ProcessGuard V3.000 beta 2 problems

Discussion in 'ProcessGuard' started by LuckMan212, Oct 1, 2004.

Thread Status:
Not open for further replies.
  1. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    First off nice work on V3, I just installed the beta2 and it is indeed a vast improvement (UI wise at least) over V2. As far as under-the-hood operational functionality, so far it seems there are still some issues to be worked out, however overall it feels a bit "faster" and I guess I would say I have had fewer problems with V3 than with V2, although I had to remove V2 within 24 hours of installing it due to too many issues. V3 has been installed for even less time than that so time will tell. But, I have already had some noteworthy issues, so ....

    note: I am running a P4 2.4Ghz with 1GB ram on XP SP2.

    Here are a few screenshots of some problems I've had with V3 so far. I went to sleep last night, and woke up to a completely crashed computer (not frozen, just a bunch of apps in a "hung" state, and a dialog box on the screen about DCSUserProt.exe having crashed, Explorer.exe was unresponsive, etc. Had to hard-reset the system as normal Start->shutdown was not available)

    http://www.f2systems.com/files/snap128.png
    http://www.f2systems.com/files/snap129.png
    http://www.f2systems.com/files/snap130.png
    http://www.f2systems.com/files/snap131.png
    http://www.f2systems.com/files/snap132.png
    http://www.f2systems.com/files/snap133.png
    http://www.f2systems.com/files/snap134.png

    Seems like a batch file that I have set to run at 11:20pm is what caused PG to bring down my system. All that batch file does is download a bunch of HTML files via the cURL (http://curl.haxx.se) commandline program.

    Late on in the evening (early morning actually) my Backup software failed to run (its a client-server, so I get the error message on the server, "-519, client not available" so I guess the system was sufficiently hosed by then as to make it appear "dead" to the backup server.

    ...some final comments :

    - the 'alerts' section flickers wildly while programs are launching and causes CPU to go to 100%, for example with that batch file I mentioned before, it maybe launches cURL 100 times in a row or something, about once every 2 seconds. During this batch file execution, if the PG window is open, it hogs CPU and the window flickers a lot while drawing. Maybe use some sort of buffered drawing technique here to reduce this?

    - can the 'register' and 'buy now' buttons go away (or at least be greyed out) after you enter a license code? I don't want to be reminded to buy something I've already bought!

    thanks! :D
     
    Last edited: Oct 1, 2004
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi luckman212, Thanks for your post.

    Regarding the event viewer this maybe to DCSuserprot built in protection stopping the read

    WHY - Could be that it just try athe termination command but not actually want to terminate it. Maybe letting winlogin with terminate allow will show you. Not sure what the ATI (graphics card?) .exe is on your list for maybe learning mode picked it up.

    Might be worth looking at the logfile which may have slightly different info'

    Learning mode now stays on for two reboots.

    DCS will have to answer on your other questions re. the batch file etc.

    Thanks. Pilli
     
  3. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    Are there any drawdowns to doing this? Can a trojan then hook into winlogon and do bad things?

    must have... I did not add it myself...

    did a search of the logfiles and only found this:
    Code:
    Fri 01 - 09:58:59 [TERMINATE] c:\windows\system32\winlogon.exe [896] was blocked from terminating c:\windows\system32\ati2evxx.exe [500]
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Not as long as winlogin is in your protection list and you enable the four general tabs. Watch the alert log when doing this and make the Allows as necessary.
    The same applies to protected list items that are given other allows, these allows only apply to other protected items which should be safe enough.

    HTH Pilli
     
  5. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    Happy with the new version as well, also some strange behaviour.

    I did have to search for a while to find some small things ..
    and i know, this is where a Beta is for.


    1) When i tried to remove applications in the "protection" screen i couldn't select more then one app. at the time
    (using the <ctrl> key).... In 'security' it works fine.

    2) I also had some strange behaviour with "dcsuserprot.exe" it gave (other) errors but (asume this is my fault) the 2 .dat files where corrupted.

    After i had fixed that, the dcsuserprot.exe did not appear again.

    Another thing is, but i know this is more of a change-request, that
    is miss the option to 'deny' a app. which was 'allowed' before,
    without removing the app. first.
     
  6. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Jason? :)

    AS stated in the telease thread V2 .dat files are not compatible with V3 but the new learning mode makes up for this in may ways. :)

    If you right click any program listed in the security list you can change it to whatever permission you like you can also add files directly to the protection list, look at the the properties and remove from the list.

    HTH Pilli - Enjoy your weekend
     
  7. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    I am not sure I understand what you just said. Maybe I'm having a "duh" moment but could you pls. post a screenshot of how this should look? I would appreciate it... thx
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Luckman, It will have to be tomorrow as I am off out for the evning withh my wife in about 5 mins. :D
    Maybe another user will respond before I get back on the forum.

    Enjoy your weekend. Pilli ...
     
  9. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    thanks pilli !

    nice evening !

    ;)
     
  10. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    well... I reached by breaking point. I had to uninstall PG 3.0beta from my computer :(

    I was in the middle of something (ironically, I was reading the DCS forums!! LOL :doubt: ) and I got that DCSUserProt.exe error again, and it rendered my system inoperable. I had to take this screenshot with my camera because I could not launch my screen capture program (I guess once the DCS service /driver fails, app launches are blocked? Is this by design?)

    I really hope to hear from DCS on this, this is a serious problem that has crashed me 4 times in the past 24 hrs since installing PG 3.0. My system is otherwise 100% stable and normally goes for days/weeks without a reboot. My 3.0 install was a "clean" one, not an upgrade from 2.0 (so no DAT file corruption here)

    [my logfile is attached if you want to see it -- rename to remove the .log at the end and unzip (forum doesnt allow zips (why??)) ]

    screenshots.... (sorry for the crappy 1st one-- I was in a hurry)
    http://www.f2systems.com/files/IMG_1809.JPG
    http://www.f2systems.com/files/snap135.png
    http://www.f2systems.com/files/snap136.png
     

    Attached Files:

  11. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    :D WHOAA I HADNT HAVE PROBLEMS WITH MINE

    But i did a full clean install regardless of the uninstall i found it left behind .dat files and registry keys i guess thats how it knows you when you reinstall

    so i wipe that pupy clean of all traces folders dat registry entrys

    reboot install ask for key algain put it in and im cruesing
     
  12. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    you know i read what you said twice and im really no expert but it looks like you went to bed with your computer unintended doing massive stuff
    im wondering if because you wernt there to deny or accept programs they just stacked one on top of another till you ram shot up to a 100 cpu and got stuck

    did you leave it on training mode and had your pc do alot of stuff why you catch some sleep?

    also since you had to reboot all the erros and permistions that did not get resolved may be causing problems like curuption

    when my pc crashs like yours files get currupt on forced reboots?
     
  13. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    Are you asking me a question or telling me something? I am finding it hard to understand you. Regardless, I am a database programmer by trade, and a computer user since I was 8 years old (over 22 years). I know how to uninstall a program and yes I had done an uninstall including wiping away and folders/dat files/registry entries left behind from my prior 2.0 installation.

    Clearly from the above posts and screenshots you can see there are issues to be resolved still in this 3.0 version. To answer your question, no there were no PG alerts "stacked up" as it was still in Learning Mode and the PC was not crashed when I got back to it, just DCSUserProt.exe had crashed (which prevented me from shutting down or launching anything else). I do not have an "out of the ordinary" system or very many 3rd party programs, etc installed. I run a very tight ship and am quite careful about what I install and allow to run on my PC (which is what attracted me to PG's concept in the first place).

    As far as leaving my computer unattended doing "massive stuff" well that is simply false and I am not sure how you arrived at that conclusion. I merely pointed out that after checking the logs it appeared that PG has crashed during the execution of that particular batch file. There is nothing strenuous about that batch file, it typically uses 1-2% cpu at the most, simply downloading a bunch of files from our database server sequentially (it does not attempt to download 100 things at once, maybe I didn't make that clear-- it is doing it ONE AT A TIME).

    On top of all of that, even if it WAS launching 100 processes at once (which as I just said, it ISNT) that is still no excuse for PG crashing/bringing down my whole system. Stability is stability... I don't like statements that accuse the user of "trying to do too much with their system". It's a computer. It's supposed to be used-- to borrow someone else's analogy (just read this in another thread), it's like buying a Ferrari and then only driving at 20mph because you don't want to "damage the engine". If I can't use my computer the way I want to while PG is installed, then there's no point in using it.

    Anyway I am not trying to flame or rant -- and I still am waiting to hear an official response to all of this from DCS. I am simply reporting my problems so they can hopefully be resolved. After all, that is the point of releasing the beta, is it not? ;)
     
    Last edited: Oct 2, 2004
  14. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    manly a question and a presumption i on the hand am the opposite of you i have many third party apps basically your evill twin in doing the opposite stuff

    yet strangely mine hasn't crashed

    I'm on a crappy gateway essential pc 700c or what ever 512 generic ram and an crappy motherboard sp2 windows xp home edition

    i have aim zap boclean nav windows blind pg and wow to much stuff I'm to lazy to look

    all that and still haven't ran into anything you mentioned

    don't know about all that puter ego stuff to me it blah blah

    what I'm trying to understand is why is your pc so different if anything it should be better then my crappy one?

    I'm only assuming and hopeing lol cause any pc crapyer then mine thats would be sad
     
  15. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    hey do you have pci ati graphics card ddr one
     
  16. LuckMan212

    LuckMan212 Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    252
    Well I don't know how or why this is becoming a flame thread when I was just trying to report some bugs. But, I must say that it doesn't come as a big surprise to me that a lot of "stuff" might sound like "blah blah" to you, judging by your abysmal use of the English language. But that's neither here nor there. Please, let's try to stay on track here and keep the trolling to a minimum. To answer your question:

    Yes I have 2 video cards in my system:

    Radeon 9800 Pro (AGP)
    Radeon 9200 (PCI)

    I use these to drive my 4 monitors.
     
  17. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Luckman212,

    Mr. Blaze is trying to help you and he did not flame or troll.
    Focus on the content of the message, he may be onto something here.
     
  18. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,451
    Location:
    North Carolina, USA
    I just wanted to add that MR.BLAZE's words, grammar, and/or spelling can be bad at times, but all he is trying to do is help. not in any way trying to flame you. His intentions are only the best but sometimes he does not express himself very good. Please try to read his post as someone who is trying to help you. Read THIS THREAD and hopefully it may enlighten you.
     
  19. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    I have read MrBlaze comments, and I didn't see at any time any rudeness or personal attack, but I am used to read MrBlaze so I know how he writes :)
    BTW I am not english, so I didn't see anything aggressive, but may be for a real english some words can seems to be I don't know, anyway the puff-m-d links is worth to read ;)

    regards,

    gkweb.
     
  20. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Luckman, Regarding your problem and the error messages for DCSuserprot you will probably have to wait until Monday morning Perth time for a technical appraisal by DCS.
    My gut feeling is that it is driver contention but that may not help you much.

    Regarding Mr Blaze, You must not take out your frustration with people that are trying to help you, this board is multi national and multi cultured so please accept it for what it is.

    If you have problems with the answers you get here please write to support@diamondcs.com.au

    Thank you. Pilli
     
  21. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    I'm afraid I won't be of much help here, but maybe I can hint at some pieces of information that might help DCS to solve the issue:

    LuckMan, do you happen to remember the protection and security settings for dcsuserprot.exe and for curl.exe? In case you want to re-try, what would be of interest to me is if behaviour depends on giving dcsuserprot.exe "access raw memory" privs. (just a wild guess because the error msg said userprot wanted to write to memory but couldn't.)

    I hope it will be resolved.
    Andreas
     
  22. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    lol flameing lmao nope you know when i flame ask zone alarm company lol

    abysmal use of the English language?

    dont you mean assnite lol?

    and trolling man i heard that from two posters so far not really towards me but your posting looks very familiar any how i was being on track

    The reason i asked if you have a pci graphics card is because of this

    i had installed on here a pci ATI radeon 64 mb ddr 7500 graphic card that trash my system all those wyrd numbers with memory and crashs etc etc look very familiar

    that card ran hell threw my pc

    i had to rip it out and toss it

    i had crashs on start up seriouse hangs one minute it work fine and the next i get black screen with that want to start in safe mode blah blah

    i did a check on some of those numbers on your error messages in google search and some of them mention a pci graphic card fault memory errors and so on

    lot of the posts mention crashs

    probably do to crapy or damaged driver in my case it was the LE 500 MONITOR THAT CAME WITH MY PC

    ati drivers sucked i had to get a microsoft verstion to get it to run ok

    so you dont think two graphic cards like those might be craping out your system ?

    i was just wondering

    im always learning new stuffs :p
     
  23. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    nahhhhhhh i can see his frustration he trying to point out stuffs to dcs crew and gets a newbie like me asking a millione qustions like when some one keeps asking why lol.

    im just trying to learn to add stuff to my list of how to do or why things happend

    im dowenload the new ie spell checker lol

    that way i dont come across wrong in these types of seriouse threads

    i do have poor grammer and spelling but my reading is up to collge standards lol since 5th or 6th grade i just for the life of me cant spell lol

    oh just cause i can read at that level dosent mean i fully understand the heavy words but i get enough out of what im reading to get the jest of something lol

    same with spanish i can read it understand it but cant spell lol

    its really strange
     
  24. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Spell cheker? Yu don't neeed no spel checkeer. We doon't ned no sppell checerr. I dooont hav tu sho yu anye stinkin' spell cheker!! :D


    Don't change a thing, unless you want to. We like you just the way you are. ;)
     
    Last edited: Oct 2, 2004
  25. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Luckman you're not alone and I'm sorry that you're having so much trouble. I still haven't been able to use the program because of system instability or some kinds of conflict - I don't really know. All I know is that I love the concept of Process Guard but it's very difficult to implement with complete stability. I bought version 2 and couldn't use it then I tried this new version and after a while got a BSOD and all kinds of explorer crashes. I uninstalled it and everything was ok again.

    The problem is there may be software which is incompatible but it may be different software with different users depending on what they have installed.

    I really would like to one day be able to use this but after all the crashes I had the other day as well as a BSOD I am giving in. If I use all my known applications I can run for days and weeks without problems but as soon as PG comes into the equation my system starts getting unstable.

    It's a fantastic idea and I congratulate DCS and everyone for trying so hard but it still needs a lot more work I feel.
     
Thread Status:
Not open for further replies.