startup type

Discussion in 'ProcessGuard' started by new user, Jan 1, 2006.

Thread Status:
Not open for further replies.
  1. new user

    new user Guest

    I've just downloaded the latest version (3.2),in the help file file it says somthing about loading the driver even earlier by going to control panel,system,hardware,device manager,unhiding hidden devices,double-click procguard,and in the driver part,it says to change the startup type to system so that it loads even earlier. But when i look in the driver part,it only says :- driver details,update driver,rollback driver and uninstall driver,there is nothing about changing the startup type.
    Have i changed a setting somwhere so i cant view that bit? please help

    thanks
     
  2. billaku

    billaku Registered Member

    Joined:
    Oct 16, 2005
    Posts:
    67
    Location:
    Texas Central Coast, US
    What OS is this. WinXP, SP1 or SP2; Win2000, other?
     
  3. new user

    new user Guest

    sorry,its win xp sp2,all updates etc.
     
  4. billaku

    billaku Registered Member

    Joined:
    Oct 16, 2005
    Posts:
    67
    Location:
    Texas Central Coast, US
    Okay - same here: WinXP Pro, SP2.

    new user, You are a very good reader of help files!
    I had not seen this.

    Just to make sure first off, you are not getting:

    Start | Control Panel | System | Hardware | Device Manager | View | Show hidden devices | View | Devices by connection
    | procguard (double click) |

    and see these at the Driver tab?

    http://public.billaku.jetemail.net/procguard_system001

    My sys original entry
    Startup Type: Automatic (Started)

    The other two tabs my sys:

    General tab
    Device usage: Use this device (enable)

    Details tab
    procguard
    Device Instance Id
    ROOT\LEGACY_PROCGUARD\0000


    For a change from the existing Automatic to System to be retained, I exited all my system protections (PG, LookNStop, WinPatrol, etc.).
    Reverted to, actually stayed at, Automatic first couple of trys not doing so.

    Did find upon reboot that my AntiVirus Eset NOD32 was blocked from loading by PG where it had never been previously.

    Went to PG Alerts and found msdtc.exe also now blocked, never before. Not even in PG Protection or Security lists.

    Based on this info from WinPatrol Plus
    , I decided to add it to PG protection list.
    First tried Authorize to Read (only)
    and
    Protect from Termination, Modification - the defaults
    (Still those settings.)

    Upon reboot, msdtc.exe appeared in PG Security list as 'Permit Always'.
    I had put PG in Learing Mode prior to making entry, rebooting.
    Have left msdtc.exe at 'Permit Always' for now.


    After setting procguard driver startup type from automatic to system and first reboot:

    ---ProcessGuard 3.200 Log Started---
    15:06:06 [EXECUTION] "c:\windows\system32\msdtc.exe" was blocked from running
    [EXECUTION] Started by "c:\windows\system32\services.exe" [936]
    [EXECUTION] Commandline - [ c:\windows\system32\msdtc.exe ]
    15:06:10 [EXECUTION] "d:\dprogramfiles\eset\nod32krn.exe" was blocked from running
    [EXECUTION] Started by "c:\windows\system32\services.exe" [936]
    [EXECUTION] Commandline - [ "d:\dprogramfiles\eset\nod32krn.exe" ]
    ....


    After above, add msdtc.exe as further above, another reboot:

    ---ProcessGuard 3.200 Log Started---
    15:16:41 [EXECUTION] "c:\windows\system32\msdtc.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [940]
    [EXECUTION] Commandline - [ c:\windows\system32\msdtc.exe ]
    15:16:46 [EXECUTION] "d:\dprogramfiles\eset\nod32krn.exe" was allowed to run
    [EXECUTION] Started by "c:\windows\system32\services.exe" [940]
    [EXECUTION] Commandline - [ "d:\dprogramfiles\eset\nod32krn.exe" ]
    ...


    In both boots, msdtc.exe, nod32krn.exe first two entries.
    Appears Nod32 dependent on msdtc
     
  5. billaku

    billaku Registered Member

    Joined:
    Oct 16, 2005
    Posts:
    67
    Location:
    Texas Central Coast, US
    Read the Help File First

    Glad when did as in above post did not get BSOD.

    Read pertaining help file after-the-fact.

    Here is what it says: For Advanced Users
    Yup - sure did then detect msdtc.exe which it had not before - and blocked it - which blocked nod32krn.exe (kernel-type anti-virus .exe)
    from loading.

    Taken care of per info in Help File - before reading Help File - :blink:
     
  6. new user

    new user Guest

    Glad it worked out for ok you billaku,but i still dont know how you got it,i do the following:-

    Start | Control Panel | System | Hardware | Device Manager | View | Show hidden devices | View | Devices by type (by connection is same result)
    | procguard (double click) |

    i have three tabs,
    general- says this device is working properly/enabled
    driver- says about driver provider,date version etc. three buttons- details (says no files are required or have been loaded for this device),update driver,rollback,uninstall
    details- says device instance id - root\legacy_procguard\0000

    Nowhere does it say startup type.
     
  7. billaku

    billaku Registered Member

    Joined:
    Oct 16, 2005
    Posts:
    67
    Location:
    Texas Central Coast, US
    Is your WinXP the Pro or Home?

    If Home - that could be the difference?
     
  8. rickontheweb

    rickontheweb Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    129
    I'm on XP home and saw this advanced trick in the help file yesterday for the 1st time myself.

    It works like a charm for me. It does indeed load much earlier.

    On my XP Home machine after showing hidden devices, under Non-Plug and Play Drivers, on the second tab for procguard properties, the option to change the Startup from Automatic to System is right there as the help file indicated.
     
  9. new user

    new user Guest

    I have xp home,does anyone elses say that the driver is unknown,date and version are not available,and it is not digitally signed? maybe i need to reinstall?
     
  10. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    It still sounds like you are on a different version ! Are you perhaps logged in as a limited user ? are you on a Windows NT domain ?
     
Thread Status:
Not open for further replies.