My system keeps freezing up. No BSOD, mouse arrow moves, at first, but freezes up after a few seconds. Attached a CIS report which should include answers to OS, and so forth. The problem can happen at any given time. It has happened mostly while gaming, but has happened under less stressful conditions like having firefox,mirc and utorrent running.
I keep getting this error in event viewer: Friendly View: Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Detailed XML View
11
0
3
0
0
0x4000000000000000
138558
System
Tech-PC
1
C:\Windows\system32\guard64.dll
If I left out any important information, please forgive me. Just let me know what else would be useful in diagnosing the problem. I have no intention of switching from Comodo Firewall(Antivirus is way to picky for my taste so I use Nod32 on that side of things) to another firewall as I feel Comodo continually provides one of the most secure firewalls available.
D+ Log is empty, but it may not be comodo causing problem after all. I will keep you posted as I am likley going to have to RMA my mobo,cpu,and ram all over again to be safe.
Its happening to me as well - Microsoft states that Comodo should do something about it.
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
This is something that Comodo should try and stop occurring in the Windows Event Viewer
I just spent around 5 hours uninstalling, reinstalling, everything from video drivers to mouse drivers trying to figure out what was going on…
Initially I would receive the "Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. " and would have the Details tab saying “StringCount 0” and the String empty… this was driving me crazy as I assumed I had something seriously wrong happening. My machine had nothing security related installed (I uninstalled nearly everything I could think of that would be loading a driver since I had no reference to what was supposedly loading)… yet I was still getting this error.
I dug around on google until I realized that this refers to an outmoded way of injecting a global DLL…
the registry key that are involved are in:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
The dll that is being loaded should be in “AppInit_DLLs” however it was always empty and the Flag was flipped on (“LoadAppInit_DLLs” was set to 1)… so since there was nothing in AppInit_DLLs i flipped it to 0 and rebooted.
The message was gone!!! I did a little dance… I then proceded to re-install my security software.
I installed EMSI AntiMalware … rebooted… still the message was gone!
I then installed Comodo Firewall… and boom the “Custom Dynamic Link” error returned only now it listed in the details StringCount 1 and pointed me to “C:\Windows\system32\guard64.dll” … I finally had tracked it down!
I then found this thread and decided to post this here since my previous google searches didn’t help me locate the cause!
So now at least I know its comodo doing it… but… if they are indeed using LoadAppInit_DLLs to inject it … why is it still not defined in “AppInit_DLLs”?
Is this some leftover flipping of the flag that it no longer used by comodo?
Edit: upon closer inspection I found that “AppInit_DLLs” has a blank space inserted in there after the comodo install… is that the cause of all this? Perhaps the hook used to be injected in there and they removed it but left a space character (the official separator that is to be used in that key entry)???
Hope this info helps comodo and or other googlers trying to narrow this down!
Thanks, DragonAlong. I had this, too. EventViewer pointed to guard64.dll so I came here and found this thread. I am not sure how serious this is though and wonder if I need to do anything about it. I seem to have a lot of problems with my PC lately, could this be causing any of them?
I have same warning in Event Viewer (Event ID 11):
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications
"C:\Windows\system32\guard64.dll" is in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows, with 5 (five!) spaces in front of it!
Perhaps I reinstalled COMODO 5 times? Can not remember, but surely more than once.
LoadAppInit_DLLs is 1.
CIS 5.12.256249.2599
How to get rid of that warning in the Event Viewer?
You can’t get rid off it. It is a warning by Microsoft and just that. Microsoft is deprecating the used technique. There is no danger in using it and does not indicate a bug or a problem.