Unable to Complete Process Guard ver 2.000 Install

Discussion in 'ProcessGuard' started by NormanS, Jun 30, 2004.

Thread Status:
Not open for further replies.
  1. NormanS

    NormanS Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    84
    Upon rebooting after attempting to install Process Guard ver 2.000 on a Widows 2000 Pro dual-boot system, a message pops up stating, "Could not load Process Guard keyfile (procguard.pkf). Please make sure it is in your Process Guard directory before continuing".

    In fact, procguard.pkf is not in the Process Guard directory nor anywhere else.

    I have twice downloaded the install file and done a thorough uninstall between installations. Following uninstall, I have insured that "Procguard.dll" and "Procguard.dll" are no longer installed at C:WINNT\System32; also, I have insured that Procguard.sys is no longer installed at C:WINNT\System32\drivers.

    Prior to attempting to install version 2.000, I uninstalled ver 1.3, because it caused Windows 2000 Pro's Event Viewer to display an Error associated with the "Service Control Manager".

    From https://www.wilderssecurity.com/showthread.php?t=26552, I learned that ver 1.3 had a rogue file, pg_msgprot.exe, that was the source of the error.

    Except for the Event Viewer's error message, ver 1.3 worked fine.

    I hope now that, with the help of this forum, ver 2.000 will work too.
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi NormanS, I am not sure if the evaluation version has a cumulative trial time ie. 30 days over both versions 1.3 - 2.0.
    If, however, you purchased a licence for 1.3 then you would have had a procguard.pkf file attached to your registration email, this file should be placed in the main Pocess Guard folder.

    HTH Pilli
     
  3. NormanS

    NormanS Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    84
    Thanks Pilli for your virtually instantanious reply.

    Yes, I did purchase ver 1.3, but was told by Jason to uninstall it when I reported the Event Viewer Error problem.

    So, what do I do now?

    Regards,
    NormanS
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Your keyfile would not normally have been deleted by the uninstaller and should still be in the 1.3 folder. Have you checked your archive email for the original registration email from DCS?
    If you cannot find your original keyfile you will need to contact support@diamondcs.com.au using the email address and info' that you used when you registered. DCS will then resend a keyfile.

    Pilli'
     
  5. NormanS

    NormanS Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    84
    Pilli,
    Based on your earlier e-mail, I found procguard.pkf and placed it in my Process Guard directory.

    Yet, when I now click on PG, I get these results:

    Welcome to DiamondCS Process Guard.
    This program does not need to be running for your system to be protected.

    30 Jun 15:30:30 - Window Log Started
    30 Jun 15:30:31 - Initializing Process Guard over 2 steps. If either step fails some protection may not be active.
    30 Jun 15:30:31 - [1 of 2] Failure: Driver is not correctly installed or active.
    30 Jun 15:30:31 - [2 of 2] Success: Process Guard's Protection is currently Enabled.
    30 Jun 15:30:31 - General Protection Options
    30 Jun 15:30:31 - [1 of 4] Block End-Task is disabled.
    30 Jun 15:30:31 - [2 of 4] Block Appinit registry key is disabled.
    30 Jun 15:30:31 - [3 of 4] Block Drivers/Services is disabled.
    30 Jun 15:30:31 - [4 of 4] Block Global Hooks is disabled.

    Where do I go from here?

    Regards,
    NormanS
     
  6. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, NormanS

    You have to enable them:- Protection>General Protection Options.

    Take Care,
    TheQuest :cool:
     
  7. NormanS

    NormanS Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    84
    Thanks to Pilli, The Quest, and Jason, PG ver. 2.000 is now working… sort of.

    At Jason's suggestion, I tested PG on procguard.sys. Double-clicking on this file caused a Windows Caution window to open but not a DiamondCS/PG window as indicated by Jason.

    According to him, a Messagebox should have popped up with the statement that access to the file couldn't be obtained. However, no such messagebox popped up.

    Separately, I tested PG on DCSUSERPROT.exe, a file that is protected by a PG default setting. In this case, a black DiamondCS screen with no message popped up for a few seconds then closed.

    I conclude that PG is working but still has some wrinkles I must iron out, once I am shown how.

    Guidance anyone?

    Regards,
    NormanS

    PS DiamondsCS have first-rate products, support, and forums.
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi norman, Can you check that you have Process Guard in your Start - Startup folder.
    Then go to the Start button and select Run, in the run box type msconfig & press return and make sure that you only have one entry for process guard.

    1.3 used a registry run key, If you happy using regedit do a find on procguard and check that there is no run entry in the registry (this could be a left over from V1.3) as I am wondering if the old 1.3 startup is still active?

    Thanks Pilli
     
  9. NormanS

    NormanS Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    84
    Pilli,

    Startup Cop displays only one instance of Process Guard when I'm logged on as Administrator BUT displays no instance of Process Guard when I'm logged on as a User without administrative privileges.

    Registry Detective displays 21 entries containing procguard. None of the entries include "run" in the path.

    When running Win2k either as an Administrator or as a User, PG is quite intrusive when closing some but not all windows: PG pops up to check if I really want to shut the window. This confirms that PG works; nevertheless, I wonder about PG failing the test proposed by Jason, namely clicking (double-clicking) on C:\WINNT\system32\drivers\Processguard.sys to check for a DiamondCS/PG messagebox stating that access to the file couldn't be obtained. Such a message does not appear, though the Windows Caution message does appear, but it states nothing about "access to the file couldn't be obtained".

    Regards,
    NormanS
     
  10. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Norman, You can only run Process Guard (.exe) from the first account that you boot into as there is a MS problem with switching, this maybe why you are not getting Jason's result. PG is really an admin tool,
    You should only get "close message box with an HID" (human interface device) boxes on items you have not closed during a session and that have Close Message Handling enabled. Having siad that "End session" will overide Process Guard when you close windows - This is normal behaviour - all part of the added protection that PG affords you.
    I am sure that a later version of PG will try and address these minor "quirks" - Pilli :)
     
Thread Status:
Not open for further replies.