To DCS, Can you help?

Discussion in 'ProcessGuard' started by Free@Last, Nov 7, 2004.

Thread Status:
Not open for further replies.
  1. Free@Last

    Free@Last Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    20
    Hello to all, I have been having trouble with Norton Internet Security 2k4, yesterday after reading and studying the help file included with PG3 Full ver, I ran all programs did the two reboots and PG was in the taskbar in it's blue locked state. In the "Main Tab" area, I had everything checked. So I went online (dial-up) walked away for a few minutes & came back to notice no NIS 2k4 in the taskbar, it was there when I connected, also Trojanhunter Guard Icon dissapeared from the taskbar too, even when offline. As a user of PG2 I never had these problems & found it easier to use & set-up.
    I don't know how to put up a screen shot of what's on the "Protection" tab, so can anyone tell me how & I'll post it here. For the security experts, maybe you can have a look see & tell me of changes needed/added etc..It would be very much appreciated.
    WinXP Pro SP2 & all updates to all programs.
    I'm starting to get the impression that an extreemly small # of posters really know how to set up a system as secure as it can be usingPG. Perhaps I'll change my mind if I see "experts" posting screen shots of their WinXP Pro/Home set-ups & see the rest of the experts agree with the set-up being displayed. I'm not talking of every single program on their system, just what comes with every installation of XP. After that, those of us that don't have the experience or time to guess on how to set everything up right & perhaps making our systems no more secure or less if that's possible, can ask how to set-up programs such as NIS, Trojanguard, TDS-3, PortExplorer, I.E., Mail, Anti-spyware type programs, other browsers, Windows Media Player type programs, & on & on the right way.

    If this post seems a bit angry, it's because I am. I want to learn, but I'll be the first to admit I need assistance. Posting set-ups like I mentioned above by those that consider themselves experienced in security programs like PG3 and properly setting it up for XP Pro/Home/Win2000 etc would benifit a enough PC challenged folks such as myself a great deal, you would also earn a lot of respect doing it.
    Come on experts, show us how. I don't want to hear about "everybody's systems are different" Start with XP Home/Pro it's most likely what you're using too.

    I'll give this a couple of days before checking on the results of my plea to the experts, then check back.

    Thank You all
     
    Last edited by a moderator: Nov 8, 2004
  2. Free@Last

    Free@Last Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    20
    I've was having the same problems with Trojanhunter where nothing showed up except the white background where there should be information, just as Atomas31 has mentioned. It also happens when I go to the taskbar & right click on NIS 2K4 to select "Log Viewer", although several programs have not only shown the white background, I couldn't close them either. PG3 didn't ask for the code to comfirm closing the apps, nothing. I tried closing using the top left corner of the open window & the x in the upper right, nothing, nada.

    I left a message to those much more experienced than I yesterday asking for help, but so far, not one response. Perhaps it was the tone of my post, if so please accept my appology. I have since uninstalled PG3 until all the problems I'm having with it can be sorted out.

    At this point, I have to give PG3 a thumbs down. It's setup and configuring may come easier to some or most posters here, but I'm having a really hard time getting it to work with my computer setup. I don't want to give the folks at DCS the impression that I'm just a complainer or too lazy to take the time, that's not the case. I freely admit I'm way over my head with this program.

    To DCS, I purchased TDS-3, Port Explorer, WormGuard and PG, I can have nothing but good things to say about your other products, but PG3 is far too difficult for me to configure. Even after reading as many posts on it as I could find, trying the suggested setups that others use with success, still programs are "not responding" such as NIS2K4 & TrojanHunter which seem to be the main problems.
    After finally thinking yesterday that I had these two programs set-up properly & going online I found out the hard way that my system was left unprotected. After over an hour online (dial-up) I disconected, as soon as I did the Trojan Guard Icon & NIS Icon disappeared, so was my system open to attacks etc? I suspect it was. I scanned it with TDS, TrojanHunter, NAV, Spysweeper, and nothing was found, but as PG3 says, could a "Rootkit" have been intsalled into my system since NIS was most likely not running or my system picked up some other nasty code that these programs may not find?

    I'll add a little more info on my system in a bit.

    Thanks
     
    Last edited by a moderator: Nov 8, 2004
  3. Free@Last

    Free@Last Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    20
    I don't seem to be getting any help on this forum when adding my problems to related posts so I'll try a seperate post as a last attempt.

    ~Links removed and referenced posts placed above....Bubba~

    Here's a list of my programs

    Ad-Aware SE Personal 2.9 MB
    Adobe Acrobat 5.0 5.0 16.0 MB
    ATI - Software Uninstall Utility 6.14.10.1008 Unknown
    ATI Control Panel 6.14.10.5103 15.2 MB
    ATI Display Driver 8.01-040421a-015419C-ATI Unknown
    Belarc Advisor 6.1 Unknown
    CC_ccProxyMSI 2.1.1.700 Unknown
    CC_ccStart 2.1.1.700 Unknown
    ccCommon 2.1.1.700 Unknown
    CCleaner (remove only) 972.0 KB
    DiamondCS Port Explorer v2.000 1.3 MB
    DiamondCS TDS ExecProt Module Unknown
    DiamondCS TDS-3 8.1 MB
    DiamondCS WormGuard Hook 600.0 KB
    DiamondCS Wormguard 600.0 KB
    Easy CD Creator 5 Basic 5.3.4.21 24.4 MB
    EPSON Printer Software Unknown
    Eraser 5.7 3.1 MB
    Free Internet Eraser 2.05 708.0 KB
    Hercules Crystal Sound Cards 2.1 MB
    IrfanView (remove only) 1.2 MB
    J2SE Runtime Environment 5.0 1.5.0 71.8 MB
    LiveReg (Symantec Corporation) 2.4.2.2295 2.0 MB
    LiveUpdate 2.5 (Symantec Corporation) 2.5.55.0 4.8 MB
    Microsoft Baseline Security Analyzer 1.2.1 1.2.4013.0 3.7 MB
    Microsoft Office 2000 SR-1 Small Business 9.00.9327 55.6 MB
    Mozilla (1.7.3) Unknown
    MRU-Blaster v1.5 (Database 3/28/2004) 1.5 1.4 MB
    MSRedist 1.0.0.0 Unknown
    Norton AntiSpam 2004.1.0.147 Unknown
    Norton AntiSpam 2004.1.0.147 Unknown
    Norton AntiVirus 10.00.10 Unknown
    Norton Ghost 76.00.775 60.3 MB
    Norton Internet Security (Symantec Corporation) 7.0.3.8 22.0 MB
    Norton Internet Security 5.2.1.207 Unknown
    Norton Internet Security 7.0.3.8 Unknown
    Norton Internet Security 7.0.3.8 Unknown
    Norton Internet Security 7.0.3.8 Unknown
    Norton Internet Security 7.0.3.8 Unknown
    Norton Internet Security 7.0.3.8 Unknown
    Norton Internet Security 7.0.3.8 Unknown
    Norton Internet Security 7.0.3.8 Unknown
    Norton Internet Security 7.0.3.8 Unknown
    Norton WMI Update 2005.1.2.20 2.0 MB
    PerfectDisk 6.00.34 6.8 MB
    Script Sentry 428.0 KB
    Spy Sweeper 3.2 4.8 MB
    Spybot - Search & Destroy 1.3 1.3 9.3 MB
    SpywareBlaster v3.2 3.2.0 2.4 MB
    Symantec Network Drivers Update 5.4.3.11 Unknown
    Symantec Script Blocking Installer 1.0.0 Unknown
    TrojanHunter 4.0 4.0 9.1 MB
    WebFldrs XP 9.50.5318 Unknown
    Windows XP Hotfix - KB834707 20040929.110854 Unknown
    Windows XP Service Pack 2 20040803.231319 Unknown
    WinPatrol 480.0 KB
    WinZip 9.0 SR-1 (6224) 5.0 MB


    Computer Name: Userpc

    Windows Logon:




    Operating System System Model
    Windows XP Professional Service Pack 2 (build 2600) ECS L7VMM3 3.1
    Processor a Main Circuit Board b
    1.67 gigahertz AMD Athlon XP
    128 kilobyte primary memory cache
    256 kilobyte secondary memory cache Board: ECS L7VMM3 3.1
    Bus Clock: 133 megahertz
    BIOS: American Megatrends Inc. 07.00T 04/02/01
    Drives Memory Modules c,d
    80.02 Gigabytes Usable Hard Drive Capacity
    76.26 Gigabytes Hard Drive Free Space

    NEC CD-ROM DRIVE:28D
    PLEXTOR CD-R PX-W4824A [CD-ROM drive]
    3.5" format removeable media [Floppy drive]

    WDC WD800JB-00FMA0 [Hard drive] (80.03 GB) -- drive 0, s/n
    WD-WCAJ91563529, rev 13.03G13, SMART Status: Healthy 512 Megabytes
    Installed Memory

    Slot '0' has 256 MB
    Slot '1' has 256 MB
    Slot '2' is Empty
    Slot '3' is Empty
    Local Drive Volumes

    c: (on drive 0)80.02 GB76.26 GB free

    Network Drives
    None detected
    Users Printers
    local user accountslast logon
    11/8/2004 11:53:20 AM(admin)
    local system accounts
    Administratornever(admin)
    Guestnever
    HelpAssistantnever
    SUPPORT_388945a0never


    EPSON Stylus COLOR 640on LPT1:


    Controllers Display
    Standard floppy disk controller
    Primary IDE Channel [Controller]
    Secondary IDE Channel [Controller]
    VIA Bus Master IDE Controller RADEON 8500 SERIES [Display adapter]
    ViewSonic A90f+ [Monitor] (17.7"vis, s/n 351041051514, March 2004)
    Bus Adapters Multimedia
    VIA Rev 5 or later USB Universal Host Controller
    VIA Rev 5 or later USB Universal Host Controller
    VIA Rev 5 or later USB Universal Host Controller
    VIA USB Enhanced Host Controller Hercules (R) Game Port
    Hercules Gamesurround Fortissimo(tm) II
    Hercules Gamesurround Fortissimo(tm) II WDM Interface
    Communications Other Devices
    U.S. Robotics 56K Fax Win [Modem]
    RAS Async Adapter Standard 101/102-Key or Microsoft Natural PS/2
    Keyboard
    Microsoft USB Wheel Mouse Optical
    PS/2 Compatible Mouse
    USB Root Hub
    USB Root Hub
    USB Root Hub
    USB Root Hub
    Virus Protection
    Norton AntiVirus Version 10.00
    Virus Definitions Version 11/4/2004 Rev 18
    Last Disk Scan on Monday, November 08, 2004 1:35:36 AM
    Realtime File Scanning On

    Installed Microsoft Hotfixes
    Internet Explorer
    SP2 (SP2)
    Windows XP
    SP2
    KB811113[SP] on 10/2/2004
    SP3
    KB834707 on 11/4/2004










    Microsoft - Internet Explorer

    Microsoft - MediaPlayer
    Microsoft - Office 2000 SR-1 Small
    Business
    Microsoft - WebFldrs XP
    Microsoft - Windows XP Professional

    Symantec Corporation - MSRedist1
    Symantec Corporation - Norton AntiSpam1
    Symantec Corporation - Norton AntiVirus1
    Symantec Corporation - Norton Internet Security1
    Symantec Corporation - Norton WMI Update1

    Software Versions [Back to Top]
    Adobe Acrobat Reader Version 5.0.5.0 *
    ATI External Event Utility for WindowsNT and Windows9X Version
    6.14.4100.01 *
    ATI Smart Version 5.13.0020 *
    Belarc, Inc. - BelManage Client Version 6.1f *
    BillP Studios - WinPatrol Explorer Version 8.0.1.0 *
    BillP Studios - WinPatrol Monitor Version 8.0.1.0 *
    Cinematronics - 3D Pinball Version 5.1.2600.2180 *
    Company - CCleaner Version 1.13.0068 *
    Diamond Computer Systems Pty. Ltd. - Radius Update Version 1.00 *
    Diamond Computer Systems Pty. Ltd. - TDS-3 Version 3.20 *
    Diamond Computer Systems Pty. Ltd. - WormGuard Scan Module Version
    1.00 *
    DiamondCS Port Explorer Version 2.000 *
    DiamondCS WormGuard Configuration Edito Version 2.00 *
    Eraser Version 5.7 *
    Free Internet Eraser *

    Inno Setup Version 51.13.0.0 *
    InstallShield unInstaller Version 2.20.924.0 *
    IrfanView Version 3.92 *
    Jason's Toolbox - Script Sentry Version 2.07.0001 *
    Jason's Toolbox - ScriptSentryTester Version 2.00.0009 *
    Jordan Russell - Inno Setup Uninstaller Version 51.7.0.0 *
    Lavasoft Ad-Aware SE VI.Second Edition *
    Microsoft (r) Windows Script Host Version 5.6.0.8820 *
    Microsoft Baseline Security Analyzer Version 1.2.1 *
    Microsoft Corporation - Internet Explorer Version 6.00.2900.2180 *
    Microsoft Corporation - Windows Installer - Unicode Version
    3.0.3790.2180 *
    Microsoft Corporation - Windows Movie Maker Version 2.1.4026.0 *
    Microsoft Corporation - Windows® NetMeeting® Version 3.01 *
    Microsoft Corporation - Zone.com
    Microsoft Data Access Components Version 3.525.1117.0 *
    Microsoft Office 2000 Version 9.0.8216 *
    Microsoft(R) Windows Media Player Version 9.00.00.3250 *
    Mischel Internet Security - TrojanHunter Guard Version 1.0.0.0 *
    Mischel Internet Security - TrojanHunter LiveUpdate Version 1.0.0.0
    * Mischel Internet Security - TrojanHunter Version 3 *
    Mozilla Version 1.7.3: 2004091008 *
    MRU-Blaster Scheduler Version 1.01.0001 *
    MRU-Blaster v1.5 Version 1.05.0009 *
    PepiMK Software - Spybot - Search & Destroy Version 1, 3, 0, 12 *
    Raxco Software, Inc. - PDEngine Module Version 6, 0, 0, 34 *
    Raxco Software, Inc. - PDSched Module Version 6, 0, 0, 34 *
    Raxco Software, Inc. - PerfectDisk Module Version 6, 0, 0, 34 *
    Raxco Software, Inc. PDCmd Version 6, 0, 0, 34 *
    RegCleaner The same as the FileVersion *
    Roxio - DirectCD Version 5.3.5.10 *
    Roxio - Easy CD Creator Version 5.3.5.10 *
    Safe XP Version 1.0 *
    Safer Networking Limited - SpyBot-S&D Version 1, 3, 0, 12 *
    SpywareBlaster AutoUpdate Version 3.02 *
    SpywareBlaster Version 3.02 *
    Sun Microsystems, Inc. - Java(TM) 2 Platform Standard Edition 5.0
    Version 1.5.0.0 *
    Sun Microsystems, Inc. - Java(TM) 2 Platform Standard Edition
    Version 1.5.0.0 *
    Symantec AntiVirus AutoProtect Version 9.2 *
    Symantec Core Component Version 1, 8, 48, 79 *
    Symantec Corporation - Common Client Version 2.1.3.4 *
    Symantec Corporation - Norton AntiVirus Version 10.00.2 *
    Symantec Corporation - Norton Ghost Explorer Version 2003.775 *
    Symantec Corporation - Norton Ghost Start Service Version 2003.775 *

    Symantec Corporation - Norton Internet Security Version 7.0 *
    Symantec Corporation - Norton Security Center Version 2005.1 *
    Symantec Integrator Version 6.6.700 *
    Symantec ScriptBlocking Version 1, 1, 1, 131 *
    Symantec Security Drivers Version 5.4 *
    Symantec Shared Components Version 3.0 *
    Tiger-IT.de - xp-AntiSpy Version 3, 9, 2, 0 *
    U.S. Robotics Corporation - U.S. Robotics Modem .

    Webroot Software, Inc. - Spy Sweeper Version 3.2 *
    WinImage Self Extractor file Version 6.10.6100 *
    WinZip Version 9.0 SR-1 (6224) *


    I tried setting PG3 up according to what other people here have reported works, but still no good.
     
    Last edited by a moderator: Nov 8, 2004
  4. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Hey Free@Last,

    I have merged the 2 posts you were linking to....into this thread....to make it somewhat easier for others to attempt to help you.

    Good Luck
     
  5. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Huh? Have you deleted those other two posts as I cannot see them now using your links?

    Edit: They are back - It was you Bubba - I was about to do the same thing :)

    I can remember most of it, No I doubt you have a rootkit unless you went on to some dodgy sites in the hour you think that you were not protected.

    Do full scans with your AV AT Anti-Spyware etc. so that your system is as clean as possible.

    Anyway, Try this please. Disable PG, Uninstall ProcessGuard & remove the .dat files from the \windows\system32 folder - Reboot
    Use Wormguard's remove function to stop it, disconnect from the internet or disable all traffic in your firewall, close down your AV /AT and any other resident programs especially Trojan Hunters guard.
    Re-install PG reboot, re-enable any of your resident software that requires it such as WG.
    Run all of your programs. Reboot. Add the four general tabs, and reboot again, you should now be out of learning mode. Watch for any alerts and make any changes to the Allows as indicated by the alert log.

    If this fails I am at a loss as to why ProcessGuard will not work on your system but DCS may have some ideas.

    HTH Pilli
     
  6. Free@Last

    Free@Last Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    20
    Pilli
    I haven't been to any of the types of sites one would expect potential trouble. I have done full scans of the system with TDS-3, TrojanHunter, NAV, Spysweeper, Spybot, Ad-Aware & all appear clean.

    Thanks for the tips, I try them & post back.
     
  7. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    That's good :) Just don't hurry it let learning mode do the work for you. I notice in another thread that a user did get over the TH problems, so maybe it is best that you disable the TH guard until everything else is running smoothly, also do not run two Resident AV's or AT's together as this could cause conflicts, Use just one resident AT & one resident AV.

    All the best. Pilli.
     
  8. Free@Last

    Free@Last Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    20
    Pilli,

    Well, I have been working on getting it to work for many hours & it just doesn't work.

    I have followed all instructions, went over the help file several times, checked many issues others have had on this board.

    I made sure I followed all the proper proceedures before, and after installation. The only A/V I have on the system is NAV which is part of NIS2k4.

    The Trojanhunter Guard did finally seem to stay active in the Taskbar, but after trying to get NIS to load at boot-up too many times to count I've had enough.

    Also, another problem started that I had not seen yesterday, after the second reboot, PG's behaviour was unpredictable, after a reboot the Icon would go back to "Learning Mode" on its own, next reboot it would be in the "Locked" state without any intervention, this erratic behaviour continued.

    While in "Learning mode" I went over every program I have, also went through all files in NIS's directory to make sure I didn't miss anything, as well I did the same in Symantec's directory.

    I'm too tired to do any more. I give up!!!!!! It would take me less time to do a clean install or use an image from Ghost if I did get hacked.

    Any files I need, e-mail etc I scan with TDS, NAV etc and back them up as well. So it's damn the torpedos full steam ahead as far as I'm concerned, no program should be this troublesome. PG2 caused no problems at all, although I know it had a security issue I read about somewhere that it could be successfully attacked or something like that, too tired now to remember exactly.

    So, PG3 is off my system, deleted the sys32 files, program folders & reg entries. All programs are working again. Thanks for the help pilli.

    For anyone who may read this at DCS, did any of the beta testers happen to be using NIS2k4? Considering Symantec's products such as NAV & NIS are among the most used security products in North America for home pc users, I can't understand how this problem didn't crop up at some point.

    If you have the time to go over my previous post where I list my systems programs, you can see that most of them are used by millions online. Very common programs.

    PG3 is needlessly complex in my opinion to set-up for what it's intended use is. In my case, I've spent many hours working with it.

    Considering the amount of exe's, dlls, that are in my system that should be protected and mulitply the various combinations that are possible in the set-up. Just NIS alone has a lot, to say the least.

    How many people beta tested this? For how long?

    I know your main market is North America & the fact is, NIS2K4 was one of the most used products by many potential DCS home customers here during your beta testing. If I had no experience with your products or similar, then I would easily see how I might have made a mistake, but as I said, I had no problems with PG2 or any other online security program I've used in the past.

    There's an old navy saying which in my case suits PG3, It's as useful as a screen door on a sub.


    My rants over for tonight.
     
    Last edited: Nov 9, 2004
  9. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Free@Last - Hi! And sorry to hear you're having problems!

    Have been running TH Guard resident here since before PG final v.3.0 came out (running v.3.0 final now). Never any problems/conflicts with it. The Guard never fails to appear and stay on at boot, the scanner scans, clicking on "Help"/"Technical Support" from within the main TH interface opens up the tech support page in IE just like it's supposed to.

    We're running the same OS (including Service Pack 2). I'll be happy to post a screenshot of my PG settings for both trojanhunter.exe and thguard.exe if it'll help.

    It's about all I can do since I'm not experiencing any of the problems you are, though. HTH Pete
     

    Attached Files:

  10. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    And the second one.
     

    Attached Files:

  11. Free@Last

    Free@Last Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    20
    spy1,

    Thanks very much for the help. Much appreciated, but I tried that config & it didn't work.

    Thanks again though.
     
  12. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    (Installed Microsoft Hotfixes)
    NETFramework
    1.1
    S867460 on 9/15/2004 (details...)
    DataAccess
    KB870669 (details...)
    Q832483 on 3/22/2004 (details...)
    Internet Explorer 6
    SP1
    KB834707-IE6SP1-20040929.091901 on 10/12/2004 (details...)
    Internet Explorer
    SP2 (SP2)

    (Software Licenses)
    Windows Media Player
    Q828026 (details...)
    WM817787 (details...)
    WM819639 (details...)
    SP0
    Q828026 on 2/11/2004 (details...)
    Windows XP
    SP2
    KB811113[SP] on 10/24/2004 (details...)
    (Software Versions)
    aaasoft - Tracks Eraser Plugin Maker Version 1.00 *
    Acesoft - AUTOCOMP Version 1.00 *
    Acesoft - File Shredder Version 1.00 *
    Acesoft - Tracks Eraser Pro Version 5.00 *
    Adobe Reader Version 6.0.1.2003110300 *
    Alexander Roshal - Process RAR, ZIP and other archive formats *
    America Online, Inc. - AOL Instant Messenger Version 5.5.3595 *
    American Power Conversion Corporation - APC PowerChute Personal Edition Version 1, 5, 0, 0 *
    Astonsoft DeepBurner Version 1.1 *
    Automatically Configure the Browser *
    a² StartCenter *
    Belarc, Inc. - BelManage Client Version 6.1 *
    Binary Visions Inc. - PortPeeker Version 2.5.0.0 *
    ButtUglySoftware - CleanCache Version 2.17.1754.13675 *
    Cerulean Studios Trillian Version 1, 0, 0, 1 *
    Cinematronics - 3D Pinball Version 5.1.2600.2180 *
    Company - CCleaner Version 1.14.0072 *
    Compaq Computer Corporation STARTEAK Version 6, 0, 0, 649 *
    CopyPath Version 1, 0, 0, 0 *
    Create Nuke Boot Disk Version 6.10.6100 *
    Definitive Solutions, Inc. - BHODemon 2.0 Version 2.0.0.20 *
    Diamond Computer Systems Pty. Ltd. - Radius Update Version 1.00 *
    Diamond Computer Systems Pty. Ltd. - TDS-3 Version 3.20 *
    Diamond Computer Systems Pty. Ltd. - WormGuard Scan Module Version 1.00 *
    DiamondCS - ProcessGuard User Alerting Application v3.000 *
    DiamondCS - ProcessGuard v3.000 *
    DiamondCS Port Explorer Version 2.000 *
    DiamondCS Usermode Aspect v3.000 *
    DiamondCS WormGuard Configuration Edito Version 2.00 *
    DLLArchive *
    DLLArchive Updates *
    Download Driver *
    eCOSM - MailWasher Version 1.0.0.0 *
    Eraser Version 5.7 *
    ewido networks - guard Version 3, 0, 0, 1 *
    Gabest - Media Player Classic Version 6, 4, 8, 2 *
    Gibin Software House (http://www.gibinsoft.net) - GiPo@MoveOnBoot Version 1, 9, 5, 0 *
    GTek GtCDTool Version 1, 0, 0, 1 *
    Hewlett-Packard - ICE 1.1 Version 1,2,0,40 *
    Hewlett-Packard Co. - hp digital imaging - hp all-in-one series Version 002.000.000.138 *
    Hewlett-Packard Co. - hp digital imaging - hp all-in-one series Version 2.4.1.021 *
    Hewlett-Packard hpotdd01 Version 1, 0, 0, 1 *
    hp hpqwrg Version 4, 2, 10, 170 *
    HP PML Version 6, 0, 0, 0 *
    Hpi_Prnt Application Version 2.0.0.126 *
    ID-Blaster Plus Version 2.00 *
    Inno Setup *
    Internet Explorer Version 1.00 *
    JAP *
    javaw.exe *
    javaws.exe *
    Karen's Power Tools Version 1.07.0001 *
    Karen's Power Tools Version 3.04 *
    Kevin Solway - Control3 File Manager Version 1.7.1.10 *
    Kroll Ontrack Inc. - MaxBlast 3 Version 3.5.01.11 *
    Lavasoft Ad-Aware SE VI.Second Edition *
    Microsoft (R) .NET Framework Version 1.1.4322.2032 *
    Microsoft (r) Windows Script Host Version 5.6.0.8820 *
    Microsoft Baseline Security Analyzer Version 1.2.1 *
    Microsoft Corporation - Internet Explorer Version 6.00.2900.2180 *
    Microsoft Corporation - Windows Installer - Unicode Version 3.0.3790.2180 *
    Microsoft Corporation - Windows Movie Maker Version 2.1.4026.0 *
    Microsoft Corporation - Windows® NetMeeting® Version 3.01 *
    Microsoft Corporation - Zone.com Version 1.2.626.1 *
    Microsoft Data Access Components Version 3.525.1117.0 *
    Microsoft Windows Media Player Version 6.4.09.1125 *
    Microsoft(R) MSN (R) Communications System Version 7.02.0005.2202 *
    Microsoft(R) Windows Media Player Version 10.00.00.3646 *
    Microsoft® Calculator Plus Version 1.0 *
    Microsoft® Windows(TM) Shell PowerToys Version 96.02.06 *
    Mirek Wojtowicz - MWSnap 3 Version 1.0.0.0 *
    Mischel Internet Security - TrojanHunter Guard Version 1.0.0.0 *
    Mischel Internet Security - TrojanHunter LiveUpdate Version 1.0.0.0 *
    Mischel Internet Security - TrojanHunter Version 3 *
    MJLSoftware - FireLogXP Version 1.1.1.0 *
    MooSoft Development - TC Monitor Version 2.1.0.0 *
    MooSoft Development - TCActive Version 3.1.0.0 *
    MooSoft Development - The Cleaner Professional Version 4.1.0.0 *
    MooSoft Development LLC - TC Mode Changer Version 1.0.0.0 *
    MooSoft Live Update Version 2.0.0.0 *
    Mozilla - Firefox Version 1.7.3: 2004091322 *
    MRU-Blaster Scheduler Version 1.01.0001 *
    MRU-Blaster v1.5 Version 1.05.0008 *
    MUSICMATCH Jukebox Version 8.20.0130 *
    NeoPlanet NdaLoader Version 1, 0, 0, 614 *
    NeoPlanet RBA Version 1, 0, 0, 653 *
    NOD32 *
    NOD32 Control Center *
    NOD32 Kernel Service *
    NVIDIA Driver Helper Service, Version 52.16 Version 6.14.10.5216 *
    Opera Internet Browser Version 7.60 *
    PANTERASoft - HDD Health Version 2.1 *
    PC Wizard Version 2004, 1, 6, 3 *
    PCtel, Inc. - PCTSPK.EXE Version 4.00 *
    PepiMK Software - Spybot - Search & Destroy Version 1, 3, 0, 12 *
    PGP Version 8.1 *
    PGPsdk Version 3.2.2 *
    Privacy Scanner Version 5.00 *
    Private - ADEMA Version 1.00 *
    Process Kill Demo *
    Qsc - GP-Install Version 5.0 *
    Rudy Alex Kohn - Nasty File Remover Version 0.07.0002 *
    Safer Networking Limited - SpyBot-S&D Version 1, 3, 0, 12 *
    ShadowStor Corporation - ShadowUser Pro Edition Version 1, 0, 0, 24 *
    ShadowStor, Inc. - ShadowUser Pro Edition Version 2, 5, 0, 0 *
    Shortcut to cookiem.exe *
    SlavaSoft Inc. - HashCalc Version 2, 0, 0, 0 *
    Software Dungeon - cm Version 1.00 *
    SpyBlocker Version 8.01 *
    SpywareBlaster AutoUpdate Version 3.02 *
    SpywareBlaster Version 3.02 *
    SpywareGuard LiveUpdate Version 2.02.0001 *
    SpywareGuard Version 2.02.0001 *
    spywarescanner Application Version 1, 0, 0, 1 *
    srmclean *
    Startup Inspector for Windows Version 2.08 *
    SunJavaUpdateSched *
    The Nth System - NecroFile Version 0.87.2000 *
    The Nth System - SafeTnet - NecroFile Component Version 1.00 *
    Tiger-IT.de - xp-AntiSpy Version 3, 9, 0, 1 *
    TODO: Version 1.0.0.1 *
    Ur I.T. Mate Group - idsuite.exe Version 2.07.0001 *
    WinZip Version 9.0 SR-1 (6224) *
    Wizards to adjust .NET Framework security, assign trust to assemblies, and fix broken .NET applications. Version 1.0.5000.0 *
    XPSysPad *
    Xteq Systems - X-Setup Pro Version 6 *
     
  13. ReGen

    ReGen Registered Member

    Joined:
    Jan 7, 2003
    Posts:
    61
    Location:
    Scotland UK
    A few of us reported problems with NIS2004 during the early beta versions of PG3. Most of us upgraded to NIS2005 during that period which cleared all the problems. I'm not sure if the latter beta versions fixed the reported problems with NIS2004 or not.

    This is the thread that was created at the time:

    https://www.wilderssecurity.com/showthread.php?t=48560
     
  14. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Thanks for your input Pete & ReGen

    @ ReGen, Interesting that you should mention the upgrade from NIS2004 to NIS2005, I am wondering if NIS2005 also included updates with regards to XP SP2 as many low level working programs including ProcessGuard needed modification to be compatible.

    @ Free@Last, I am sorry to hear that you have been unsuccessful installing ProcessGuard :( Many of the beta testers used Norton products of all flavours and much work was spent debugging various problems.

    Anyway, hopefully DCS will drop by and have some other ideas.

    Pilli
     
  15. Jason_DiamondCS

    Jason_DiamondCS Former DCS Moderator

    Joined:
    Nov 11, 2002
    Posts:
    1,046
    Location:
    Perth, Western Australia
    Until we can get a copy of NIS2004 we won't be able to do any testing in regards to that. If NIS2005 works then you would have to assume they fixed something, and knowing Norton software there would have been a few thousand fixes. :)

    I can't really see any solution to the problem with NIS2004 (besides uninstalling either product) if you have disabled all of ProcessGuard's protection and just the fact that ProcessGuard is on the system as the reason that the Norton firewall stops working. It doesn't really make much sense to me. It points to a problem with NIS2004 from my perspective but if I can manage to get a copy of NIS2004 I will be able to provide a more thorough explanation.

    Just because "it worked with ProcessGuard v2.0" doesn't mean you should default to it being a problem with ProcessGuard v3.0, although I won't rule it out as a possibility.
     
  16. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    P.S. - I notice that here, in PG, I have to allow thguard.exe to "Modify protected applications" if I don't want it to fill up the PG log with alerts.

    I'm not actually sure why it needs to "modify protected applications" (or what exactly it's trying to modify in those applications), but there ya' go.

    Have you given your Norton stuff "Modify protected applications" privileges? Or, seen any PG log entries in relation to that function regarding Norton? Pete
     
  17. Bowserman

    Bowserman Infrequent Poster

    Joined:
    Apr 15, 2003
    Posts:
    510
    Location:
    South Australia
    This part of Trojan Hunter's protection. A thread that contains info is here.

    Regards,
    Jade.
     
  18. Chris12923

    Chris12923 Registered Member

    Joined:
    May 31, 2004
    Posts:
    1,097
  19. Free@Last

    Free@Last Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    20
    ReGen, I went through the thread & these are the exact problems I have been having. So this was a known issue that was not resolved.

    Since it was obvious by DCS that customers who would be upgrading to PG3 would be very likely to encounter this, I would say that at the very least it would have shown consideration to make it known before downloading & installing PG3.

    A small message in the e-mail notification I recieved regarding the new version & it was ready for download. A brief notice stating something like, (please be aware that during all beta testing, we at DCS were unable to resolve an issue(s) between NIS2K4 & PG3, we are continuing to try & fix this problem in our labs along with Symantec, we can't promise a fix but are doing everthing we can & will keep you updated on any progress or lack of same. Thank You for your trust in DCS. Not a great deal of effort would have been involved in my opinion. And it would have saved me many hours of frustration.

    Anyway, thanks very much for the link, it opened my eyes.

    Jason,

    NIS may not be your cup of tea, but all one has to do is read the monthly reports which can be found for instance at the office of homeland security that sends out e-mail frequently to subscribers on which OS's. programs etc have security issues & if there are updates which fix the problems or not.

    Lately Kav, Kerio, NOD, & even not too long ago your own PG2 all had at least one known problems not to mention the dozens of others found to have critcal issues each month & that's only the ones reported.
    So I don't find it funny knocking another company & my choice of firewall/AV when you can't deny PG2 also has at least one critical flaw. Also considering the size of PG2 compared to NIS I would say you seem to be like the pot calling the kettle black. Same thing just different.

    Also, when I said I had no problems with PG2 & NIS2K4 I was stating a fact, not automatically assuming PG3 was the problem, how could I rationally come to that conclusion? I'm not a security Guru & have no interest in becoming one. That's what I paid DCS for, I paid you folks to make my system more secure. In a way, I and every other DCS customer is your employer, without us there would be no DCS.

    Most of us have heard of the term "backward compatibility", I wouldn't expect PG3 to work flawlessly or at all with NIS 2001/2002 etc, but NIS 2K4 was THE current Symantec Product during most of your beta test.
    Geez, I'm beginning to feel like I'm dealing with a car salesman after the sale & now that I have a problem I being givin the crap end of the stick.
    BTW, did you try and download a trial of NIS2K4 from the link Chris12923 gave you? I'm sure there are lots of ways to find a copy.

    Spy1, you bet, I tried everything you've mentioned.

    Bowserman, I assumed when setting up TH that that would be the proper config, I did seem to get TH to work properly (then again, it could have just been an act of GOD).

    Again, I appologize to all, I am not usually as ill tempered as I appear. I put roughly 10 hours into PG3 yesterday alone, without success trying to make it & NIS2k4 kiss & make up. :)

    Chris12923, Thanks a lot for the link, very thoughtful of you to take the time on my behalf.

    Anyway, as I said yesterday, PG3 is off my system, hopefully not for good but it's not looking good, nor did the reply from DCS. I'm not about to spend the cash for NIS2K5 when 2k4 works fine, perhaps a few months from now if I read reliable reports that the improvements made are worth the expenditure. It's not like 2k4 isn't up to the job or is old, 2k5 has only been out for a month, I'll let others beta test it for me first.
    Me thinks there's something to be learned here & it ain't nice.
     
    Last edited: Nov 9, 2004
  20. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,040
    Hi Free@last

    I also am sorry you are having the problems. I went thru something similiar back at version 1.2 got involved and thats how I ended up beta testing. To be fair I don't think the car salesman comment was fair. There is a lot of poorly written software out there, and no doubt something like PG can break it.

    It is interesting to note a comparison. You don't want to pay for the upgrade from NIS 2k4 to NIS2k5, and frankly I don't blame you. The cost of upgrades of PG from v1 to v2 to v3 is $0. Also you have been here asking for help, and from what I can see folks are trying to help you. Just curious what help you have received from Symantec.

    Re the link for NIS2004 trial. I haven't downloaded this trial, but is it really the same as the full version. Many aren't.

    Pete (understanding your frustration)
     
  21. AUXHILLARYmikE

    AUXHILLARYmikE Registered Member

    Joined:
    Aug 31, 2004
    Posts:
    12
    Location:
    I live in Crosskeys near Cardiff in Wales. United
    hello.
    I use pg2free and i can appreciate how you feel. I find pg2 invaluable as it can block literally everything, even your AV. I found that pg2/3 will block every program that it hasnt learnt to allow to run. I think you need to uncheck the "block all new and changed programs" box, then try to run the programs your having problems with. You may also have to uncheck the "block drivers and services installing" box also, if it`s the first time your running the program?
    Hope this helps.
    If im way off SORRY?
     
  22. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    Hi all,
    until we hear more from DCS, I think it would be very beneficial if there were reports of either more people having problems with NIS2k4 - or of people where that very NIS2k4 doesn't seem to create an issue. (or both?)

    Since I do agree that probably the user base is fairly large, we should be able to find someone, shouldn't we?

    Come on, Norton users, stop lurking :ninja: :D

    Andreas
     
  23. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    Then, how willing are you to do further tests yourself? I've just read throught the old thread and would like to ask you about both NIS/PG's behaviour in certain situations, but for that, you'd need to spend some more time. I can understand if you don't want to do it, but then it will be harder and possibly take longer until there can be a solution posted.

    (Since I will not be able to respond very quickly in case you do want to try something, I will just tell you the ideas I had: First find out if disabling PG's protection (in PG's user interface) will cure NIS; if it does, find out if disabling the four global protection options, with the rest of the protection being enabled, does help; if so, find out which of the global protection options seems to be the culprit (in the other thread I got the idea it could be "Protect Access to Physical Memory"). Once you have reached the step where it begins not to work anymore, try to make a picture of whether NIS's service or driver is running or not and can be started, paused or stopped (via OS control tools or other utilities). That should at least help to pinpoint the issue. And yes, I'm afraid it does involve lots of reboots.)

    HTH,
    Andreas
     
  24. Free@Last

    Free@Last Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    20
    Hi Peter2150,

    Your right, there are a lot of poorly written programs out there. But to suggest Symantec's NIS2k4 code or whatever has been broken by PG3 would be exteemly hard to prove. You know how it goes, one company blames the other etc etc.

    Also, I have been here asking for help because I'm under the impression that this is the place for PG3 users to seek help with other users & get input from DSC, are there other sites you know of that I can seek the same?

    As to your question on what help I've recieved from Symantec. I didn't know I needed any. NIS is and always has worked without these problems for me. This is begining to remind me of the chicken or the egg routine. All I can say is as a long time Norton customer, up to this point, I have had no reason to ask them for help. Although I have once in awhile checked their website for FAQ's etc if I didn't understand something.

    It just seems weird, I'm running NIS & it's working fine, I install PG3 and NIS no longer works. So that's Symantec's fault?!

    I'm sorry, but if most of those reading this buy that load of poo then I can say without hesitation it's no wonder things never change.

    Can you imagine the phone call to Symantec, ( ME: Hello, I'm running NIS2K4 and it's not working anymore.
    Symantec: What seems to be the problem?
    Me: I installed PG3 and NIS no longer works, so how do I fix it?
    Symantec: Well, NIS was working the way it always has before you installed PG3 right?
    Me: Yes
    Symantec: Well it looks like PG3 broke NIS. You can either delete one program or the other. But why don't you buy the new & improved NIS2k5 because we've totally rebuilt NIS from the ground up & maybe it will work with your new program. Besides how can you expect a program that's called NIS 2004 to work with a program made in 2004?

    It too funny when you think about it. :)


    I just noticed something Jason mentioned in his post, he said

    "I can't really see any solution to the problem with NIS2004 (besides uninstalling either product) if you have disabled all of ProcessGuard's protection and just the fact that ProcessGuard is on the system as the reason that the Norton firewall stops working. It doesn't really make much sense to me. It points to a problem with NIS2004 from my perspective but if I can manage to get a copy of NIS2004 I will be able to provide a more thorough explanation."

    That's not what was happening. If I disabled all of PG3's protection & disabled it, everything worked fine. I didn't have to delete it in order to get NIS working. Just thought I better clear that up.

    Anyway Peter, thanks for the input & the link.

    AUXHILLARYmikE,

    Don't appologize, your trying to help & I appreciate it a great deal. But I tired your suggestion quite early on during my attempts.
    Thank You though.

    Andreas,

    I agree with your first post, where are the NIS2k4 users that I found out were having so many problems during the beta testing? Hmmmm, must have went out & paid $80. or whatever for NIS2k5 & are now happily surfing the web with it & PG3 living happily ever after, that is, until NIS2k6 or PG4. Yikes!!!! This could get expensive.

    As to your second post, I would be very willing to do further tests myself, the problem is that in order to install it again I would have no firewall to converse with you online. It seems really risky to install it knowing I could very well be opening my pc to attacks etc while you try to help. Do you agree?

    You mentioned an idea you had about disabling PG's protection in the user interface, which I tried, at best like I mentioned in one of my other posts, NIS's behaviour was erratic & I also mentioned how PG's behaviour was the same. Also, when I tried what you suggested leaving the rest of the protection enabled it didn't help. I then tried removing one protection at a time in every way I could think of until I was out of ideas. You mention that in the thread you were reading that it could be "Protect Access to Physical Memory", I thought that too and tried it to no avail.

    I'll leave this open for you to give your opinion on wheather I could be sure we could troubleshoot this online givin my past experience with NIS's firewall not running? From my many hours yesterday troubleshooting it, we could be looking at another beta test.

    Thanks Andreas
     
    Last edited: Nov 9, 2004
  25. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    Hi Free@Last,

    To help out, I restored an image of a clean XP SP2 install on a second PC, and installed the NIS2004 trial (from the link above). Running with the default NIS2004 settings, I did a Live Update, rebooted, made sure everything was cool, and then rebooted 2 more times. Then I installed PG3 Final. I rebooted 2 times in learning mode and then enabled all 4 Global Protection Options. Rebooted again. Ran through some commom tasks, browsed, etc. I rebooted 3 more times to check for any errors after startup. I see no problems so far. If you have some error scenarios you want me to try, let me know.

    Nick
     

    Attached Files:

Thread Status:
Not open for further replies.