pg3.05 inoperable after deleting program/media files and displaying mutex 2 error

Discussion in 'ProcessGuard' started by jules12, Nov 28, 2004.

Thread Status:
Not open for further replies.
  1. jules12

    jules12 Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    6
    o_O

    :'(

    I thought PG3.5 did a great job optimizing my computer - freed up loads of memory - over 400 RAM. But, immediately upon reboot files disappeared, services were disabled, and PC returned this error msg: "Cannot open mutex 2." I am newbie when it comes to MUTEX . . . I have researched and understand the vulnerability caused by mutex, which by the way, I presume resulted from the memory scan based upon the logs. WHat can I do to get me files backo_O? I have re-enabled the services and revamped my start-up and have been slogging around in various component and registry items - to no avail. HELP . . .

    the memory "glitch" wiped out all my past restore points in System Restore, even wiped out my Recovery files in Spybot. So I can't apply an "easy fix."

    I am concerned about what is lurking in files assuming I do get my programs "back. . . . " DLL's and ini's are probably running loose all over and in every conceivable place just waiting . . . . . . . . . .

    ANybody have suggestions . . . .wipe out hard drive///


    I use Firefox w/ a medium to high paranoia level w/r/t security. have the basics and recently have been tweaking these and downloading more. Currently using Sygate/Avant firewalls (alternate), a2 scanner, adaware, spywareblaster, spam guards, pop up blocker from DSL provider and loads more. Regularly visit PC PitStop and other URL's for virus and sec. scans. Have removed Norton Internet Sec and Mcafee Firewall from system after began using ZoneAlarm, then switched again b/c it began to be annoying too. Zone Alarm deleted . . . I don't want to create compatibility issues. Ijust want to listen to my music . , , , , WHY Can't we all get alongo_Oo_Oo_O??

    http://www.microsoft.com/technet/security/bulletin/MS01-003.mspx
     
  2. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Hi,

    It sounds like you have manually changed some of the default list settings, or even blocked some Windows files from running. I think you should disable ProcessGuard completely and then start again.

    Restart your PC to Safe Mode, and delete these 2 files in C:\Windows\System32

    pguard.dat
    pghash.dat

    This will disable protection. Restart your computer as normal this time and Windows will come up normally. As soon as ProcessGuard loads and looks normal, enable protection and go to the PROTECTION tab. Press the reset to default button once please, just in case.

    Now also put it in Learning Mode and reboot once. All should be well and from here please run any very important programs you use. Then disable Learning Mode and let us know how it is going. Do not change any protection or security settings for now.

    To get to Safe Mode, see this page if you need detailed instructions
    http://service1.symantec.com/SUPPOR...2001052409420406?OpenDocument&src=sec_doc_nam

    I would also highly recommend an updated virus scanner, adware scan, and also try our TDS-3 scanner. You can get a free online virus scan from many of the leading antivirus vendor sites :)
     
  3. jules12

    jules12 Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    6
    Thanks . . . got your post and mail awhile ago. I responded but i realized that I hadn't properly logged on prior to sending it. I haven't seen the post so i'll go ahead and take a chance on being redundant.


    I had been operating in safe mode and am now following your advice. I have been able to retrieve some media files (JOY!!!) I am going thru my startup menu because I had a couple system roots files there and other things out of place. Also **carefully** and with much respect oh Great Registry God/Goddess.

    Thanks for your help. I'll be back in touch as soon as I have a chance to finish this. Have to run now and will be back online later this evening (in U.S. - midwest)
     
  4. jules12

    jules12 Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    6
    WHat i meant to say was that I was going through the startup and ini's options in safemode and thru registry items. Treading lightly . . .
     
  5. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Just to be very clear, PG wont touch any of your files or settings.

    If there was some incompatibility, disabling its driver by deleting the file procguard.sys (in Safe Mode) will remove protection and make it as if your system never had PG installed. My steps above would be similar but without forcing a reinstall. If you have problems after doing this then it is a problem with something else, not PG
     
  6. jules12

    jules12 Registered Member

    Joined:
    Nov 28, 2004
    Posts:
    6
    Gotcha . . . I fully understand.


    Because I have been unable to send my requested follow-up emails to Gavin Coe thru the email address he provided, I am posting here hoping to resolve this issue. Simply, the webmaster would not forward the emails to Mr. Coe. No problem .. it's cool.


    BEGIN QUOTE FROM WEBMASTER:

    Hello [deleted],

    Tuesday, November 30, 2004, 6:25:37 PM, you wrote: [my response was was not here in the original]


    As it seems you want to email Gavin Coe from DCS
    in regard to some issues.

    Since you are sending emails to de email address
    for the Wilders Security Forums, these emails won't
    be delivered to the intended person. Please email
    or IM Mr. Coe directly.

    --
    Best regards,
    webmaster

    website: http://www.wilders.org
    forums: https://www.wilderssecurity.com
    webmaster@wilderssecurity.com


    END QUOTE

    Gavin:
    In a nutshell, I followed your instructions but was not able to initialize PG after deleting the .dat files. I received an error msg to check dcsuserprot.exe , but Windows returned an error msg that this file could not be located.



    The following is a copy of the original email that I attempted to send to you yesterday. I had two subsequent emails that included screenshots to illustrate what I had done and to ask a couple questions that i thought might be relevant to this issue. The pic's are not included here.


    QUOTE:


    I don’t get this, my e-mail just disappeared. I had detailed the results of following your instructions. anyway, I am going to try to recreate my message . . . .(notice below that the screenshot shows the beginning of the email at 2:07AM. I fell asleep thereafter but had saved the email as a draft. It is not there, but screenshot file was)

    My video/audio is okay. must have to do w/ start-up config given safemode and normal reboots.

    I completed up to step four of your instructions, but was stymied by the message that pg could not initialize. Specifically, I had deleted the two .dat files in safemode and restarted in normal mode. I was unable to enable Protection. No tabs other than MAIN tab and displaying message to check dcsuserprot.exe, which windows says it cannot find. Windows returned an error msg (red box w/ white x) stating that it could not locate the file



    As an aside, I have been troubled by high cpu and memory usage, especially w/r/t ieexplorer (can't delete b/c of win updates) and nt kernal & system (specifically ntoskrn.exe) is constantly trying to access the network. Nothing in my system seems stable. this was not the result of the recent incident. in fact, I installed pg as a result of a combination of problems. CPU and memory would often spike as result of ieexplorer and svchosts (is it okay that like 8-10 of these run? I have read "multiple instances" but don't know if that means 2-3 or 50-100). also following SP2 update for Win XP I have no system volume icon, missing tools, no policies for mmc, and various other missing items. Win Xp was pre-installed on my PC and don't know if my three "RESTORE" CD's would work in the same fashion that the XP installation CD does. (I.e., I know there is a fix for the system volume problem but it req's the other CD). My startup is messy. as u can see from the shots, I have a variety of programs running at start. this is not always the case, I have been tweaking this and sometimes have only a barebones startup. I probably have messed up something by tweaking. Is there a particular startup and services config that u recommend . .. I have found dozens of examples of what services should run and what startup are necessary. Thru trial and error, I have been from the super paranoid to the everybody is welcome extremes. Well, not really, I am actually pretty paranoid. I am also extremely diligent about running virus/malware/adware checks. at the time, I received the pg error I was using a2 scanner, sygate, adaware, avant, spybot, and others I can't recall now, plus very frequent on-line vists to sites like PC PitStop, norton, etc.

    So what di u think?? Don't mean to pick your brain about all this. I know the answers are out there and I have read hundreds of knowledge based articles. Just thought this may all have caused the mutex 2 error, which I am still trying to get my hands around to understand.



    END QUOTE


    As mentioned, I provided screenshots not included here. I can email these if you'd like. let me know if I can do this thru the email you provided.

    THANK YOU VERY MUCH for your assistance. I am not trying to accuse PG of being the problem I am just working backwards and started there b/c of the mutex 2 error. If i could eliminate this then I assumed I would be able to access my files.


    Well wishes!!!
     
  7. kelland

    kelland Registered Member

    Joined:
    Dec 15, 2004
    Posts:
    5
    me too got same prob
     
  8. finalxlee

    finalxlee Guest

    hi i tried to uninstall me PG, it successfully uninstalled but some stuff like DCSUserProt and pgaccount cant be deleted how do i delete it?
     
  9. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Use Unlocker to delete (rightclick on file).
     
Thread Status:
Not open for further replies.