Starteak slowdown after PG3 installed

Discussion in 'ProcessGuard' started by tech-addict, Nov 3, 2004.

Thread Status:
Not open for further replies.
  1. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    I really like PG3 but I'm having a problem with it slowing down internet access.
    It used to take considerably less time after the system booted up for ZoneAlarm Pro (4.5.594.000) to load it's icon in the system tray and let me access the internet, now the time it takes after installing PG3 is almost doubled o_O
    I know there is a newer version of ZAP but their forum is riddled with version 5.xx problems and I have no problem with 4.5 (until now)

    I have restored my backup image (made just prior to installing PG3) and the problem is gone. Went ahead and reinstalled PG3 and left it in learning mode for 1 full day running every program I have installed, rebooting, shutting down, starting up, defragging (normal & boot defrag) I have tried everything I can think of and the problem remains the same. :(

    Here is some info that may help diagnosis:

    System: Notebook pc with PIII M 1.13 Ghz cpu / 512 MB ram

    OS: Win XP home OEM (fresh install and update to SP2 done 1 month ago)

    in anticipation of PG3 being released,
    I fully tested this system after installing SP2 and have had no problems, I installed a minimal amount of programs so I could install PG3 on a clean fresh system to avoid problems / ensure maximum security.

    This is definitely a problem with something PG3 is doing to slowdown ZAP.
    here is the log file I copied just after system boot:

    Code:
    ---Process Guard Log Started---
    Wed 03 - 12:03:57 [EXECUTION] "c:\program files\symantec antivirus\rtvscan.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [820]
                      [EXECUTION] Commandline - [ "c:\program files\symantec antivirus\rtvscan.exe" ]
    Wed 03 - 12:03:58 [EXECUTION] "c:\windows\system32\zonelabs\vsmon.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [820]
                      [EXECUTION] Commandline - [ c:\windows\system32\zonelabs\vsmon.exe -service ]
    Wed 03 - 12:04:00 [EXECUTION] "c:\program files\raxco\perfectdisk\pdsched.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [820]
                      [EXECUTION] Commandline - [ "c:\program files\raxco\perfectdisk\pdsched.exe" ]
    Wed 03 - 12:04:06 [EXECUTION] "c:\program files\common files\raxco\autoupd.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1016]
                      [EXECUTION] Commandline - [ "c:\program files\common files\raxco\autoupd.exe" -embedding ]
    Wed 03 - 12:04:49 [EXECUTION] "c:\windows\system32\wuauclt.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1192]
                      [EXECUTION] Commandline - [ "c:\windows\system32\wuauclt.exe" /runstoreascomserver local\[4a8]susds236c6a26c1f0a541bf9c83593625ed3f ]
    Wed 03 - 12:06:02 [EXECUTION] "c:\windows\system32\zonelabs\vsmon.exe" was allowed to run
                      [EXECUTION] Started by "c:\progra~1\zonela~1\zoneal~1\zlclient.exe" [1928]
                      [EXECUTION] Commandline - [ vsmon.exe -status ]
    Wed 03 - 12:07:12 [EXECUTION] "c:\windows\system32\alg.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [820]
                      [EXECUTION] Commandline - [ c:\windows\system32\alg.exe ]
    Wed 03 - 12:08:14 [EXECUTION] "c:\windows\system32\notepad.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\explorer.exe" [1680]
                      [EXECUTION] Commandline - [ "c:\windows\system32\notepad.exe" c:\program files\processguard\logs\pglog_11_2004.txt ]
    
    Well if anymore info is needed I'll be happy to provide it in hopes of resolving this problem. :)
     
    Last edited: Nov 3, 2004
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Re: ZoneAlarm Pro slowdown after PG3 installed

    Hi tech-addict, What happens if you remove ZA from the protection list?

    If you look at TM can you see if anything is hogging the CPU.

    Thanks. Pilli
     
  3. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    Re: ZoneAlarm Pro slowdown after PG3 installed

    tech-addict,
    I just wanted to let you know that the ZA combo with PG3 is working fine on my system. I have the Secturity Suite version. Did you run PG in Learning Mode?
     
  4. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    Re: ZoneAlarm Pro slowdown after PG3 installed

    Why didn't I think of looking at TM ? Thinking too hard and overlooking the obvious, lol. :p ( nice call Pilli ;) )

    Ok so now I see that "STARTEAK" is hogging CPU and causing the delay of ZAP.
    File info: C:\Program Files\Compaq\Easy Access Button Support

    Description: starteak.exe is installed on mainly Compaq workstations. It allows the configuration of the Compaq keyboard's one-touch keys. This program is a non-essential system process, but should not be terminated unless suspected to be causing problems.

    Ok, so now I know what to look for but, I have tried giving starteak.exe all "allows" (one at a time/ rebooting each time afterwards) and that hasn't helped. So I tried giving other apps "allows" to modify it, still no help. Then I removed it from the protection list and still no joy, then I tried re-enabling learning mode but it hasn't picked it up / put it back in the list.

    I find it strange that this starteak.exe doesn't get logged o_O

    What can I try next ?
    Thanks
     
  5. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Re: ZoneAlarm Pro slowdown after PG3 installed

    Hi again tech-addict, If it is a system service it may be starting very early in the startup process. If you can stop it starting using Run - msconfig then see what happens. If it causes a problem or loss of functionality try starting it from the start up folder using a shortcut.

    Please report back on your findings. Pilli :)
     
  6. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    Re: ZoneAlarm Pro slowdown after PG3 installed

    Well I disabled starteak.exe through msconfig and the system is booting fine again, maybe even a little bit faster than before PG3 :eek: :D

    This is something I feel a little embarrassed about (not finding it myself)
    but sometimes it takes someone looking at things from the outside to see the whole picture, I was busy thinking about bootimes, reading logs, help files, defragging, (banging my head on the wall, LOL j/k) that I didn't see it.

    I haven't really tried using any special function keys since disabling starteak.exe but those are not important to me anyway, I'm just happy to have my quick boot time back and have the excellent protection of PG3 running error free.

    Matter of fact I bet starteak.exe was the cause of my problems with version 1 and 2 also. :rolleyes: Oh well I'm happy now, no matter how much time I spent trying to get those previous versions working. :p

    I guess I should edit the title of this thread to: "starteak.exe causing slowdown after PG3 installed"
    What do you think ?

    Ok well once again I say: THANKS to you Pilli !!!
    I appreciate the help :D
     
  7. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Re: ZoneAlarm Pro slowdown after PG3 installed

    :) Good news then. I am glad you have at least found and solved the problem.
    Though I would still like to know what the conflict was i.e. what was actually happening.

    Yes, changing the title to Starteak etc. may be a good Idea.

    All the best. Pilli :)
     
  8. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    Re: ZoneAlarm Pro slowdown after PG3 installed

    Yes, I would like to find out too.

    It's not a big problem, but it does bother me a little because I thought it would only affect the easy access buttons (one touch buttons) for IE, email, WMP and search.

    But now I find that it also disables the volume up / down buttons. :(
    I can get around it by placing a volume icon in the systray but I hate adding more stuff down there.

    I have tried placing a shortcut to starteak.exe in the startup folder but that doesn't help and the problem remains the same. :doubt:

    I have a feeling starteak.exe is calling / waiting for some other process that PG may be blocking, but I'm unsure how I should go about tracking it down.

    edit: I changed the title of my first post but it didn't change the title of the thread, I guess you will have to change it through the mod control panel.
    Thanks ;)
     
    Last edited: Nov 3, 2004
  9. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Re: ZoneAlarm Pro slowdown after PG3 installed

    Keep us posted if you do track it down, there is obviously something blocking something :D
    Maybe DCS will have an idea in the morning.
    It may also be an idea to copy your PG logfile.txt and send it to support@diamondcs.com.au for analysis

    Cheers. Pilli
     
  10. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,451
    Location:
    North Carolina, USA
    Re: ZoneAlarm Pro slowdown after PG3 installed

    Hello tech-addict,

    I changed the title for you ;) ...
     
  11. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    Thanks puff-m-d ;)

    Ok well I took the shortcut to starteak.exe out of the startup folder and started the exe after the system boot was complete, this way I was able to see what else it was initiating and here is what I found:

    Code:
    Wed 03 - 17:57:25 [EXECUTION] "c:\program files\compaq\easy access button support\starteak.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\explorer.exe" [1704]
                      [EXECUTION] Commandline - [ "c:\program files\compaq\easy access button support\starteak.exe"  ]
    Wed 03 - 17:57:28 [EXECUTION] "c:\program files\compaq\easy access button support\cpqeadm.exe" was allowed to run
                      [EXECUTION] Started by "c:\program files\compaq\easy access button support\starteak.exe" [3308]
                      [EXECUTION] Commandline - [ "c:\program files\compaq\easy access button support\cpqeadm.exe" ]
    Wed 03 - 17:57:29 [EXECUTION] "c:\compaq\cpqinet\cpqinet.exe" was allowed to run
                      [EXECUTION] Started by "c:\program files\compaq\easy access button support\starteak.exe" [3308]
                      [EXECUTION] Commandline - [ "c:\compaq\cpqinet\cpqinet.exe" ]
    Wed 03 - 17:57:29 [EXECUTION] "c:\program files\compaq\easy access button support\bttnserv.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1040]
                      [EXECUTION] Commandline - [ c:\progra~1\compaq\easyac~1\bttnserv.exe -embedding ]
    Wed 03 - 17:57:29 [EXECUTION] "c:\compaq\eakdrv\eausbkbd.exe" was allowed to run
                      [EXECUTION] Started by "c:\program files\compaq\easy access button support\starteak.exe" [3308]
                      [EXECUTION] Commandline - [ "c:\compaq\eakdrv\eausbkbd.exe" ]
    Then I went and checked the protection list thinking maybe they weren't added before, but they were already there. (been there all along) :doubt:
    Sytem boot still slow after putting shortcut back in startup. :(
     
  12. Tatersalad

    Tatersalad Registered Member

    Joined:
    Mar 24, 2004
    Posts:
    76
  13. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    Thanks for the info Tatersalad ;)
    Yes I do have the latest driver installed (already made sure of that)

    I did check out the link you provided and the symptoms are the same.

    But the thing is I already have SP2 installed and all the latest updates (including BITS update)
    And I don't have this problem until PG3 is installed so it isn't a system, OS - driver conflict, ect...

    It seems to be a problem with PG blocking something from loading or causing some delay with starteak.exe

    Thanks for the reply :)
     
  14. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    The fix HP recomends at that link doesn't even apply to a pc running Windows XP with SP2 installed. :rolleyes:
    They say disable BITS service then go to Windows Update and install the BITS update again.
    Windows Update version 5 doesn't even let you see any updates if BITS is disabled, so that couldn't possibly work. :mad:
     
  15. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    Re: ZoneAlarm Pro slowdown after PG3 installed

    So does DCS have any ideas ? o_O

    How can I track down what PG3 is doing to cause starteak.exe to use 99% CPU during the bootup ?
     
  16. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi tech-addict, Can you please post a screenshot of your protection list with starteak.exe highlighted so that we can see what allows etc. you have for it?
    Can you also disable all the General tabs and see if the problem dissapears, then enable each one in turn to see which tab might be causing the problem?

    Thanks. Pilli
     
  17. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    Thanks for the reply Pilli :)

    Well this happens with no protection enabled on starteak.exe, even happens when I disable execution protection totally. (For these log files to be created I had to enable execution protection.)

    Here is the log when I place starteak.exe (unprotected) in the startup folder:

    Code:
    ---Process Guard Log Started---
    Sat 06 - 17:02:50 [EXECUTION] "c:\program files\symantec antivirus\rtvscan.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [828]
                      [EXECUTION] Commandline - [ "c:\program files\symantec antivirus\rtvscan.exe" ]
    Sat 06 - 17:02:52 [EXECUTION] "c:\windows\system32\zonelabs\vsmon.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [828]
                      [EXECUTION] Commandline - [ c:\windows\system32\zonelabs\vsmon.exe -service ]
    Sat 06 - 17:02:54 [EXECUTION] "c:\program files\raxco\perfectdisk\pdsched.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [828]
                      [EXECUTION] Commandline - [ "c:\program files\raxco\perfectdisk\pdsched.exe" ]
    Sat 06 - 17:03:02 [EXECUTION] "c:\program files\common files\raxco\autoupd.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1024]
                      [EXECUTION] Commandline - [ "c:\program files\common files\raxco\autoupd.exe" -embedding ]
    Sat 06 - 17:03:43 [EXECUTION] "c:\windows\system32\wuauclt.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1200]
                      [EXECUTION] Commandline - [ "c:\windows\system32\wuauclt.exe" /runstoreascomserver local\[4b0]susdsc90727b3a088e64fb0941b3d9d5c6d11 ]
    Sat 06 - 17:04:06 [EXECUTION] "c:\windows\system32\zonelabs\vsmon.exe" was allowed to run
                      [EXECUTION] Started by "c:\progra~1\zonela~1\zoneal~1\zlclient.exe" [1964]
                      [EXECUTION] Commandline - [ vsmon.exe -status ]
    Sat 06 - 17:06:07 [EXECUTION] "c:\windows\system32\alg.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [828]
                      [EXECUTION] Commandline - [ c:\windows\system32\alg.exe ]
    Sat 06 - 17:06:59 [EXECUTION] "c:\windows\system32\notepad.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\explorer.exe" [1692]
                      [EXECUTION] Commandline - [ "c:\windows\system32\notepad.exe" c:\program files\processguard\logs\pglog_11_2004.txt ]
    As you can see my boot time is over 3 minutes :(

    I attached ss of starteak.exe (highlited) in the protection tab.
     

    Attached Files:

    • PGa.jpg
      PGa.jpg
      File size:
      57.7 KB
      Views:
      632
  18. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    And before anyone asks... Yes, I have tried enabling all "allows" on starteak.exe (as stated in my second post)
    "allows = install global hooks, install drivers/ services and access physical memory."

    Now here is my log after taking starteak.exe out of the startup folder. (that's it, no other changes made at all)

    Code:
    ---Process Guard Log Started---
    Sat 06 - 17:18:43 [EXECUTION] "c:\program files\symantec antivirus\rtvscan.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [824]
                      [EXECUTION] Commandline - [ "c:\program files\symantec antivirus\rtvscan.exe" ]
    Sat 06 - 17:18:43 [EXECUTION] "c:\windows\system32\zonelabs\vsmon.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [824]
                      [EXECUTION] Commandline - [ c:\windows\system32\zonelabs\vsmon.exe -service ]
    Sat 06 - 17:18:44 [EXECUTION] "c:\program files\raxco\perfectdisk\pdsched.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [824]
                      [EXECUTION] Commandline - [ "c:\program files\raxco\perfectdisk\pdsched.exe" ]
    Sat 06 - 17:18:46 [EXECUTION] "c:\program files\common files\raxco\autoupd.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1020]
                      [EXECUTION] Commandline - [ "c:\program files\common files\raxco\autoupd.exe" -embedding ]
    Sat 06 - 17:18:55 [EXECUTION] "c:\windows\system32\alg.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\services.exe" [824]
                      [EXECUTION] Commandline - [ c:\windows\system32\alg.exe ]
    Sat 06 - 17:19:30 [EXECUTION] "c:\windows\system32\wuauclt.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1196]
                      [EXECUTION] Commandline - [ "c:\windows\system32\wuauclt.exe" /runstoreascomserver local\[4ac]susdsda2d8b87bb126f49b06c2638b12cf0c5 ]
    Sat 06 - 17:20:10 [EXECUTION] "c:\windows\system32\notepad.exe" was allowed to run
                      [EXECUTION] Started by "c:\windows\explorer.exe" [1680]
                      [EXECUTION] Commandline - [ "c:\windows\system32\notepad.exe" c:\program files\processguard\logs\pglog_11_2004.txt ]
    As you can see, now my boot time is about 1 minute (which is normal and how it was before PG3 was installed)

    Here is a ss of my global protection settings.
     

    Attached Files:

    • PGb.jpg
      PGb.jpg
      File size:
      43.6 KB
      Views:
      638
    Last edited: Nov 6, 2004
  19. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hmm, I have to admit this has me baffled :mad:
    Can I suggest that you Zip a copy of Starteak.exe and send it to submit@diamondcs.com.au with a copy of your logfile.txt and a link to this thread. Also your full Notebook spec.
    You appear to have completed your analysis methodically and that will help DCS in their diagnosis.

    I would also suggest, and you won't like me for this, that you completely ununstall PG then re-install just in case some files may have been corrupted in some way - Here's how:

    Disable protection - uninstall - reboot - got to the windows32 folder and delete pghash.dat & pguard.dat.
    If you are happy working in the registry. Using Find type pgaccount and delete any keys found.
    Do the same for Process Guard & for procguard, you will have to change the permissions on some keys to allow deletion, you can do this by right clicking on them selecting "permissions" ticking the allow boxes than Apply after which you can then delete the keys.

    Re-install PG

    Thanks. Pilli
     
  20. tech-addict

    tech-addict Registered Member

    Joined:
    Dec 21, 2003
    Posts:
    71
    Thanks for the reply Pilli :)

    Wouldn't that have the same effect as what I did (in my first post) by restoring my system to the backup image I made just prior to installing PG3. After the restore was done, I completely checked my system again and boot times were normal. So then I installed PG3 and left learning mode on for one full day. ;)

    BTW one more thing I notice is that I have lost the ability to use system restore (I don' know if it could be related to this starteak problem) but I have added: rstrui.exe and SRDIAG.EXE to my protection list and given them all allows, yet when I try to go back to any restore point (even one I made just minutes ago) I get that messege: system cannot be restored.. ect. o_O

    Ok well I will go ahead and email DCS the information you suggested.
    Thanks :)
     
  21. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi tech-addict, ProcessGuard should not affect System restore but if you have installed Wormguard you would need to add rstrui to WormGuard's Allow list.

    Hopefully you will get a direct response from DCS in the meantime :)

    Could you please state briefly what security programs you have running?

    Thanks. Piili
     
Thread Status:
Not open for further replies.