Upgraded to PG 3.0 Minor bug on my OS

Discussion in 'ProcessGuard' started by jay111, Nov 2, 2004.

Thread Status:
Not open for further replies.
  1. jay111

    jay111 Registered Member

    Joined:
    Jan 12, 2004
    Posts:
    14
    hi there !
    i upgraded to PG 3.0 and i like it.
    it installed ok and got my protection list in there as well.
    my only problem came about when i enabled "global protection options".
    when i rebooted the pc, it would get me to the desktop then continually reboot. after going into safemode and uninstall/reinstalling, i worked out it was the "protect physical memory" that was giving me the problem.
    in the end i just gave all of my protection list "Access To Physical Memory".
    it now works fine, but my question is this :-have i compromised the security function of PG3 in doing this ? it would take too long to do every programme on the list one at a time to find the app thats giving the trouble.
    thanking you
    jay111
    :eek:
     
  2. JayTee

    JayTee Registered Member

    Joined:
    Nov 2, 2004
    Posts:
    166
    Hey, I have the same problem too. I thought it was due to Jetico (since that was a beta firewall) but upon thinking and thinking about it and testing it out on another computer, it doesn't look like it.

    i) Do you happen to have an ATI graphics card?
    ii) Did you check the 'Learning Mode' for some time?

    Thanks
     
    Last edited: Nov 2, 2004
  3. JayTee

    JayTee Registered Member

    Joined:
    Nov 2, 2004
    Posts:
    166
    Strange thing was my PC was working fine with the PG v3 beta. So thats why I thought it was Jetico.
     
  4. jay111

    jay111 Registered Member

    Joined:
    Jan 12, 2004
    Posts:
    14
    hello Jay Tee !
    yes i have a ATI Radeon 9600XT graphics card
    and yes, i did start off in learning mode until i opened up quite a few programmes.
    regards
    jay111
     
  5. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    You need to leave ProcessGuard in learning mode for at least two reboots after install.
    After install, Run all your normal programs reboot add any general tabs and then reboot agin - Learning mode should then switch off.
    Some users leave their machines in learnig mode for several hours between doing the reboots to allow everything to be caught by learning mode. It is not a thing to rush ;)
    After this process watch for any alerts and enable any required Allows to trusted programs.

    Do a search on ATI or Catalyst within this forum for specifc information about ATI setups.

    HTH Pilli
     
  6. JayTee

    JayTee Registered Member

    Joined:
    Nov 2, 2004
    Posts:
    166
    Hi,

    I have not tried it out but I was reading through some earlier posts that ATI drivers (4.10, I think) conflict with PG. This was with PG v3 beta. I'll have to test it out tomorrow. My pc was working fine with PG v3 beta on some older catalyst drivers, but upon installing PG v3 final, things got screwy. Before you uninstall your ATI drivers, note that I may be leading you down the wrong track. No expert here. Just a hunch. Maybe Pilli can advise.
     
  7. jay111

    jay111 Registered Member

    Joined:
    Jan 12, 2004
    Posts:
    14
    :eek:
    thanks JayTee and Pilli !
    i've got the latest 4.1 drivers and the Driver Cleaner 3.3 after checking some more posts.(i know-should have done a search)
    i'll do a system restore point tomorrow and then do the installation.
    i'd better keep my fingers crossed lol
    regards
    jay111
    :D
     
  8. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    here's why:

    • at the end of the install routine, you are asked to reboot. Do so. (1)
    • At the start of the new session, PG is in Learning mode and learns what apps run automatically and adds them to the list of known, authorized programs (and to the protection list as well, for that matter). BUT - learning mode only learns something when something is blocked ... and you haven't yet set your global protection options. (So learning mode now does not learn that some apps need access phys. memory privileges, because PG doesn't even attempt to control that aspect.) So, enable all your global protection options and reboot (2)
    • You should still be in learning mode and this time learning mode will learn from the beginning of the session which applications need "special" privileges. You could go ahead and launch a couple of your favourite security or non-security apps so that their needs are met as well. Then reboot again (3)
    • Now PG should have automatically disabled its learning mode. All set. Have fun.

    (In principle the last reboot isn't even necessary. You can also manually disable learning mode and just continue your usual computing. Just do remember that at some point learning mode should be better disabled - either manually or by rebooting.)



    HTHH,
    Andreas
     
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,059
    To add to Andreas' post. While in learning mode I run everything I might want protected while online. I leave my computer online quite a bit so for example I want the Acrobat Reader protected as it does access the internet. That way nothing could attempt to try using it for access. Might be overkill, but easy enough to do and better safe than sorry.
     
  10. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    I have an ATI 9600XT but had no problems at all. I ran most of my programs in learning mode and after the 2 reboots I'm ok so I don't know if it's the graphics card as PG works fine with my 9600XT. I went through my programs menu and ran every program once then some sub programs and everything has gone flawlessly so far.

    When something like that happens try and get a look at the log to see what was denied permissions. It's most likely that you haven't given PG enough time in learning mode. I gave it plenty of time but ran almost every program so that is probably why I haven't had the problems you've had.

    Dave
     
  11. JayTee

    JayTee Registered Member

    Joined:
    Nov 2, 2004
    Posts:
    166
    Hi,

    The info about the 'Learning Mode' was great.

    However, it wasn't in the Help file or at least somewhere prominent where a new user could see it. I think it would help new users a lot if you included it in, or put it in a Sticky in this forum.

    Cheers
     
  12. jay111

    jay111 Registered Member

    Joined:
    Jan 12, 2004
    Posts:
    14
    thanks for all the replies guys !
    i think i did jump the gun a bit and disable learning mode tooo quickly.
    everything appears tp be running just nicely now, so i might leave things as they are. like i originally stated, i've given "Access Physical Memory" to all my protected apps and it's running nicely now, so i'll just leave it as is, unless i'm doing the wrong thing there ?
    regards
    jay111
    :D
     
  13. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    Jay111,

    well, probably you're not terribly vulnerable now ;), but actually "access physical memory" is something that allows an application with that privilege set to more or less effectively disable PG. Okay, on the one hand, why should the apps on your protection list attempt to do that? - You somewhat trust them and they cannot be tampered with to perform something like that, since they are protected by PG in the first place...

    But on the other hand, just out of principle, I would probably just revert the protection list to the defaults and go through the learning mode steps / reboots again, only to have it even more watertight. It's not that much of a hassle, after all. YMMV


    HTH,
    Andreas
     
  14. jay111

    jay111 Registered Member

    Joined:
    Jan 12, 2004
    Posts:
    14
    yes, thanks for the info Andreas1 !
    i've done exactly that, i did a fresh install and left it in learning mode as per defaults. all is running nicely at the moment, so hopefully, when it finishes the learning mode and i enable "global protection options" it stays that way.
    regards
    jay111
    :D
     
  15. jay111

    jay111 Registered Member

    Joined:
    Jan 12, 2004
    Posts:
    14
    :D
    Problem solved !
    thanks again for all the help guys. Andreas1 i found your web page to be very helpful as well-thanking you.
    well, after running in learning mode all day yesterday, using all my apps and going onto the internet etc i bit the bullet and enabled "Global Protection Options" first reboot i got the same problem of PC rebooting(i even got a blue screen for awhile).
    i did an elimination process on the apps and you would'nt read about it !
    my scanner programme was the culprid c:\windows\twain_32\vivid\
    i gave it "Access Physical Memory" and PG is running perfectly.
    i knew it was one of my apps causing the conflict, so i'm a happy chappy.
    thanking you
    jay111
    :D
     
Thread Status:
Not open for further replies.