It has happend a couple of times that when I reboot my computer PG complains (in processguard status) that pgaccount.exe is not running. But I can see in administrative tools/service that pg service has in fact started, but processguard still complains. If I look in taskmanager there is no pgaccount.exe started. But still PG protects me, ie it blocks and asks for confirmation for new programs that are started and it blocks driver installations. I can also manually kill pgaccount.exe in taskmanager (after giving it rights to kill protected processes) but PG still is doing its job. Is this a bug or doesnt pgaccount.exe need to be loaded? It seems a bit odd, but a good oddity, that way malware can kill pgaccount.exe without killing my protection I´m just a bit curious. Even if I manually doubleclick on pgaccount.exe in the pg folder and it shows up in taskmanager as a process, processguard wont recognize that pgaccount has started. I have to reboot to get processguard status to recognize that pgaccount is running. *edit* I did not have to reboot, I had to close and open the GUI two times then it showed the running status for pgaccount.exe. Otherwise I have no problems with this beta (if one can call this a problem
Hi, The SERVICE in Admin Tools > Services is not PGAccount (that is DCSUserProt). PGAccount is only for execution prompts, and loads from the "all users run" registry. Any (and every) user who logs in should have this file running. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 1) Do you have an entry there to start pgaccount.exe ? 2) Are you running ProcessGuard manually, or is it starting automatically ? (meaning you are logging into the account which installed PG)
This behaviour seems to be no different from previous versions of PG and I see it also (when logged in as a non-admin user). It would be nice to see this resolved, and even nicer to be able to run ProcGuard as a normal user, not an administrator.
Thanks for your reply. 1. Yes I have that entry. 2. Processguard starts automatically. I have rebooted several times but cant seem to reproduce the "problem". Maybe it has something to do with a crash I had (not PG related as far as I know) after that crash I had to, in PG, allow all previously allowed programs to execute again. I didnt know this. For a second I doubted my self, but I am sure that PG prompted for confirmation to execute programs not previously allowed when pgaccount.exe was not running!? Strange.... But maybe I somehow missed pgaccount.exe in the process list, even tho I checked in taskmanager and process explorer (sysinternals.com) several times. Ah..well I will monitor this to see if it happens again.
I didn`t have a crash but when I rebooted this morning I had to add several programs again to PG`s list. Could that be a small bug Wayne? (WinXP sp2)
The installer currently deletes your protection list ON INSTALL (not when uninstalling) so that old versions cannot cause a conflict We might remove this delete option now, or put it in the uninstall. I am thinking the best way is on UNINSTALL you get a message "do you want to keep your settings". This configuration file was deleted on install due to format changes between versions 2 and 3, and in some of the early 3.x versions. The configuration was deleted for compatibility reasons.
This sort of information would be really useful to mention in a release notes readme file. I actually copied the pguard/pghash files from 3.150 and found myself unable to log in, since for some reason PG withdrew modification rights from lsass.exe (preventing it from then modifying winlogon.exe). Giving lsass modify rights resolved that issue (I'm allergic to Learning mode since it is too time-consuming and not paranoid enough...).