Version 1.2.3 (December 18, 2008 )

* Fixed a bug that may cause chkdsk error when startup.
* Fixed a bug when creating rules for named pipe in learning mode.
* Added support for resizing the registry rule dialog box.
* Changed the default setting of "Allow signed applications to be run by system applications" to unchecked.
* Other Minor improvements.

is this beta?or regular?

That's good. Give it time to iron out all the bugs. Then i'm more then ready to become a consumer statistic in it's market.

Watching this closely.

EASTER

It is a brilliant classical HIPS, like EQS with groups like Comodo's D+ (only easier to implement) with a an active and dedicated developer (like OA, DW, SBIE, PrevX, DS)

Cheers Kees

-{ Quote: "is this beta?or regular?" }-

Not beta, v1.2.3 is final.
Up and running w/ no problems here :thumb:

only this HIPS give me hard time , its service going all of the sudden to 90-100% cpu usage ...

i did it on a clean only win installed same results....damn weird.....that happened when change to mode normal :( :thumbd:

-{ Quote: "It is a brilliant classical HIPS, like EQS with groups like Comodo's D+ (only easier to implement) with a an active and dedicated developer (like OA, DW, SBIE, PrevX, DS)

Cheers Kees" }-

Is Malware Defender as extensive in it's protection as the likes of D+ and OA?

-{ Quote: "Is Malware Defender as extensive in it's protection as the likes of D+ and OA?" }-

all the same goal difference gui

its more like SSM look like but missing net protection yet , so its kind half useless :)

-{ Quote: "all the same goal difference gui

its more like SSM look like" }-

Ahhh right thanks for that.I keep meaning to get around to trying this out due to all the positive reviews.:thumb:

-{ Quote: "Is Malware Defender as extensive in it's protection as the likes of D+ and OA?" }-

OA does it all for you. So is in a different league.

D+ is a do it yourself. Malware Defender is as extensive as D+, only with some smart options of groups (D+ only has application rules per group, file protection and registry protection is applicable on all groups, MD offers this on a group basis, making it easier to fence/contain higher risk aps in a classical HIPS allow/deny environment).

-{ Quote: "all the same goal difference gui

its more like SSM look like but missing net protection yet , so its kind half useless :)" }-

I disagree, it has the option to protect aps from spawning/access by others. So with a simpel outbound rule of TF it passes all matousec (except recursive DNS calls) or any other simple firewall it will protect you (e.g. ZA free)

-{ Quote: "OA does it all for you. So is in a different league.

D+ is a do it yourself. Malware Defender is as extensive as D+, only with some smart options of groups (D+ only has application rules per group, file protection and registry protection is applicable on all groups, MD offers this on a group basis, making it easier to fence/contain higher risk aps in a classical HIPS allow/deny environment)." }-


Interesting indeed,I'd not considered that Malware Defender was quite so advanced,definitely worth a look cheers.

-{ Quote: "I disagree, it has the option to protect aps from spawning/access by others. So with a simpel outbound rule of TF it passes all matousec (except recursive DNS calls) or any other simple firewall it will protect you (e.g. ZA free)" }-

it got no network protection mate , and all the "get along" stuff doesn't look good niter professional .

it should be buildin in future according to its builder

-{ Quote: "it got no network protection mate , and all the "get along" stuff doesn't look good niter professional .

it should be buildin in future according to its builder" }-

I was disagreeing on the fact that it is half useless, you are right it has no network protection. But I pass all matousec stuff with TF's outbound rule and MD (except recursive DNS call).

-{ Quote: "I was disagreeing on the fact that it is half useless, you are right it has no network protection. But I pass all matousec stuff with TF's outbound rule and MD (except recursive DNS call)." }-

yes u can do it Np but also make your PC memo usage much more grater if it was bee build in from the first place mate:)

-{ Quote: "only this HIPS give me hard time , its service going all of the sudden to 90-100% cpu usage ...

i did it on a clean only win installed same results....damn weird.....that happened when change to mode normal :( :thumbd:" }-

I was problems whit this also.I played more too.

Then added Kees's some rules (Thanks Kees)

Also added Malwaredefender.exe and mdservice.exe to Child Applications on explorer.exe (there was no)

After 10 days learning mode now it is working with no problem now.

-{ Quote: "I was problems whit this also.I played more too.

Then added Kees's some rules (Thanks Kees)

Also added Malwaredefender.exe and services exe to Child Applications on explorer.exe (there was no)

After 10 days learning mode now it is working with no problem now." }-

mefer i look at your screen shoot , i cant understand its point ???



and the most disturbing issue , why MD owner doesn't fix this BUG ? or why MD doesn't put this files as it suppose to work ?

-{ Quote: "...and the most disturbing issue , why MD owner doesn't fix this BUG ? or why MD doesn't put this files as it suppose to work ?" }-
Have you sent Xiaolin your System Information NFO file?

Nick

-{ Quote: "Have you sent Xiaolin your System Information NFO file?

Nick" }-

no i didn't , been emailed him about this and he didn't success reproduce this problem again.

how can i send him my nfo info?

i did test MD on clean os , nothing install unless drivers (on VM) and it stuck also....making cpu goes out of the blue randomly to 90-100% cpu usage

i try mefer suggestion "Also added Malwaredefender.exe and services exe to Child Applications on explorer.exe (there was no)"

lets see what the hell is going on with this software

-{ Quote: "how can i send him my nfo info?" }-
Go Start > All Programs > Accessories > System Tools > System Information. Then go File > Save.

If your system can handle the extra load, you could try running Sysinternals' Process Monitor for a short interval while MD's CPU usage is high.

Nick

-{ Quote: "Go Start > All Programs > Accessories > System Tools > System Information. Then go File > Save.

If your system can handle the extra load, you could try running Sysinternals' Process Monitor for a short interval while MD's CPU usage is high.

Nick" }-

10x a lot for the info , i don't much like the idea to expose my pc info coz of MD

anyway i did try mefer idea , adding MD to child appz , it doesn't help :( , MD keep stuck my pc randomly

-{ Quote: "anyway i did try mefer idea , adding MD to child appz , it doesn't help :( , MD keep stuck my pc randomly" }-
I did not expect it to work. I run MD on four systems (Vista and XP) and MD's processes are not listed as child apps of explorer.exe. I would give Process Monitor a try.

Nick

Demoneye,

Sorry,may i ask how many days did you stay MD in learning mode.
And when in learning mode all protection enable or not?

-{ Quote: " MD's processes are not listed as child apps of explorer.exe.
Nick" }-

i d'not know is there any objection but i am trying to stabile with my system.coz my system was a lot of freeze.

-{ Quote: "Demoneye,

Sorry,may i ask how many days did you stay MD in learning mode.
And when in learning mode all protection enable or not?" }-

i don't understand what is matter the time pc was in "learn mode" and MD stuck ??
if new process is on the run , i can add him easy to "trusted application"... so learn mode time isnt a factor in this issue

the time is about 2-3 days , till i made in purpose all action , so MD learn fast :)

-{ Quote: "I did not expect it to work. I run MD on four systems (Vista and XP) and MD's processes are not listed as child apps of explorer.exe. I would give Process Monitor a try.

Nick" }-
cool mate , what i know that i am not the only one having such problem, some buddy i know in other forum (none English) also complain on such problem

-{ Quote: "cool mate , what i know that i am not the only one having such problem, some buddy i know in other forum (none English) also complain on such problem" }-
Hi,

I cannot resolve it because I cannot recreate the problem yet.

Which process cause high cpu usage? (malwaredefender.exe or mdservice.exe)

Thanks,
xiaolin

-{ Quote: "Also added Malwaredefender.exe and mdservice.exe to Child Applications on explorer.exe (there was no)" }-
This is not necessary. Malwaredefender.exe and mdservice.exe will be allowed to execute by internal rule.

thx

-{ Quote: "Hi,

I cannot resolve it because I cannot recreate the problem yet.

Which process cause high cpu usage? (malwaredefender.exe or mdservice.exe)

Thanks,
xiaolin" }-

10x for the reply xiaolin

the malwaredefender.exe cause it , it append after switch to normal mode, it happen randomly after 10 minutes top ,i also test this issue even on clean only os + drivers on me VM testing machine .

i run it on Pentium 3 winxp SP3 ...maybe this can help some how

just for the knowledge record i try RTD,SSM(all builds),commodo(all builds),zA and many more HIPS based application on the same machine , and all work perfectly

cheers

Does MD v1.2.3 work with KIS 2009?

Thanks.

-{ Quote: "Does MD v1.2.3 work with KIS 2009?

Thanks." }-

as far as i know why not? it should

You'd probably have to disable some protective features on either KIS or MD to avoid redundant and conflicting coverage.

"only this HIPS give me hard time , its service going all of the sudden to 90-100% cpu usage ...

i did it on a clean only win installed same results....damn weird.....that happened when change to mode normal "

-----------------

I also have huge problems with Malware Defender. It constantly freezes/crashes my P4 Laptop as soon as I enable normal mode. (Prior to enabling normal mode, I extensively used learning mode.)

I experienced a freeze in the following situations:

1.
I downloaded a file from a filesharing service with Opera. I got a permit query whether Opera shall be allowed to save the file in a temp folder. Thereafter, Opera opens the ordinary windows save file dialogue and asks me where to save the file. This is when Malware Defender froze Opera and itself. If you try to kill Opera with the Windows task manager there is a good chance that also the task manager will be freezed. After the freeze, CPU usage (caused by Malware Defender) is constantly around 40-50%.

2.
I tried to start a portable version of Nero 9 Burning Rom Express. This version most likely includes the launch of the main programm by the loader. It will also include registry writes and, possibly, inter process memory operations. Again, Malware Defender froze everything. After the freeze, CPU usage (caused by Malware Defender) is constantly around 40-50%.

In my opinion, the problem is that Malware Defender does not create a visible permission window. This also happened with early versions of System Safety Monitor.

In principle, I like Malware Defender's concept, GUI, tools etc. The missing network monitor is not important. This can be done by the personal firewall.

Due to the above-described bugs, Malware Defender is currently useless for me.

I used the latest version 1.2.3.

-{ Quote: ""only this HIPS give me hard time , its service going all of the sudden to 90-100% cpu usage ...

i did it on a clean only win installed same results....damn weird.....that happened when change to mode normal "

-----------------

I also have huge problems with Malware Defender. It constantly freezes/crashes my P4 Laptop as soon as I enable normal mode. (Prior to enabling normal mode, I extensively used learning mode.)

I experienced a freeze in the following situations:

1.
I downloaded a file from a filesharing service with Opera. I got a permit query whether Opera shall be allowed to save the file in a temp folder. Thereafter, Opera opens the ordinary windows save file dialogue and asks me where to save the file. This is when Malware Defender froze Opera and itself. If you try to kill Opera with the Windows task manager there is a good chance that also the task manager will be freezed. After the freeze, CPU usage (caused by Malware Defender) is constantly around 40-50%.

2.
I tried to start a portable version of Nero 9 Burning Rom Express. This version most likely includes the launch of the main programm by the loader. It will also include registry writes and, possibly, inter process memory operations. Again, Malware Defender froze everything. After the freeze, CPU usage (caused by Malware Defender) is constantly around 40-50%.

In my opinion, the problem is that Malware Defender does not create a visible permission window. This also happened with early versions of System Safety Monitor.

In principle, I like Malware Defender's concept, GUI, tools etc. The missing network monitor is not important. This can be done by the personal firewall.

Due to the above-described bugs, Malware Defender is currently useless for me.

I used the latest version 1.2.3." }-

exactly my situation in here :( :'(
its freeze my PC when switch to normal mode , i uses SSM last build ATM and it run perfectly for couple of weeks

It seems MD cannot show the alert windows or make the alert windows topmost in some cases. I will try to recreate the problem and fix it.

If anyone encounter such problem, please try using hotkey to permit the action. The default hotkey is Ctrl+Shift+Alt+P.

Thanks,
xiaolin

-{ Quote: "It seems MD cannot show the alert windows or make the alert windows topmost in some cases. I will try to recreate the problem and fix it.

If anyone encounter such problem, please try using hotkey to permit the action. The default hotkey is Ctrl+Shift+Alt+P.

Thanks,
xiaolin" }-

i will try this solution and report if it resolve this matter

10x xiaolin 8)

problem with ESS v4 beta

-{ Quote: "i will try this solution and report if it resolve this matter

10x xiaolin 8)" }-

it doesnt work ,its keep jump to 90-100% cpu usage.......very odd ???

Would've been good if it didn't use 90-100% cpu on Vista Ultimate and crash all the time >_<

Once it crashed and had to turn it on otherwise I couldn't do anything else since it blocked access to everything.