Disappointed With Process Guard's Many Bugs

Discussion in 'ProcessGuard' started by worldcitizen, May 12, 2004.

Thread Status:
Not open for further replies.
  1. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Hi Everyone,

    I bought Process Guard ( have the whole set now!!) :D a few weeks ago and have installed it on a new PC and it never works properly. :oops: It is full of bugs :oops: and I am waiting a while for a fix. o_O I was advised to come to the forum but I am not happy about that advice because I read a post the other day where someone had come to the forum with a LEGITIMATE problem and was sincere yet was accused of DCS bashing - obviously by a DCS fanatic who can't accept that DCS aren't GOD. :(

    So I kindly request that only people who have some maturity and understanding reply to this post as I don't want to get into a fight or slanging match. All I want is for the product I paid for to work properly so PLEASE DON'T ACCUSE ME OF DCS BASHING BECAUSE I AM NOT DOING THAT :mad: . I just have problems and nobody, not even DCS seem to be able or willing to help.

    I paid for the product and my problems are:

    1. Tabs on pop-ups sometimes disappear or are black & purple and unclickable & I either have to do an ALT-F4 or reboot. I reported this problem about 6 weeks ago but no fix yet. :oops:

    2. Many times Process Guard just loads 'turned off' (with a cross on the icon). I never used to worry about this but now I checked the log file it says both steps failed. Now this has happened ever since I bought the program but I used to just turn it on again thinking that it was nothing much but actually the driver has failed :mad: etc.

    3. My PC is brand new. My video card is brand new. PC has had a routine check by a techician and passed with flying colours so please don't blame my PC.

    4. I have no system crashes. No other problems with any other software on my PC EXCEPT Process Guard.

    5. Intel Pentium 4 2.6C with Hyper-Threading, 1 GIG Ram, ASUS ATI 9600 XT,
    Abit A17 motherboard with Uguru chip, Seagate 80 GB 7200rpm hard drive, Windows XP Home Edition SP1. PC purchased in February 2004.

    OK now I haven't got any experience and I'm firstly not happy about being referred to a forum for tech support when I paid for the product. DCS are paid computer programmers & know their product better than anyone else and I have had problems being abused on this forum so I am very reluctant to come here because I feel very unwelcome. I used to come here and enjoy it until I noticed that one guy who referred TDS to other people and then some trojans got through posted and complained and was accused of DCS bashing. Some very immature people see any negative comments about DCS or their products as 'DCS bashing' and become very rude and discourteous to people who sincerely come to this forum seeking a solution to their problems.

    I just wish I was able to beta test this product because then the bugs could have been found BEFORE it was released. I don't like the idea of an unfinished product being released and then the company leaving it to the forum to take care of customers.Troubleshooting & programming software is what DCS are paid and trained for not the forum or myself.

    However IF I am treated with common courtesy then I will be more than happy to try any of your suggestions here but PLEASE don't misconstrue my intentions because it is not right when people are sincere and DCS IS in the wrong that people get all defensive and start making wild accusations of DCS bashing.

    I love all of DCS's programs but I'm impatient for them to work properly especially when I have paid for it and am really excited about PG but can't use it.

    Dave
     
  2. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Hi,

    PG really should work fine on your PC. Feb 2004 is however not "new" since you could have been infected with anything in a few months, and also the BIOS may have had an update by now. My first suggestion was to check video drivers and the BIOS version and upgrade these to the latest drivers. Can you tell us what version of video driver you have, and who the manufacturer is ? The ATI latest drivers are what you should install, NOT the default Microsoft driver which could be installed (or the MS driver on Windows Update)

    Please email me so we can go through a few things to check.. but for starters the AI7 (thats an i not the number 1) seems to be the board you have. The latest BIOS version is 1.6 released LATE Feb so I would assume you have 1.4 or lower which could influence it. HOWEVER, the BIOS version is less likely to be the problem, most likely would be a video driver.

    Please remember we cannot reproduce this on any of our systems here, nor can any of the beta testers. I felt and still do feel it is something to do with your setup for that exact reason - I could replicate the problem on an older machine with old drivers and ended up fixing it, and yes PG was the ONLY thing which showed up the system instability. I think its likely that other things such as a 3D game could have showed up the instability too, but I hadn't tried that. I cannot replicate the problem again on that system, after weeks, so I count that as fixed :)
     
  3. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Of course you are MOST welcome here, as is everyone ! Please email us again though, so we can get back to trying to track down your specific problem
     
  4. Wayne - DiamondCS

    Wayne - DiamondCS Security Expert

    Joined:
    Jul 19, 2002
    Posts:
    1,533
    Location:
    Perth, Oz
    Hi Worldcitizen,

    Thankyou for your feedback and report. Unfortunately, some people (but this is a very small minority) have experienced problems when using Process Guard, but the majority of people experience no problems at all, and what you refer to as "bugs" are almost certainly incompatibility issues rather than actual bugs, as bugs typically tend to affect everyone but the issues you're experiencing seem mostly isolated to your computer. It's also very possible that existing software on your system is causing the conflict(s) - low-level programs such as firewalls or anti-virus systems can often cause issues if they change the behaviour of the operating system.

    This is why we offer a FREE version of Process Guard so that people can try and use Process Guard (for an unlimited time) on their system to ensure that they like it, that it's compatible with their system, etc, and we always recommend that people try the free version first, then there's no chance of problems like this happening.

    Process Guard is a new type of security system - there is nothing like it in the world, and as such we've developed technologies that have never been used before, and that often use undocumented system functions in order to make Process Guard possible. The advantage of this is that it allows Process Guard to provide your system with unprecedented levels of security that you cannot otherwise achieve. The disadvantage is that it's very difficult for us to create such a program that works flawlessly on 100% of machines, the three main reasons being 1) everyone has different hardware, 2) everyone has different software installed on their system, and 3) it's impossible for us to test our software on all possible configurations of operating system and various installed software, but we've done everything we possibly can do to make the program as stable and compatible as possible - that's in everyones best interests (yours as a customer, and ours as the developer), so I assure you it is something we spend a lot of time on, but I hope you can understand why it is impossible to create driver-based programs that are 100% stable and compatible on 100% of systems.

    A new build of Process Guard isn't too far away, if you could please email techsupport@diamondcs.com.au with 1) a list of problems you experience (and when you experience them, how to invoke the problem, etc), 2) your hardware specs, and 3) a list of installed programs, services and drivers, that'll help us in being able to isolate what might be happening on your particular system and hopefully then with any luck we'll be able to get you a build that sits happily on your system - fingers crossed! :)

    Best regards,
    Wayne
     
  5. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    Hi WorldCitizen

    Welcome, and sorry if someone here made you feel unwelcome. By coming to this forum, you can tap not only the DCS folks, but a lot of other users, and beta testers who can help. Believe me I understand your frustration, as I had problems with an earlier version. One question, I have is how comfortable are you with changing bios settings, like for example turning on/off hyperthreading?? Also if you'd like send me a private message with your E-Mail, and I might be able to help you at least see if you can isolate the problem for Jason.

    Pete
     
  6. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Thanks very much everyone!

    I really LOVE this program because I noticed many benefits. Jason said the problems with the tabs had been reported by some users and he was working on a fix. The other problem seems to be cloaking itself. I would install PG and everything would be fine. Then after a day or 2 I noticed PG had a cross in the icon on start-up. This happened each time after I had installed PG but I used to just turn it back on thinking it failed to load properly at start up until yesterday I checked the log file and it said it had failed the two steps and that the driver was either not installed correctly or corrupted.

    As to the bios version - I always update my mobo bios and so I have the latest which is version 16 and the latest ATI drivers which are the catalyist 4.4 so I'm covered there. XP Home Edition is installed with SP1.

    So what I have done now is uninstall all security software. I have only NOD 32 and XP Firewall running.

    1. I think this time all I can do is install PG and WAIT and when the driver gets corrupted or it turns off then what exact info should I post or sendo_O?. I always make the error of getting frustrated and uninstalling without keeping the logs or making a note so I'll do that this time. So I'll install PG now and read your posts again.

    The biggest problem with Process guard is that it's the kind of program that people will fight over - it's that good - and so I just MUST have it and what really upsets me is I buy a new PC and the one program that I really like keeps getting corrupted but usually only after a few days using it. So it does work effectively for a while until SOMETHING attacks and disables PG and corrupts it's driver. Could it have been that I put it back into learning mode and forgot to turn learning mode off so the driver got corrupted? I had turned learning mode on because I was installing something. Also I ticked the dll and driver protection - was that right?

    As to 3D games. I play SpellForce for 8 hours on end and it recommends a machine with 1.8 ghz and 1 gb ram and I have no crashes in such an intensive game so my video card is working just fine. As to my PC being infected. I install a fresh copy of Windows occasionally and I just did this a few days ago and did a full format and had a clean machine.

    Where the situation stands now is it seems to be that something is corrupting the PG driver so I'll install it and wait and see what happens.
    The other problem here is that I have all new hardware and some of the stuff on this PC is new to me - new drivers, new configurations and it's quite complicated. I have so many drivers to install and set-up now. I've got a Realtec Lan Connection which always shows up in my connections but I don't know what to use it for so I didn't install the drivers and turned it off. Also I have a 1394 Net Adaptor and haven't got a clue what that's for so I disabled it always. Things like this could be a problem if I am disabling things that should be on but I don't think I need these devices.

    I REALLY APPRECIATE your help and understanding and I really feel good about the forum again. I though you were all going to get mad at me for getting frustrated so I'm sorry but it's all because I really like PG and want to have it as a permanent fixture on my PC.

    Regards

    Dave
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    Hi Dave

    Understand the frustration. When we were working an older version, I just went from crash to crash. I ended up keeping a very detailed log, so I could remember what was going on. You might try that, so as to give Jason an idea of what was happening, when you had a problem. I tried lots of things, like turning the Hyper threading off and on, powermanagement off and on, etc. PG is really state of the art, and we all really wanted it and want it yesterday. Hang in there, and keep us posted.

    Pete
     
  8. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    OK Peter. I had uninstalled it the other day but today when I tried to install it I got a pop up message that it could not install the driver. Currently it is in learning mode but if the driver is not installed then am I protected or not? This is not clear because it's acting as if it's protecting me and I wouldn't have a clue whether a missing driver would stop that protection. So for the average user something needs to be included ot PG must refuse to work entirely if something goes wrong otherwise users will just think everything is fine until they get their security is breached. There is no communication here in 'my language telling me to re-install PG or that it is malfunctioning'

    Here is the log:

    Welcome to DiamondCS Process Guard.
    This program does not need to be running for your system to be protected.

    13 May 13:57:53 - Window Log Started
    13 May 13:57:53 - Initializing Process Guard over 2 steps. If either step fails some protection may not be active.
    13 May 13:57:54 - [1 of 2] Failure: Driver is not correctly installed or active.
    13 May 13:57:54 - [2 of 2] Success: Process Guard's Protection is currently Enabled.
    13 May 13:57:54 - General Protection Options
    13 May 13:57:54 - [1 of 4] Block End-Task is disabled.
    13 May 13:57:54 - [2 of 4] Block Appinit registry key is disabled.
    13 May 13:57:54 - [3 of 4] Block Drivers/Services is disabled.
    13 May 13:57:54 - [4 of 4] Block Global Hooks is disabled.

    The driver didn't install so what does that mean and what should I do and WHY is what we want to know.

    Really apprciate your help and great that things have just started to gop wrong straight away so we can get down to fixing this. Now I hope I will be believed that I am having problems.


    Is there any way to get an email sent to me when a post has been replied to?

    Regards

    Dave
     
  9. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Worlcityzen, I have replied to your PM, Would you please post the items as requested by me so that we can have a deeper look :)

    Thanks. Pilli
     
  10. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    OK Pilli. PG is installed but the driver wouldn't install. Here is the log followed by Asviewer. PS: I don't know why Agnitum and Port Explorer are still on the list as I uninstalled them along with PG yet they are still showing up on this new install of PG. Good luck.

    Process Guard v2.000 Protection List
    Date Saved: 13 May 2004 at 14:41:13

    Total items in list:- 24

    001 - c:\program files\processguard\procguard.exe
    002 - c:\program files\processguard\dcsuserprot.exe
    003 - c:\windows\system32\lsass.exe
    004 - c:\windows\system32\services.exe
    005 - c:\windows\system32\svchost.exe
    006 - c:\windows\system32\winlogon.exe
    007 - c:\windows\system32\smss.exe
    008 - c:\windows\system32\csrss.exe
    009 - c:\windows\system32\wbem\winmgmt.exe
    010 - c:\windows\system32\wbem\wmiadap.exe
    011 - c:\windows\system32\drwtsn32.exe
    012 - c:\windows\explorer.exe
    013 - c:\program files\internet explorer\iexplore.exe
    014 - c:\program files\outlook express\msimn.exe
    015 - c:\wormguard\wguard.exe
    016 - c:\program files\webroot\spy sweeper\spysweeper.exe
    017 - c:\program files\webroot\spy sweeper\ndn01.exe
    018 - c:\program files\webroot\spy sweeper\bt01.exe
    019 - c:\program files\agnitum\outpost firewall\outpost.exe
    020 - c:\program files\tds3\tds-3.exe
    021 - c:\program files\port explorer\portexplorer.exe
    022 - c:\program files\eset\nod32kui.exe
    023 - c:\program files\eset\nod32krn.exe
    024 - c:\program files\eset\nod32.exe

    ---001-----------------------------------------------
    Long Path :- c:\program files\processguard\procguard.exe
    Short Path :- c:\progra~1\proces~1\procgu~1.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- Allow Global Hooks


    ---002-----------------------------------------------
    Long Path :- c:\program files\processguard\dcsuserprot.exe
    Short Path :- c:\progra~1\proces~1\dcsuse~1.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---003-----------------------------------------------
    Long Path :- c:\windows\system32\lsass.exe
    Short Path :- c:\windows\system32\lsass.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---004-----------------------------------------------
    Long Path :- c:\windows\system32\services.exe
    Short Path :- c:\windows\system32\services.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---005-----------------------------------------------
    Long Path :- c:\windows\system32\svchost.exe
    Short Path :- c:\windows\system32\svchost.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---006-----------------------------------------------
    Long Path :- c:\windows\system32\winlogon.exe
    Short Path :- c:\windows\system32\winlogon.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---007-----------------------------------------------
    Long Path :- c:\windows\system32\smss.exe
    Short Path :- c:\windows\system32\smss.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---008-----------------------------------------------
    Long Path :- c:\windows\system32\csrss.exe
    Short Path :- c:\windows\system32\csrss.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---009-----------------------------------------------
    Long Path :- c:\windows\system32\wbem\winmgmt.exe
    Short Path :- c:\windows\system32\wbem\winmgmt.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---010-----------------------------------------------
    Long Path :- c:\windows\system32\wbem\wmiadap.exe
    Short Path :- c:\windows\system32\wbem\wmiadap.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---011-----------------------------------------------
    Long Path :- c:\windows\system32\drwtsn32.exe
    Short Path :- c:\windows\system32\drwtsn32.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- None


    ---012-----------------------------------------------
    Long Path :- c:\windows\explorer.exe
    Short Path :- c:\windows\explorer.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- Read,Write,Terminate,Suspend,GetInfo,SetInfo
    Option Flags :- Allow Global Hooks


    ---013-----------------------------------------------
    Long Path :- c:\program files\internet explorer\iexplore.exe
    Short Path :- c:\progra~1\intern~1\iexplore.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- Allow Global Hooks


    ---014-----------------------------------------------
    Long Path :- c:\program files\outlook express\msimn.exe
    Short Path :- c:\progra~1\outloo~1\msimn.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- Allow Global Hooks


    ---015-----------------------------------------------
    Long Path :- c:\wormguard\wguard.exe
    Short Path :- c:\wormgu~1\wguard.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---016-----------------------------------------------
    Long Path :- c:\program files\webroot\spy sweeper\spysweeper.exe
    Short Path :- c:\progra~1\webroot\spyswe~1\spyswe~1.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---017-----------------------------------------------
    Long Path :- c:\program files\webroot\spy sweeper\ndn01.exe
    Short Path :- c:\progra~1\webroot\spyswe~1\ndn01.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---018-----------------------------------------------
    Long Path :- c:\program files\webroot\spy sweeper\bt01.exe
    Short Path :- c:\progra~1\webroot\spyswe~1\bt01.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---019-----------------------------------------------
    Long Path :- c:\program files\agnitum\outpost firewall\outpost.exe
    Short Path :- c:\progra~1\agnitum\outpos~1\outpost.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---020-----------------------------------------------
    Long Path :- c:\program files\tds3\tds-3.exe
    Short Path :- c:\progra~1\tds3\tds-3.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---021-----------------------------------------------
    Long Path :- c:\program files\port explorer\portexplorer.exe
    Short Path :- c:\progra~1\portex~1\portex~1.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---022-----------------------------------------------
    Long Path :- c:\program files\eset\nod32kui.exe
    Short Path :- c:\progra~1\eset\nod32kui.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---023-----------------------------------------------
    Long Path :- c:\program files\eset\nod32krn.exe
    Short Path :- c:\progra~1\eset\nod32krn.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    ---024-----------------------------------------------
    Long Path :- c:\program files\eset\nod32.exe
    Short Path :- c:\progra~1\eset\nod32.exe
    Blocked Flags :- Write,Terminate,Suspend,SetInfo
    Allow Flags :- None
    Option Flags :- None


    DiamondCS Autostart Viewer (www.diamondcs.com.au) - Report for David@WORLDCITIZEN, 05-13-2004
    c:\windows\system32\autoexec.nt
    C:\WINDOWS\system32\mscdexnt.exe
    C:\WINDOWS\system32\redir.exe
    C:\WINDOWS\system32\dosx.exe
    c:\windows\system32\config.nt
    C:\WINDOWS\system32\himem.sys
    c:\windows\system.ini [drivers]
    timer=timer.drv
    c:\windows\system.ini [boot]\shell
    C:\WINDOWS\Explorer.exe
    c:\windows\system.ini [boot]\scrnsave.exe
    C:\WINDOWS\System32\logon.scr
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
    C:\WINDOWS\Explorer.exe
    HKCU\Control Panel\Desktop\scrnsave.exe
    C:\WINDOWS\System32\logon.scr
    HKCR\vbsfile\shell\open\command\
    C:\WINDOWS\System32\WScript.exe "%1" %*
    HKCR\vbefile\shell\open\command\
    C:\WINDOWS\System32\WScript.exe "%1" %*
    HKCR\jsfile\shell\open\command\
    C:\WINDOWS\System32\WScript.exe "%1" %*
    HKCR\jsefile\shell\open\command\
    C:\WINDOWS\System32\WScript.exe "%1" %*
    HKCR\wshfile\shell\open\command\
    C:\WINDOWS\System32\WScript.exe "%1" %*
    HKCR\wsffile\shell\open\command\
    C:\WINDOWS\System32\WScript.exe "%1" %*
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Acronis*True*Image Monitor
    C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Acronis Scheduler2 Service
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\nod32kui
    C:\Program Files\Eset\nod32kui.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\TkBellExe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MailShieldDesktop
    C:\Program Files\MailShieldDesktop\mailshield.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
    C:\WINDOWS\system32\SHELL32.dll
    C:\WINDOWS\system32\SHELL32.dll
    C:\WINDOWS\System32\webcheck.dll
    C:\WINDOWS\System32\stobject.dll
    C:\WINDOWS\Tasks\Scheduled Snapshot.job
    C:\CPRSuite\ConfigSafe\SCHWIZEX.EXE
    C:\Documents and Settings\David\Start Menu\Programs\Startup\Process Guard.lnk
    C:\Program Files\ProcessGuard\procguard.exe
    HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
    autocheck autochk *
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
    C:\WINDOWS\system32\userinit.exe
    HKLM\System\CurrentControlSet\Control\WOW\cmdline
    C:\WINDOWS\system32\ntvdm.exe
    HKLM\System\CurrentControlSet\Control\WOW\wowcmdline
    C:\WINDOWS\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386
    HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\
    C:\WINDOWS\system32\imon.dll
    C:\WINDOWS\system32\mswsock.dll
    C:\WINDOWS\system32\rsvpsp.dll
    HKLM\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\
    C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    HKLM\Software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}\
    C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
    HKLM\Software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS\
    RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    HKLM\Software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\
    C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
    HKLM\Software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}\
    C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    HKLM\Software\Microsoft\Active Setup\Installed Components\{306D6C21-C1B6-4629-986C-E59E1875B8AF}\
    C:\WINDOWS\System32\rundll32.exe
    HKLM\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}\
    %ProgramFiles%\Outlook Express\setup50.exe
    HKLM\Software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}\
    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    HKLM\Software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}\
    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    HKLM\Software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\
    rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
    HKLM\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}\
    %ProgramFiles%\Outlook Express\setup50.exe
    HKLM\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}\
    regsvr32.exe /s /n /i:U shell32.dll
    HKLM\Software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\
    C:\WINDOWS\system32\ie4uinit.exe
    HKLM\Software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}\
    C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install
    HKLM\System\CurrentControlSet\Services\VxD\JAVASUP\
    C:\WINDOWS\system32\JAVASUP.VXD
    HKLM\System\CurrentControlSet\Services\AcrSch2Svc\
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    HKLM\System\CurrentControlSet\Services\AFD\
    C:\WINDOWS\System32\drivers\afd.sys
    HKLM\System\CurrentControlSet\Services\AMON\
    \??\C:\WINDOWS\System32\drivers\amon.sys
    HKLM\System\CurrentControlSet\Services\Ati HotKey Poller\
    C:\WINDOWS\System32\Ati2evxx.exe
    HKLM\System\CurrentControlSet\Services\ATI Smart\
    C:\WINDOWS\system32\ati2sgag.exe
    HKLM\System\CurrentControlSet\Services\AudioSrv\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\Browser\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\CryptSvc\
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\DCSUserProt\
    C:\Program Files\ProcessGuard\dcsuserprot.exe
    HKLM\System\CurrentControlSet\Services\Dhcp\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\Diskeeper\
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    HKLM\System\CurrentControlSet\Services\Dnscache\
    C:\WINDOWS\System32\svchost.exe -k NetworkService
    HKLM\System\CurrentControlSet\Services\EIO\
    \??\C:\WINDOWS\system32\drivers\EIO.sys
    HKLM\System\CurrentControlSet\Services\ERSvc\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\Eventlog\
    C:\WINDOWS\system32\services.exe
    HKLM\System\CurrentControlSet\Services\helpsvc\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\lanmanserver\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\lanmanworkstation\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\LmHosts\
    C:\WINDOWS\System32\svchost.exe -k LocalService
    HKLM\System\CurrentControlSet\Services\Messenger\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\NOD32krn\
    C:\Program Files\Eset\nod32krn.exe
    HKLM\System\CurrentControlSet\Services\PlugPlay\
    C:\WINDOWS\system32\services.exe
    HKLM\System\CurrentControlSet\Services\PolicyAgent\
    C:\WINDOWS\System32\lsass.exe
    HKLM\System\CurrentControlSet\Services\ProtectedStorage\
    C:\WINDOWS\system32\lsass.exe
    HKLM\System\CurrentControlSet\Services\RpcSs\
    C:\WINDOWS\system32\svchost -k rpcss
    HKLM\System\CurrentControlSet\Services\SamSs\
    C:\WINDOWS\system32\lsass.exe
    HKLM\System\CurrentControlSet\Services\Schedule\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\seclogon\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\SENS\
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\SharedAccess\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\ShellHWDetection\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\Spooler\
    C:\WINDOWS\system32\spoolsv.exe
    HKLM\System\CurrentControlSet\Services\srservice\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\SVKP\
    \??\C:\WINDOWS\System32\SVKP.sys
    HKLM\System\CurrentControlSet\Services\Themes\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\tifsfilter\
    C:\WINDOWS\System32\DRIVERS\tifsfilt.sys
    HKLM\System\CurrentControlSet\Services\TrkWks\
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\uploadmgr\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\W32Time\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\WebClient\
    C:\WINDOWS\System32\svchost.exe -k LocalService
    HKLM\System\CurrentControlSet\Services\winmgmt\
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\wuauserv\
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    HKLM\System\CurrentControlSet\Services\WZCSVC\
    C:\WINDOWS\System32\svchost.exe -k netsvcs
     
  11. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Hi Pilli,

    How's it going? Gavin asked me to contact him and I went through uninstalling PG manually and re-installing it again. It is up and working for now. This is when the problems usually start. He also got me to clean out the Windows Prefetch folder.

    Now, my question is this? I have NOD 32 and XP Firewall running. I have registered ALL of DCS programs so should I install them or could they conflict with PG?



    Dave
     
  12. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Install TDS-3 and Port Explorer, no problems with having them on :)
    Wormguard.. maybe wait. You have one of THE best antivirus programs there, and NOD32 heuristics are good. We recall you had some problems with your mail client so it might pay to hold on for a bit
     
  13. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Nothing strikes me as wrong in your AS viewer text but I would prefer an expert opinion to be certain :)

    You have Outpost and the XP firewall running which may not be a good thing though I doubt it would effect Process Guard.

    One program I would temporally remove from your protected list would be WormGuard it may be OK but does cause a problem for some.

    If you have TDS3 to automatically start at boot up I would set it to manual after boot up

    You do not need NOD32.exe in your list though the other two are OK.

    On Outpost you could add - Options - Close message Handling and give it the first four allows

    Spysweeper I do not have a clue :O

    Do a google search for BootViz, this may help with any boot up problems if you have a lot of programmes booting at start up or if you can manually start them after boot but not Your AV or firewall
     
  14. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    If you should have a reason to do another uninstall/reinstall of PG before you do try going into Wormguard, and remove the protection. Install PG, and get it working, and then install Wormguard's protection.

    See if this makes any difference. I know I run Zone Alarm, and when ever I do an update, If I forget the above step, the ZA install crashes.
     
  15. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Hi Pilli,

    I only decided to install Wormguard this once for extra protection and run Incredimail manually but I was having the problems with PG without WG so it' s not an issue I don't think. I uninstalled WG anyway - looking forward to WG 4.

    I followed Gavin's instructions and re-installed PG and so far OK. One thing though I did today was that I ran a sfc /scannow because I think I deleted a wrong file. There was a file called pcguard. Anyway my XP Sp1 cd checked that all Windows files were intact and so far no problems.

    I turned off 'AGP Fastwrites' because I always have it on & there are many debates amongst enthusiasts that it causes system instability. I think I had it on when PG got corrupted but the missing tabs issue could be a graphics issue so I turned it off for that. So far tabs that before were blank have had tabs but it's too early to say. It's still a good chance that fastwrites could cause problems with the tabs. ATI said it should be turned on with 9600 XT cards until they made a fix for it &I heard recently that they have fixed that so I don't know if it's the latest drivers but it is always turned on by default by the driver package.

    With the driver corruption we're looking at either having too many applications competing for log on time or/and not waiting long enough at the log on screen to allow drivers to load before logging in.

    No problems so far touch wood. So if PG can work on my machine for 1 day then why not forever? This time I'm ready and will keep an eye out if the driver gets corrupted again as it always does. The sfc /scannow cd check is a good idea because sometimes Windows files get corrupted and corrupts other things.

    I updated to the latest Catalyst 4.5 drivers which came out today and at login I got a yellow alert that the file ati... had changed but THIS TIME the tabs were there. Last time that happened there were no tabs and my Graphics card worked in slow motion and I had to use True Image to restore an image file. Also rphelper a Real Player file always gave blank tabs but today the tabs were there so it's either 1 of the programs I have uninstalled, fastwrites turned off or that the System Files, if there were any corrupted, were fixed by running the sfc /scannow cd check. UNLESS something goes wrong in the meantime.

    It could also be something else and is deliberately hiding because you and I are watching and will pop up when it thinks it can get away wihtout being detected (Gremlin) LOL

    All of you have been terrific and at least I know that there's help if something goes wrong but isn't PG just great? Some sites I visited used to put 20 links in my favourites folder and install browser stuff that ruined the Google Toolbar but with PG I have tested it visiting those same sites and they couldn't do a thing.

    This may be a fairy tale but after I 1st installed PG I noticed spam was about 80% less and the same today but it couldn't do that could it?? yet I know how much spam I get and with PG I hardly get any. It's really true I only get very small amounts so it either stops spammers from infiltrating my system to get my email address or something else but I only got about 3 spams today compared to 50.

    I'll keep you informed so have a nice day everyone and thanks again.

    Best Regards

    Dave
     
  16. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Glad to here it is OK so far - Fingers crossed :)

    When you add any programs to the protection list do it slowly and watch the logs, this way you can adjust each app's allows to minimise the amount of logging. When doing major updates after downloading go off line and disable PG protection whislt you do the install - remember to switch it back on again afterwards :)
     
  17. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    Hi Dave

    Glad things are heading in the right direction. We will all keep our fingers crossed. I do know how frustrating it can be. But you are certainly right that there is help here. You are also right PG is really a great program!!! :)
     
  18. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Problems have begun. I tried to install an upgrade patch to Power DVD and I got black tabs so I had to use ALT-F4. I turned off the protection then installed the patch and then turned the protection back on. Again the tabs appeared saying the application had changed but they were black so I could not run Power DVD or give it permission to run so what do I do now turn off protection for good?

    Also other applications I tried to run got black tabs too and I couldn't run them without turning off protection.

    How do I post the full log file because I can'r seem to scroll down to copy the complete log file of PGo_O

    Thanks for any help.

    See, I told you it would start after a few days and without me doing anything problems have just begun for no reason.

    Dave
     
  19. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    I installed Power DVD from my account but was in my wife's account when I tried to install the update patch. (she was listening to Real Player) From then onwards I got black tabs in both my wife's and my account. PG no longer works properly anymore.

    Dave
     
  20. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    I have seen several reports of problems with quite a few antivirus type programs and the lower rated HT chips

    From what I've seen the hyperthreading technology only sems to work well with the 3.2ghz & 3.06 chips it was originally designed for and on the 2.4, 2.6 & 2.8 chips it sometimes gives problems and clashes similar to what you are describing

    I am assuming it is something to do with the M$ chip drivers clashing with the Mobo drivers or similar

    It's interesting to note that your problems got worse when you updated your Graphics drivers and power dvd, that seems to back up this theory

    If you search in the NOD there are several threads relating to similar problems with HT technology
     
  21. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    I just rebooted and at logon a pop up for Power dvd appeared WITH the tabs. I don't know id it's the grpahics drivers because I've had this problem with ALL version of the drivers I've used. Agnitum used to cause problems with HT but they were able to fix the problem so I can use Agnitum now.

    PG seems to be working again after rebooting so maybe it was something temporary. But I still say it's a bug or deficiency in the program because all my other programs work with HT.

    Anyway we'll see what happens now. Something caused PG to lose stability. Actually it said in the log that Process guard's protection was disabled yet I had it ticked and pop ups were appearing. After rebooting it loaded ok again??

    Confused immensely.

    Dave
     
  22. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    This is one of my reasons for thinking the hard drive could be having errors, not enough to cause problems. Maybe 1 bad sector right where PGUARD.DAT is sitting. Maybe a sector which can USUALLY hold data, but sometimes fails. The PG driver reads the data off the disk to show whether protection is enabled or not, it can't just turn itself off. Hoping my last email helps, but good to see that the problem can be worked around so far !
     
  23. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    I just went into my wife's accouont and tried to open user accounts and got black tabs. The I went back to my account and the black tabs had returned.

    17 May 22:31:03 - [EXECUTION] c:\windows\system32\mshta.exe with commandline mshta.exe "res://c:\windows\system32\nusrmgr.cpl/nusrmgr.hta" was BLOCKED from running
    17 May 22:31:03 - [EXECUTION] c:\windows\system32\rundll32.exe with commandline "c:\windows\system32\rundll32.exe" shell32.dll,control_rundll "c:\windows\system32\joy.cpl",game controllers was ALLOWED to run
    17 May 22:31:03 - [EXECUTION] c:\windows\system32\rundll32.exe with commandline "c:\windows\system32\rundll32.exe" shell32.dll,control_rundll nusrmgr.cpl was ALLOWED to run
    17 May 22:31:03 - [EXECUTION] c:\windows\system32\mshta.exe with commandline mshta.exe "res://c:\windows\system32\nusrmgr.cpl/nusrmgr.hta" was BLOCKED from running

    I'll reboot and we'll see if it's working again.

    Dave
     
  24. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    I just rebooted, went into my account and tried to access user accounts and the tabs are back.

    I'll go into my wife's account right now and see if it works there.

    Dave
     
  25. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Just went into my wife's account and tried to install regcleaner as user accounts had already been granted permission. Again black tabs. Returned to my account and tried to install reg cleaner and again black tabs in my acount.

    I bet a reboot will fix it.

    Do we see a pattern hereo_Oo_O

    Please HELP

    Dave
     
Thread Status:
Not open for further replies.