PG V3.4B1- A Bug in PGAccount Activation

Discussion in 'ProcessGuard' started by siliconman01, Jun 14, 2006.

Thread Status:
Not open for further replies.
  1. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    Using Windows XP-SP2 HE on a Dell Dimension 8200.

    This problem/bug is something new with V3.4B1. It has not occurred on V3.3 betas or previous versions of PG on my system. I do weekly maintenance to include registry cleaning and defrag. The sequence of events that I use is:

    1. Disable Protection on PG.
    2. Disable Protection on RegDefend.
    3. Using msconfig, I turn off all programs in the Startup tab and reboot with no programs running.
    4. Do file cleaning, registry cleaning, and defrag with PerfectDisk V7.0
    5. Using msconfig, I turn on all programs in the Startup tab and reboot with all programs to be active.

    HOWEVER, now with V3.4Beta1, PGAccount's startup entry will not stay active in msconfig startup list. ProcessGuard immediately deactivates it. So when the reboot is "complete", PG finds that PGAccount is not running.

    To get back to normal, I have to disable protection and close down PG GUI totally and then checkmark the PGAccount entry in msconfig-startup and reboot again. If I do not close down PG before doing this, PG will immediately reset the PGAccount activation/enabler.

    This bug is 100% repeatable on my system. And has NOT been in previous versions of PG. I am using SHM on the PG GUI.

    I have "execution protection" and the 4 global options active.
     
    Last edited: Jun 14, 2006
  2. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Why are you using MSConfig to clear startup items ? its not logical to clear them and boot, so much else is running anyway. I'd never recommend someone to do that, for any reason.

    I think you're confusing PG and its self protection, and you can just work around it by not doing the above. All you need to do are exit as many resident programs as possible, and disable PG for sure (because it has file protection)
     
  3. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    Well, I disagree with the response on this new problem in ProcessGuard. I disable all the startup programs through msconfig for one simple reason. It turns off a lot more programs than just those that show up in the systray. For example, the Logitech webcam group starts up 5 programs in support of the one camera assistant icon in the systray. These are all in the list of startup programs through msconfig. There are also programs that do not have an "exit" option...such as the APC battery backup Powerchute Personal...and cannot be stopped short of going into task manager and killing it.

    I've been doing it this way for years and have encountered no system level problems. It's a simple and quick way to stop the startup programs from being in memory during registry cleaning, deletion of temporary files throughout, compaction of the registry, disk defrag, etc. There is nothing technical wrong with using msconfig in this manner. It gives the option of selective startup- enable/disable startup programs.

    I feel that this new version of PG has an inherent bug that has been introduced under the conditions that I have stated....never in any previous versions of PG.
     
  4. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    Just experimented with MSConfig myself (note that it needs to be run under an Admin user) - it is not possible to disable/enable pgaccount at all. You can clear the box and click on Apply but the entry will not be removed from the registry while other startup items can be disabled.

    Disabling PG's protection does allow this key to be altered but if it is changed and PG re-enabled, PG will not undo the change or allow subsequent correction.

    If the key is removed (while PG is disabled) and added back via other methods (Regedit, etc) then PG no longer protects it.

    This is certainly a security enhancement but it perhaps could be improved further by having PG identify if the key has been changed/removed when enabled (and prompting the user to give an option to fix it).
     
  5. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Perhaps yes.. good idea :)

    The need to shut down applications rests basically with file replacement. If a file is not in use it can be replaced.

    However ALL modern installers have no problem at all with replacing a file by asking you to reboot, and doing it then. So there is no real need to shut down anything except a program like PG which should be disabled to unlock its own protection as stated above.

    Shutting down security programs is a good idea when doing some things, I fully agree. Its just the method above seems very much overkill. Try the same procedure without shutting down everything and you should be fine (just disable PG etc)
     
  6. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    I'm not at all talking/thinking about removing any of the startup registry keys for the startup programs when I do the maintenance routine. I just disable the startup programs, reboot with none of the startup programs activated, and then do the maintenance. Then I re-enable the startup programs and reboot when ready to go back into normal operation.

    This has nothing to do with installing of new programs. I get the impression from reading the responses that there is some confusion as to what the purpose of my "routine" is when doing the maintenance. All I do is:

    1. Dump temporary and junk files.
    2. Clean out and compact the registry.
    3. Run a PerfectDisk defrag to the point of PD reporting there are 0 files fragmented.

    When installing trusted programs, I usually just disable PG, RegDefend, NAV 2006, and close any other programs that may interfere and then install.

    "Overkill" is in the mind of the beholder ;)

    Yes, I have tried this more than once. It takes several defrags to obtain what PD says is 0 files fragmented and it seems to slow down the defrag running time.
     
  7. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    When you use MSConfig to disable startup programs, it does so by removing the corresponding registry keys - so you are ultimately talking about removing registry keys.
     
  8. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    ahh...yes, you are correct there. :)
     
Thread Status:
Not open for further replies.