINDOWS\inf\unregmp2.exe /ShowWMP
HKLM\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\
C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
HKLM\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\
RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
HKLM\Software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\
C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
HKLM\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\
C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
HKLM\Software\Microsoft\Active Setup\Installed Components\{306D6C21-C1B6-4629-986C-E59E1875B8AF}\
C:\WINDOWS\System32\rundll32.exe
HKLM\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\
%ProgramFiles%\Outlook Express\setup50.exe
HKLM\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\
rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
HKLM\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\
rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
HKLM\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\
rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
HKLM\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}\
%ProgramFiles%\Outlook Express\setup50.exe
HKLM\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\
regsvr32.exe /s /n /i:U shell32.dll
HKLM\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\
C:\WINDOWS\system32\ie4uinit.exe
HKLM\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\
C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install
HKLM\System\CurrentControlSet\Services\VxD\JAVASUP\
C:\WINDOWS\system32\JAVASUP.VXD
HKLM\System\CurrentControlSet\Services\AcrSch2Svc\
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
HKLM\System\CurrentControlSet\Services\AFD\
C:\WINDOWS\System32\drivers\afd.sys
HKLM\System\CurrentControlSet\Services\AMON\
\??\C:\WINDOWS\System32\drivers\amon.sys
HKLM\System\CurrentControlSet\Services\Ati HotKey Poller\
C:\WINDOWS\System32\Ati2evxx.exe
HKLM\System\CurrentControlSet\Services\ATI Smart\
C:\WINDOWS\system32\ati2sgag.exe
HKLM\System\CurrentControlSet\Services\AudioSrv\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\Browser\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\CryptSvc\
C:\WINDOWS\system32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\DCSUserProt\
C:\Program Files\ProcessGuard\dcsuserprot.exe
HKLM\System\CurrentControlSet\Services\Dhcp\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\Diskeeper\
C:\Program Files\Executive Software\Diskeeper\DkService.exe
HKLM\System\CurrentControlSet\Services\Dnscache\
C:\WINDOWS\System32\svchost.exe -k NetworkService
HKLM\System\CurrentControlSet\Services\EIO\
\??\C:\WINDOWS\system32\drivers\EIO.sys
HKLM\System\CurrentControlSet\Services\ERSvc\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\Eventlog\
C:\WINDOWS\system32\services.exe
HKLM\System\CurrentControlSet\Services\helpsvc\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\lanmanserver\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\lanmanworkstation\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\LmHosts\
C:\WINDOWS\System32\svchost.exe -k LocalService
HKLM\System\CurrentControlSet\Services\Messenger\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\NOD32krn\
C:\Program Files\Eset\nod32krn.exe
HKLM\System\CurrentControlSet\Services\PlugPlay\
C:\WINDOWS\system32\services.exe
HKLM\System\CurrentControlSet\Services\PolicyAgent\
C:\WINDOWS\System32\lsass.exe
HKLM\System\CurrentControlSet\Services\ProtectedStorage\
C:\WINDOWS\system32\lsass.exe
HKLM\System\CurrentControlSet\Services\RpcSs\
C:\WINDOWS\system32\svchost -k rpcss
HKLM\System\CurrentControlSet\Services\SamSs\
C:\WINDOWS\system32\lsass.exe
HKLM\System\CurrentControlSet\Services\Schedule\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\seclogon\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\SENS\
C:\WINDOWS\system32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\SharedAccess\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\ShellHWDetection\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\Spooler\
C:\WINDOWS\system32\spoolsv.exe
HKLM\System\CurrentControlSet\Services\srservice\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\SVKP\
\??\C:\WINDOWS\System32\SVKP.sys
HKLM\System\CurrentControlSet\Services\Themes\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\tifsfilter\
C:\WINDOWS\System32\DRIVERS\tifsfilt.sys
HKLM\System\CurrentControlSet\Services\TrkWks\
C:\WINDOWS\system32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\uploadmgr\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\W32Time\
C:\WINDOWS\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\WebClient\
C:\WINDOWS\System32\svchost.exe -k LocalService
HKLM\System\CurrentControlSet\Services\winmgmt\
C:\WINDOWS\system32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\wuauserv\
C:\WINDOWS\system32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\WZCSVC\
C:\WINDOWS\System32\svchost.exe -k netsvcs

 

Hi Pilli,

How's it going? Gavin asked me to contact him and I went through uninstalling PG manually and re-installing it again. It is up and working for now. This is when the problems usually start. He also got me to clean out the Windows Prefetch folder.

Now, my question is this? I have NOD 32 and XP Firewall running. I have registered ALL of DCS programs so should I install them or could they conflict with PG?



Dave

 

Install TDS-3 and Port Explorer, no problems with having them on
Wormguard.. maybe wait. You have one of THE best antivirus programs there, and NOD32 heuristics are good. We recall you had some problems with your mail client so it might pay to hold on for a bit

 

Nothing strikes me as wrong in your AS viewer text but I would prefer an expert opinion to be certain

You have Outpost and the XP firewall running which may not be a good thing though I doubt it would effect Process Guard.

One program I would temporally remove from your protected list would be WormGuard it may be OK but does cause a problem for some.

If you have TDS3 to automatically start at boot up I would set it to manual after boot up

You do not need NOD32.exe in your list though the other two are OK.

On Outpost you could add - Options - Close message Handling and give it the first four allows

Spysweeper I do not have a clue :O

Do a google search for BootViz, this may help with any boot up problems if you have a lot of programmes booting at start up or if you can manually start them after boot but not Your AV or firewall

 

Hi Pilli,

I only decided to install Wormguard this once for extra protection and run Incredimail manually but I was having the problems with PG without WG so it' s not an issue I don't think. I uninstalled WG anyway - looking forward to WG 4.

I followed Gavin's instructions and re-installed PG and so far OK. One thing though I did today was that I ran a sfc /scannow because I think I deleted a wrong file. There was a file called pcguard. Anyway my XP Sp1 cd checked that all Windows files were intact and so far no problems.

I turned off 'AGP Fastwrites' because I always have it on & there are many debates amongst enthusiasts that it causes system instability. I think I had it on when PG got corrupted but the missing tabs issue could be a graphics issue so I turned it off for that. So far tabs that before were blank have had tabs but it's too early to say. It's still a good chance that fastwrites could cause problems with the tabs. ATI said it should be turned on with 9600 XT cards until they made a fix for it &I heard recently that they have fixed that so I don't know if it's the latest drivers but it is always turned on by default by the driver package.

With the driver corruption we're looking at either having too many applications competing for log on time or/and not waiting long enough at the log on screen to allow drivers to load before logging in.

No problems so far touch wood. So if PG can work on my machine for 1 day then why not forever? This time I'm ready and will keep an eye out if the driver gets corrupted again as it always does. The sfc /scannow cd check is a good idea because sometimes Windows files get corrupted and corrupts other things.

I updated to the latest Catalyst 4.5 drivers which came out today and at login I got a yellow alert that the file ati... had changed but THIS TIME the tabs were there. Last time that happened there were no tabs and my Graphics card worked in slow motion and I had to use True Image to restore an image file. Also rphelper a Real Player file always gave blank tabs but today the tabs were there so it's either 1 of the programs I have uninstalled, fastwrites turned off or that the System Files, if there were any corrupted, were fixed by running the sfc /scannow cd check. UNLESS something goes wrong in the meantime.

It could also be something else and is deliberately hiding because you and I are watching and will pop up when it thinks it can get away wihtout being detected (Gremlin) LOL

All of you have been terrific and at least I know that there's help if something goes wrong but isn't PG just great? Some sites I visited used to put 20 links in my favourites folder and install browser stuff that ruined the Google Toolbar but with PG I have tested it visiting those same sites and they couldn't do a thing.

This may be a fairy tale but after I 1st installed PG I noticed spam was about 80% less and the same today but it couldn't do that could it?? yet I know how much spam I get and with PG I hardly get any. It's really true I only get very small amounts so it either stops spammers from infiltrating my system to get my email address or something else but I only got about 3 spams today compared to 50.

I'll keep you informed so have a nice day everyone and thanks again.

Best Regards

Dave

 

Glad to here it is OK so far - Fingers crossed

When you add any programs to the protection list do it slowly and watch the logs, this way you can adjust each app's allows to minimise the amount of logging. When doing major updates after downloading go off line and disable PG protection whislt you do the install - remember to switch it back on again afterwards

 

Problems have begun. I tried to install an upgrade patch to Power DVD and I got black tabs so I had to use ALT-F4. I turned off the protection then installed the patch and then turned the protection back on. Again the tabs appeared saying the application had changed but they were black so I could not run Power DVD or give it permission to run so what do I do now turn off protection for good?

Also other applications I tried to run got black tabs too and I couldn't run them without turning off protection.

How do I post the full log file because I can'r seem to scroll down to copy the complete log file of PG

Thanks for any help.

See, I told you it would start after a few days and without me doing anything problems have just begun for no reason.

Dave

 

I installed Power DVD from my account but was in my wife's account when I tried to install the update patch. (she was listening to Real Player) From then onwards I got black tabs in both my wife's and my account. PG no longer works properly anymore.

Dave

 

I just rebooted and at logon a pop up for Power dvd appeared WITH the tabs. I don't know id it's the grpahics drivers because I've had this problem with ALL version of the drivers I've used. Agnitum used to cause problems with HT but they were able to fix the problem so I can use Agnitum now.

PG seems to be working again after rebooting so maybe it was something temporary. But I still say it's a bug or deficiency in the program because all my other programs work with HT.

Anyway we'll see what happens now. Something caused PG to lose stability. Actually it said in the log that Process guard's protection was disabled yet I had it ticked and pop ups were appearing. After rebooting it loaded ok again??

Confused immensely.

Dave

 

This is one of my reasons for thinking the hard drive could be having errors, not enough to cause problems. Maybe 1 bad sector right where PGUARD.DAT is sitting. Maybe a sector which can USUALLY hold data, but sometimes fails. The PG driver reads the data off the disk to show whether protection is enabled or not, it can't just turn itself off. Hoping my last email helps, but good to see that the problem can be worked around so far !

 

I just went into my wife's accouont and tried to open user accounts and got black tabs. The I went back to my account and the black tabs had returned.

17 May 22:31:03 - [EXECUTION] c:\windows\system32\mshta.exe with commandline mshta.exe "res://c:\windows\system32\nusrmgr.cpl/nusrmgr.hta" was BLOCKED from running
17 May 22:31:03 - [EXECUTION] c:\windows\system32\rundll32.exe with commandline "c:\windows\system32\rundll32.exe" shell32.dll,control_rundll "c:\windows\system32\joy.cpl",game controllers was ALLOWED to run
17 May 22:31:03 - [EXECUTION] c:\windows\system32\rundll32.exe with commandline "c:\windows\system32\rundll32.exe" shell32.dll,control_rundll nusrmgr.cpl was ALLOWED to run
17 May 22:31:03 - [EXECUTION] c:\windows\system32\mshta.exe with commandline mshta.exe "res://c:\windows\system32\nusrmgr.cpl/nusrmgr.hta" was BLOCKED from running

I'll reboot and we'll see if it's working again.

Dave

 

I just rebooted, went into my account and tried to access user accounts and the tabs are back.

I'll go into my wife's account right now and see if it works there.

Dave

 

Just went into my wife's account and tried to install regcleaner as user accounts had already been granted permission. Again black tabs. Returned to my account and tried to install reg cleaner and again black tabs in my acount.

I bet a reboot will fix it.

Do we see a pattern here

Please HELP

Dave