I recently installed CFP Pro v3.015. Runs OK but due to a pop-up at System start-up after logging in to Windows (Windows installer) & the same Pop-up running when browsing the Internet I have had to edit the Registry to remove an entry found at HKLM\Software\Microsoft\WindowsNT\CurrentVersion\Windows. (String value) AppInit_DLLs = C:\Windows\System32\Guard32.dll
Removing said entry value solves the pop-up problem. However when running Zirsoft’s DLLexp.exe no functions are listed. Similar no listing of function calls are apparent with SysInternal’s “Process Explorer” & the application WinDB (Windows Debugging Software).
My question is therefore - what exactly is Guard32.dll supposed to do and WHY having read the Microsoft Article does the Installation software load it here.
Has anyone come acrosss this problem before (Pop-ups). Am I losing any functionality or security of the product by removing the Registry entry as described above?
I have attached an Autoruns file for further process info. Please let me know if any further info is required. The PC is a PackardBell EasyNote w3301 Laptop running XP Home Version 2002, Sp2. Mobile AMD Sempron 3000+ Processor (at 1.58 Ghz) with 1gb ram. 2 Partitions with the swapfile running on the Non-system partition. All Windows Updates to date have been applied.
(:m*) Topic Closed: PM a mod if ye wish to open it only if the issue returns.
guard32.dll is a driver from CFP 3 (most likely related to Defense+). It’s legit. I noticed this file since the first final version 3 rolled out with HijackThis. Best to leave the registry key alone.
I got no idea what that pop up is, though. Can you post a screenshot? Seems to be an imperfect installation CFP 3. Remember to shutdown other programs when you install CFP 3 to avoid conflicts.
A full scan of my laptop Spyware Terminator today has listed guard32.dll as unknown software.
I also have firewall pro installed v3 installed recently - but also lots of other software due to a complete re-install (not because of security issues by the way)
I really would like to know what this dll is and specifically if a safe comodo dll or not. ???
Thats a false positive on Spyware Terminators part. One of the reasons I don’t use Spyware Terminator cause I had alot of false positives. I use SuperAntiSpyware and Spybot.
Thanks for your input peoples. Have fixed it with the v3.016 update. The problem with v3.015 seems to stem from a redundant installation entry that doesn’t clean-up on the reboot
