Log File

Discussion in 'Ghost Security Suite (GSS)' started by G1111, Jul 20, 2005.

Thread Status:
Not open for further replies.
  1. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    I have some questions about the log file that was generated as to what theses entries mean and how to correct. I am attaching a copy of the log. Thanks for any assistance.
     

    Attached Files:

  2. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Hey G1111,

    To further assist....would you mind doing me a favor and uploading the Tony[1].ghst file as an attachment to a post. In order to accomplish that request....Please change the .ghst file extension to .txt so that it will be allowed as an attachment.

    In case it is worth noting....according to my backups of all ghst files made public in this forum....those do not appear to be rules contained in any of what I'll refer to as TonyKliens previous ghst files :doubt:
     
  3. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Thnaks Bubba. Attached is the Tony Klein Ghost file I am using. I believe it is the latest.
     

    Attached Files:

  4. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Bubba - To try and fix the problem I gave svchost.exe and vsmon.exe Application Permission Overrive in the Tony Klein Ghost File group. I don't have this everytime I boot up so it is hard to pin down. This morning there was no log created. I am also running PrcocessGuard so it somehow could be tied to the permissions in that program.
     
  5. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    You beat me to the punch :eek:
    I was going to ask about those Application Permission Override entries. In any case....I'll offer what I can in an explanation....but for now....duty calls :(

    Edit
    If you don't mind and narrow it down even further....would you Please either show a pic of the missing Key column in your log....or post whether it's logging due to the Local_Machine or Current_User hive rule created. Also....which particular sub-key in those respective hives shown in the missing Key column ?
     

    Attached Files:

    Last edited: Jul 22, 2005
  6. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Edit
    If you don't mind and narrow it down even further....would you Please either show a pic of the missing Key column in your log....or post whether it's logging due to the Local_Machine or Current_User hive rule created. Also....which particular sub-key in those respective hives shown in the missing Key column ?[/QUOTE]
     

    Attached Files:

    Last edited by a moderator: Jul 22, 2005
  7. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    I'm attempting to duplicate this....but I am unsuccesfull at the moment :doubt:

    Before wasting to much of your time....I would definetly look at that thought closely.
     
  8. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    It is not every time I boot and I have been trying different permissions in PG. Anyhow, did numerous scans (also in safe mode). No indication of infection.
    Anyhow, any thoughts would be appreciated.
     
Thread Status:
Not open for further replies.