Ilya has just released Defensewall ver 3.

Congrats on the release Ilya. I know you have put a lot of hard work into it. :thumb:

http://www.softsphere.com/

yay;) :) let's celebrate:thumb: thanks ilya:thumb:

So one of the toughest security solution is ready to show its muscles ...:D

But i will use it next year...:(

No license key...No money...:'(

Good glad to see it,but I never had problems with the beta at all. :thumb:

:thumb: :thumb: :thumb:

A first class software with first class support. :thumb:
Congratulations Ilya :)

Does the license key of v2.56 will work with v3???

-{ Quote: "Does the license key of v2.56 will work with v3???" }-
Yes, naturally. Just as I promised.

-{ Quote: "Yes, naturally. Just as I promised." }-

Thanks but does the license that I got from giveaway work:) coz when I tried to do so during DW Beta I encountered an error:blink:

Ah, all the giveaway licenses are special as all the giveways builds are special. You need a regular license.

Ilya,
I love your product and I was wondering if you could help. I've used ver3 RC2. When I try and open firefox it takes a good 6-8 seconds before it opens. Is this normal and is there anything that I can do to improve it?

-{ Quote: "But i will use it next year...:(

No license key...No money...:'(" }-

How much is it? Maybe I'll give you a licence key as a birthday present ;D

-{ Quote: "Ilya,
I love your product and I was wondering if you could help. I've used ver3 RC2. When I try and open firefox it takes a good 6-8 seconds before it opens. Is this normal and is there anything that I can do to improve it?" }-
I don't know what could be a cause. In fact, when I open FF, DW adds about two or three seconds. Anyway, I'd like to take a look at DW's logs exported.

im waiting for 'the question' to be asked.....

lol

So, this is the final and stable release of DW v3?

Can I install it over the 2.56 version (and if so, will it recognize and accept the old license key) or do I have to uninstall the old version first?

Is it OK to run DW firewall component along with Online Armor (which I want to keep) or should I install just the HIPS part of DW and leave the firewall out?

Please provide suggestions for optimal procedure.

Thank you

The web site leads one to believe that you can get just the DW hips without firewall but after download/install, I've got the firewall too. Can we have just the hips without firewall?

-{ Quote: "The web site leads one to believe that you can get just the DW hips without firewall but after download/install, I've got the firewall too. Can we have just the hips without firewall?" }-
Just select DW's program menu from the system tray icon, then make your choice ;)

-{ Quote: "So, this is the final and stable release of DW v3?

Can I install it over the 2.56 version (and if so, will it recognize and accept the old license key) or do I have to uninstall the old version first?

Is it OK to run DW firewall component along with Online Armor (which I want to keep) or should I install just the HIPS part of DW and leave the firewall out?

Please provide suggestions for optimal procedure.

Thank you" }-

Optimal procedures is what you like: to be honest there is so much overlap between the two, that it is like using a belt and braces for holding up your trouser.

Possible combo's
- OA full with DW HIPS
- disable OA program guard use DW HIPS only
- disable OA HIPS use DW HIPS only

-{ Quote: "Optimal procedures is what you like: to be honest there is so much overlap between the two, that it is like using a belt and braces for holding up your trouser.

Possible combo's
- OA full with DW HIPS" }-
With OA's RunSafer, why use DW? I mean, DW is redundant with RunSafer in operation, isn't it? Also, wouldn't OA+DW generate quite a lot of system drag?

-{ Quote: "With OA's RunSafer, why use DW? I mean, DW is redundant with RunSafer in operation, isn't it? Also, wouldn't OA+DW generate quite a lot of system drag?" }-

In this snapshot, I have 3 more, but only this combination. ;D See screenshot.

I haven't noticed any drag, but I do have "Mail Shield and "Web Shield" in OA not enabled. Also, I do not use OA's RunSafer, because I prefer to run as admin.

-{ Quote: "With OA's RunSafer, why use DW? I mean, DW is redundant with RunSafer in operation, isn't it? Also, wouldn't OA+DW generate quite a lot of system drag?" }-

Well that is why I suggested: try them seperately

Advantage of DW over OA with run safer
- protects internet facing processes plus files downloaded by them (plus anything spawned from this)
- less pop-ups
- cheaper

Advantage OA over DW
- OA protects processes system wide


I tested DWv3 with Matousec tests (previous versions) it is at least as good as OA. It is up to personal preference really.

Regards Kees

-{ Quote: "How much is it? Maybe I'll give you a licence key as a birthday present ;D" }-

I don't think that it will be free birthday present from your side. :P

Anyways i have already wrote a nice article on DefenseWall HIPS 3. You guys can read it from the trailing link below.

http://technonxt.wordpress.com/2010/04/21/defensewall-3-0/ (http://technonxt.wordpress.com/2010/04/21/defensewall-3-0/)

Nice little review there ash. Good work.

Thanks...BTW i like my new name "Ash"...:)

Really DefenseWall HIPS is rock solid...I have tested it with more malware and everything got out of the system after a single click. Its really showing its muscles.

Excellent write up Ash. :thumb:

Thanks Bro....

One thing i have noticed that during the execution of Rogue AV's i have saw some system slowdown and even DefenseWall HIPS got hanged.

Agree, great work and well written. :thumb:

The other posts in your blog are good to read too. :)

Thank you bro. Its really glad to know that you guys found it nice. I have no single words to explain my happiness.

I am still waiting for Ilya to have some words with me regarding some technical glitches which i have found during my test.

Avinash,
Sorry about that off the cuff nickname. It just seem to fit. By the way which glitches did you find? I didn't notice in your review.

-{ Quote: "Avinash,
Sorry about that off the cuff nickname. It just seem to fit. By the way which glitches did you find? I didn't notice in your review." }-

Hey Bro,

No Sorry needed !! You are like my brother,and brother should not say sorry. :)

I have found some technical glitches after publishing my review. When i tested it again with 0Minute malwares ;D, i have found that DefenseWall start keep hanging..Even i have noticed that "Untrusted" status was not there in firefox, but it was running as untrusted...Don't know why it happened. It may not be big issue, but still i have found this problem.

"Ash" probably isn't the best nick name to have around Europe right now. LOL.

I imagine Ilya will be very interested in your findings. One thing I have learned about him over the past few years is that he is a perfectionist, and especially with this new version, he wants everything working perfectly.

-{ Quote: "Advantage OA over DW
- OA protects processes system wide " }-

DW loads the registry with tons of untrusted leftovers. Ilya says "do not clean DW stuff out of the registry." A major advantage of OA is that it does NOT create deadwood like DW does. (Worse yet, "Rollback" of DW's deadwood can be dangerous to your computer's health.)

-{ Quote: "Ilya,
I love your product and I was wondering if you could help. I've used ver3 RC2. When I try and open firefox it takes a good 6-8 seconds before it opens. Is this normal and is there anything that I can do to improve it?" }-

kjdemuth,

Just one question. Are you sure this slow launch can be attributed to DefenseWall? I noticed you run AdblockPlus. Depending on the amount of filter rules, this will slow down launching Adblock. Simply disabling it does show any improvement on my pc's.

Try uninstalling Adblock and see if it loads much faster. It is very quick to open without this addon.

Sincerely,

Gerald

No, I don't think its adblock. I had removed it before in an attempt to see if that was causing the problem.

-{ Quote: "
Advantage of DW over OA with run safer
- protects internet facing processes plus files downloaded by them (plus anything spawned from this)
- less pop-ups
- cheaper
" }-
Another advantage:
- DW is much lighter than OA - only two processes (memory usage)
- no affecting on OS boot time

-{ Quote: "Another advantage:
- DW is much lighter than OA - only two processes (memory usage)" }-Number of processes is not a valid indicator. An app may have only a few processes but still use an enormous amount of system resources.

I suggest that you surf for one hour then compare DW versus OA as to total cpu usage, I/O bytes, etc. Using those those valid measures of system drag, I believe you will see that OA is lighter than DW.

-{ Quote: "The web site leads one to believe that you can get just the DW hips without firewall but after download/install, I've got the firewall too. Can we have just the hips without firewall?" }-
In fact, if you have a license installed, DefenseWall checks its type. So, to get HIPS only, download and "install" this .reg file zipped: www.softsphere.com/files/force_hips.zip

-{ Quote: "So, this is the final and stable release of DW v3?" }-
Yes.

-{ Quote: "
Can I install it over the 2.56 version (and if so, will it recognize and accept the old license key) or do I have to uninstall the old version first?" }-
Just install overtop. Or use regular internal updater. Just to mention- if you have GiveAway 2.56 version, 3.0 is incompatible with its registration system.

-{ Quote: "
Is it OK to run DW firewall component along with Online Armor (which I want to keep) or should I install just the HIPS part of DW and leave the firewall out?" }-
Yes, they are totally compatible.

Hello.

Is the firewall version the same as the hips version? if not what is the difference? ???

-{ Quote: "I have found some technical glitches after publishing my review. When i tested it again with 0Minute malwares ;D, i have found that DefenseWall start keep hanging.." }-
Yes, that could be possible if malware generates tons of system calls when blocked. But, anyway, I'd like to take a look at the sample.

-{ Quote: "Is the firewall version the same as the hips version? if not what is the difference? ???" }-
Binary, they are the same. The difference is that HIPS edition (not version, but edition!) do not control both Inbound and Outbound connections. You can switch it on and off with just registry keys modifications.

-{ Quote: "Binary, they are the same. The difference is that HIPS edition (not version, but edition!) do not control both Inbound and Outbound connections. You can switch it on and off with just registry keys modifications." }-

Hmm. I see very well. Thank you.

Great job.

-{ Quote: "Number of processes is not a valid indicator. An app may have only a few processes but still use an enormous amount of system resources.

I suggest that you surf for one hour then compare DW versus OA as to total cpu usage, I/O bytes, etc. Using those those valid measures of system drag, I believe you will see that OA is lighter than DW." }-
Agree; at least on a number of machines here. The new version of OA, I have found to be a lot lighter than previous versions.

Runs great here as well. No hiccups as yet; and if they are to be found I'll stumble into them.

As a side note, nice article AvinashR.

-{ Quote: "Yes, that could be possible if malware generates tons of system calls when blocked. But, anyway, I'd like to take a look at the sample." }-

I haven't able to save that sample because of i have reverted my VM machine today after testing thoroughly...At to my surprise no one able to by pass it. :)

Guys you are requested to read my review thoroughly..One of the user said that DW 3 is not working on Detection technology but on prompting technology, but i haven't mentioned anything such on my review. Do you agree with him ?:P

-{ Quote: "Guys you are requested to read my review thoroughly..One of the user said that DW 3 is not working on Detection technology but on prompting technology, but i haven't mentioned anything such on my review. Do you agree with him ?:P" }-

Prompting? If you mean proactive, then yes :)

Guys, can anyone help here (http://www.wilderssecurity.com/showpost.php?p=1664364&postcount=8), please?

-{ Quote: "Number of processes is not a valid indicator. An app may have only a few processes but still use an enormous amount of system resources.

I suggest that you surf for one hour then compare DW versus OA as to total cpu usage, I/O bytes, etc. Using those those valid measures of system drag, I believe you will see that OA is lighter than DW." }-
Hi,

I understand your point of view and I agree that number of processes means nothing but every process consumes resources (memory, cpu, i/o... etc)

I did today test and installed as you suggested new OA Premium v4.0.0.44 and really I thought it will be much lighter than when I tried it last time (about year ago). Indeed it's a little bit lighter but... only a little bit as I said.
Below you will find results and methodology of my tests:

Test machine: Windows 7 HP x32.

1. Test no.1: resource usage during web browsing (Opera as a main browser and open simultaneously ~15 tabs with different content - two sites with flash animation) Results below for Online Armor and DefenseWall Personal Firewall:

Online Armor (Web Shield enabled): http://img130.imageshack.us/img130/7102/oabrowsingprot.png
217332

Online Armor (Web Shield disabled): http://img594.imageshack.us/img594/9561/oabrowsingbez.png
217330

DefenseWall Personal Firewall: http://img191.imageshack.us/img191/6029/dwpfbrowsing.png
217327

Winner: ex aequo DWPF and OA (with Web Shield disabled)


2. Test no.2: resource usage during CNN TV-streaming in Windows Media Player 12:

Online Armor: http://img594.imageshack.us/img594/4650/oastreaming.png
http://www.wilderssecurity.com/attachment.php?attachmentid=217334&d=1272010784

DefenseWall Personal Firewall: http://img130.imageshack.us/img130/7121/dwpfstream.png
217328

Winner: OA


3. Test no.3: resource usage during uTorrent activity - downloaded one of the Linux distro (Ubuntu) for test purposes:

Online Armor: http://img714.imageshack.us/img714/4755/oatorrent.png
http://www.wilderssecurity.com/attachment.php?attachmentid=217335&d=1272010784

DefenseWall Personal Firewall: http://img594.imageshack.us/img594/3420/dwpftorrent.png
217329

Winner: DWPF


4. Resource usage in Windows Task Manager - CPU Time, during all these test for OA and DWPF:
http://img227.imageshack.us/img227/1992/wtm.png
http://www.wilderssecurity.com/attachment.php?attachmentid=217336&d=1272010784

Winner: DWPF.


Because of this I prefer to stay with my tandem: LnS and DW.

Good tests, Creer. Thanks for sharing. By the way, you can readily upload those screenshots to this forum. That way, readers of this thread, months from now, will still be able to see those screenies. The screenshots will eventually disappear from imageshack.

Did you notice DW's widely varying usage of I/O in some of the tests?

In my view these tests show that the difference between OA & DW is very narrow indeed, & shouldn't be a prime factor in deciding which of these 2 splendid security applications to use. I have licenses for both DW & OA, but have chosen to run OA -- mainly because of all the trash that DW leaves behind in its rollback area.

-{ Quote: "mainly because of all the trash that DW leaves behind in its rollback area." }-
Do you have "Automatically remove items from rollback list" on?

-{ Quote: "Do you have "Automatically remove items from rollback list" on?" }-When I was running DW, I DID check-mark "Automatically remove items from rollback list". However, doing so only causes a monthly cleaning.

Until I began using DW, my registry cleaner (Ace Utilities) always had ~30 registry items that it didn't clean because of its ignore list. After I began using DW, I added DW's registry items to Ace's ignore list because of your post that we shouldn't clean out DW's registry additions. At that time I checked the "Automatically remove items from rollback list" item on the Advanced>Options screen.

Within 3 weeks Ace's ignored registry items had grown to over 150 items, & was increasing daily.

I did a few rollbacks on my own, thinking they were safe, but with bad results.

DW is an excellent security app, but I do not regard it as being truly "set-it-forget-it" with this growing rollback list issue. For instance, how can a user be absolutely certain that the mere passage of 30 days will make it safe to clean out this growing rollback list? Further, if an arbitrary 30 days auto-rollback is safe, wouldn't an arbitrary 60 days auto-rollback be even safer? Moreover, why would a 15 day auto-rollback be less safe? In other words, WHERE do you draw the line? Why is 30 days the "magic number"?

My point -- the 30 day auto-dump is an arbitrary measure -- NOT a magical guarantee that something essential won't get dumped. Bottom Line -- I regard the 30 day auto-dump as a "hopeful compromise" for dealing with DW's propensity for using the registry as a waste basket.

64 bit please? D:

i was about to ask about registry cleaners when using DW...
also HD defragmentation..

-{ Quote: "Good tests, Creer. Thanks for sharing. By the way, you can readily upload those screenshots to this forum. That way, readers of this thread, months from now, will still be able to see those screenies. The screenshots will eventually disappear from imageshack.

Did you notice DW's widely varying usage of I/O in some of the tests?

In my view these tests show that the difference between OA & DW is very narrow indeed, & shouldn't be a prime factor in deciding which of these 2 splendid security applications to use. I have licenses for both DW & OA, but have chosen to run OA -- mainly because of all the trash that DW leaves behind in its rollback area." }-
No I didn't notice.

As Ilya said I have set on "Automatically remove items from rollback list" and I really don't care about registry in that case. I also don't use registry cleaner on my Win7 machine and my system still works very well (I didn't notice differences between cleaning registry in Win7 - also I don't feel that without cleaning out my registry after 6 months, my Win7 OS runs slower or faster, it runs normal with ~100 applications on the board boot time takes about 25-30 seconds, I think not bad result at all.
BTW. I read few months ago one of the MVP blog where she explained that the cleaning registry in Win7 is not needed since the registry is loading a bit different than in previous versions of Windows - unfortunately this page doesn't work: http://nicolemaschke.wordpress.com/2009/11/18/its-official-registry-cleaners-and-windows-7-are-a-bad-idea/

Bill,

Stop using FF, try DW with Chromium and you will be surprised how light DW runs. Just had a look at my wife's PC. The delay of Chromium is not noticeable. The protection you get set out against the overhead DW generates is top class.

Believe me, I set up all our PCs with build in protection of the OS, because I am a performance freak. DW is the only HIPS /sandbox/fw application which passes my very sharp performance criteria.

Regards Kees

kees you are very picky:) you sound like me;) if a security software make my pc slow in any way is out of here;D

Yep, JMonge

DefenseWall's logs are also a nice indication how well a browser is designed. Becasue Chrome sandboxes it tabs, there are less calls to files and registry (to guard for DW). This had the advantage that DW runs even smoother with Chrome/Chromium


@ Ilya

I added two keys to Internet Explorer resource protection (and System)

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

Those keys are often attacked by 'nuisance/ad ware'. It has been so long ago since we discussed resource management optimisation. In my list I have them in a different colour, so I don't know whether we did not discuss them or whether you did not agree or that they were allready protected.

Thanks

-{ Quote: "Stop using FF, try DW with Chromium" }-Hola Kees-sensei...

I use Kmeleon, not FF. I use OA, not DW. That combo is faster than a dose of salts through a duck's bowels.

I like DW except for such things as...
1- It uses the registry for a dustbin. OA doesn't
2- It fails Antitest's clipboard logging test. OA passes

I do use FF(Noscript enabled) + Safe Online on those rare occasions when I am doing serious financial stuff, such as organizing a hostile takeover of AT&T. ::)

-{ Quote: "Becasue Chrome sandboxes it tabs, there are less calls to files and registry (to guard for DW). This had the advantage that DW runs even smoother with Chrome/Chromium" }-

Google Chrome is not something I will use or ever again install. Here are just a few of many reasons why Chrome is a no-way for me...

1- It gives you NO choice as to which folder you want to install it in.

2- Instead of installing it in C:\Program Files like most every other program, Google puts Chrome, without notification or asking permission, into C:\Documents and Settings.

3- It updates directly to its own folder, instead of allowing you to download the update file so that you can scan it, save it for back-up, etc.

4- When you uninstall Chrome, it leaves behind Google's updater. My firewall notified me that the bugger was trying to call home.

5- There is no way within Chrome's user-interface to set the cache size or location.

6- It silently auto-updates Flash-Player

OTOH, I dearly looove Chrome+ (http://www.chromeplus.org/). It has NONE of Chrome's bad habits and ALL of Chrome's benefits.

Bill,

I have just about half the life experience of you so I am not asked to consider brand issues and sales optimisation at such take overs ;) I had thought you used Lynx in such occasions :thumb:

Funny thing that a kameleon can be faster than a fox ;D

Warm regards

Kees

Got a PM question on DW's resource protection

What it does?
It seperates untrusted from untrusted. When you look in the resource management protection defaults, you can see that Outlook for instance has critical resource protected. This implies that a malware launced through javascript (parent process is for instance IE8 or FF, which are also untrusted processes) can't access you mailbox. This raises the bar for bots (they can't access your contacts).

How to play with it?
When you add a file/folder or registry key to "System" other untrusted can't access it any more. When you add something at IE8 (as I did) others can't access it. To be safe I also added these resources to System, so regular (trusted processes) are allowed to touch it.
You can add a new process first, make sure it is also listed as untrusted process in the regular untrusted list. after having added a new process, you can add files/folders/registry etc.

For whome intended?
Resource protection is for power users and ex-GesWall users who had a lot of customisation in their console (like me). Ilya has optimised it default settings, so for 99,99% of the users it works perfectly out of the box. Do not forget that DW is a stronger than LUA environment, a lot of user space regsitry entries are protected by default. When you start to play with it, it is advised to select to show resource notifications.

Regards Kees

-{ Quote: "
(...)
2- It fails Antitest's clipboard logging test. OA passes
" }-

Hi Bellgamin,

I can't agree with this one, take a look at my screen below - it's DW notification about Clipboard logging:

217364

-{ Quote: "I can't agree with this one, take a look at my screen below - it's DW notification about Clipboard logging:" }-
Even Ilya agrees that DW fails on clipboard logging, and he refuses to change it. See Here (http://gladiator-antivirus.com/forum/index.php?showtopic=103780).

Ilya has known about this weakness a long time (see Here (http://gladiator-antivirus.com/forum/index.php?showtopic=76704&hl=clipboard)) but feels that there are valid softwares that use the clipboard so he declines to prevent clipboard problem.

However, it is not an "either/or" issue. OA blocks clipboard stuff & alerts the user. The user can then allow (for legitimate softwares) OR block. The decision is left to the user, as it should be, not to the programmer.

-{ Quote: "
However, it is not an "either/or" issue. OA blocks clipboard stuff & alerts the user. The user can then allow (for legitimate softwares) OR block. The decision is left to the user, as it should be, not to the programmer." }-

Hello Bellgamin,
I agree with you, but then again if the user is like my wife, she wouln't know what decision to take anyway. Yes/no is the same thing for her.:P ;D

-{ Quote: "Even Ilya agrees that DW fails on clipboard logging, and he refuses to change it. See Here (http://gladiator-antivirus.com/forum/index.php?showtopic=103780).

Ilya has known about this weakness a long time (see Here (http://gladiator-antivirus.com/forum/index.php?showtopic=76704&hl=clipboard)) but feels that there are valid softwares that use the clipboard so he declines to prevent clipboard problem.

However, it is not an "either/or" issue. OA blocks clipboard stuff & alerts the user. The user can then allow (for legitimate softwares) OR block. The decision is left to the user, as it should be, not to the programmer." }-
DW only informs you about clipboard logging but it's up to you if you want Terminate it (in case of unknown running software on you PC) or accept just clicking OK button and checked Remember my decision box.
So DW doesn't block clipboard logging by default - it's only your decision to Terminate or Allow running process which does clipboard logging.

-{ Quote: "DW only informs you about clipboard logging but it's up to you if you want Terminate it (in case of unknown running software on you PC) or accept just clicking OK button and checked Remember my decision box.
So DW doesn't block clipboard logging by default - it's only your decision to Terminate or Allow running process which does clipboard logging." }-DW informs you AFTER the clipboard logger already has captured the clipboard data. Ilya never disputed this fact. I quote from a DW user's post on DW's own forum which I previously linked...

-{ Quote: "Ok, DW alert me but this is after and Clipboard logger can do everything with this data before user understand and click "Terminate"." }-

Rather than agreeing to fix this, Ilya replies...

-{ Quote: "Some legitimate programs like download managers are using clipboard data monitoring." }-
~~~~~~~~~~~~~~~~~~~

Yet another achilles heel of DW is what takes place when you want to install a new software. As an example I shall refer to a hypothetical download called "setup.exe" which IS a malware for purposes of this example.

Under DW, setup.exe will arrive in untrusted status. As such, setup.exe has zero ability to do any real damage to your computer.

HOWEVER, installing an untrusted software is a PITN. So you will (I hope) scan setup.exe for malware and, if it passes muster, you will then convert it to trusted status.

So, in this example, a malware has slipped by your scanner (it happens sometimes).

Once the malware is in trusted status, DW no longer offers protection. IF you are running as Admin user when you install that malware and execute it, then that malware will have freedom to do pretty much any & all damage that it wants to do, and DW won't interfere.

Unlike DW, Online Armor (OA) gives you an EASY option for installing software safely EVEN IF you choose always to run as Admin user and EVEN IF that software turns out to be malware.

Namely, OA allows you easily to click setup.exe into Run Safer mode, thereby eliminating 99.999999% of that software's ability, as a malware, to do any lasting damage to your computer.

Further, even after you enter Run Safer mode, OA will alert you to the dangerous actions which are attempted by that malware, such as trying to modify or replace a system file. DW doesn't do that. OA does. That's because OA is a classic HIPS and DW isn't.

ANY classic HIPS will give you those kinds of danger alerts. Often we find those alerts annoying and either turn them off (by entering install or learning mode) OR repeatedly click "Allow". SHAME on us for being so lazy! Even so, OA's Run Safer will give us a high degree of forgiveness for laziness.

NOTE however that OA named it "Run Safer" and NOT "Run SAFE". No security application can fully protect me from my sometimes careless (even stupid) actions! Only one app can protect me then -- a good imaging software that I use regularly and faithfully.

DW is one of the very best security apps, and would be cheap at twice its price, especially considering the superb tech support provided by Ilya. However, although installing software is less dangerous while using DW, it is STILL dangerous. In this particular respect, installing software under OA's Run Safer is significantly LESS dangerous than is the case with DW.

Kees often advocates running most times as Limited user (LUA). He is right, of course. IF I am in LUA status, DW is 99.99999% bullet-proof, even when installing software. But I am a lazy hard-head & always run as Admin so, in my case, I really need Run Safer.

Ummm... is anybody else running as Admin? SHAME on you (and shame on me)! ;) :dry: :shifty:

1. OA's "Run Safer" is, in fact, LUA. One standard Windows privilege escalation exploit - and that's it.

2. Yes, classical HIPS systems are giving more security then any sandbox HIPS, but with one single note- their user must perfectly understand what should be allowed and what should be blocked. Other case, any sandbox HIPS gives much more protection than any classical HIPS because users can operate them properly.

Ah, and yes- I'm running under Admin rights account. Shame on you and shame on me! :D

Has anyone had any serious problems (like BSODs) with DW v3?

Are there any known incompatibilities with other software?

-{ Quote: "Has anyone had any serious problems (like BSODs) with DW v3?

Are there any known incompatibilities with other software?" }-

Running fine here :thumb:

-{ Quote: "
Ummm... is anybody else running as Admin? SHAME on you (and shame on me)! ;) :dry: :shifty:" }-

I run as Admin, however with Defensewall I feel that I am close to being equivalent to running as a Limited User.

-{ Quote: "Has anyone had any serious problems (like BSODs) with DW v3?

Are there any known incompatibilities with other software?" }-

Even during the Beta process, I didn't have any BSOD problems and the few incompatibilities that I had were quickly fixed by Ilya, more or less just minor adjustments, which is part of the reason for the Beta process in the first place.

If I had a little more computer savvy under my belt, I wouldn't be scared to run with just Defensewall as my sole security app.

-{ Quote: "Has anyone had any serious problems (like BSODs) with DW v3?

Are there any known incompatibilities with other software?" }-
I haven't gotten any BSOD or any known to me incompatibilities but it's a system choker on my setup with Win 7. Middle clicking a forum link to open it in a new tab takes about 7 to 10 extra seconds for the page to start loading. Closing out an IE session leaves one or more IE processess resident for a considerable amount of time before they completely close out. Normally that's not a big deal but if I decide to re-open IE while one of the processes are still resident, then IE considers that the last session crashed. Each new IE tab or link in the same tab causes my laptop fans to rev up to high rpm's. The IE taskbar icon normally will show additional highlighting around it when more than one tab is opened. If you close all tabs but one, then you're left with just the one focused highlight around the taskbar icon but when DW is installed, the above becomes borked and doesn't work as intended. I can close out all tabs but one and the additional highlighting on the IE taskbar icon remains. Sites that use Flash will really choke the system down by opening and not closing the Flash10 process.

-{ Quote: "If I had a little more computer savvy under my belt, I wouldn't be scared to run with just Defensewall as my sole security app." }-
With DW running in real-time (by itself) you would be very well protected IF you image your system drive at least once/week as a fail-safe.

I seriously suspect DW v3 crashed my system yesterday and made it so hard (http://www.wilderssecurity.com/showthread.php?p=1665889#post1665889) to me to boot Windows again.

-{ Quote: "With DW running in real-time (by itself) you would be very well protected IF you image your system drive at least once/week as a fail-safe." }-

I image and backup with Karen's daily. I have been trying Comodo Time Machine also. I have been using DW for a few years now with various AV's and not too many places that I would be nervous of going. DW has become my cornerstone over the years.

-{ Quote: "I image and backup with Karen's daily. I have been trying Comodo Time Machine also." }-
Imaging programs (such as Macrium Reflect & Image for Windows) make byte-by-byte images that can be restored EXTERNALLY from Windows, so that they can rescue you from such things as:

(1) Major screw-ups to your system disk because of infections, bad installs, etc.

(2) Total hard drive failure.

Comodo TM is NOT a full-on imaging software, but is more like Rollback.

AFAIK Karen's Replicator is primarily backup software and does not make externally restorable, byte-by-byte images. (Please correct me if I am wrong.)

I recommend you do a Wilders search on "imaging". Such a search will produce comparative &/or informational threads about imaging software. Example: HERE (http://www.wilderssecurity.com/showthread.php?t=259166).

Good hunting.

Karen's Replicator i think it can do full partitions, i think. she says it can back up whole hard drives. never tried it tho. its is a good free back software tho. very easy to use.

@ Bellgamin

Been using Acronis for full images for years. Karen's Replicator is used to back up "My Documents" to external HD. Just trying CTM for quick roll backs.

@ Greg S
Reproduce your issue and make logs of it with Defensewall while you are doing it and then export them and send them to Ilya for a look see. He might just have to do a simple tweak to fix it. At any case I am sure it is something he will want to look into.

-{ Quote: "I haven't gotten any BSOD or any known to me incompatibilities but it's a system choker on my setup with Win 7." }-
That's strange. What's your security setup?

-{ Quote: "I seriously suspect DW v3 crashed my system yesterday" }-
Find .dmp files into your c:\windows\minidump folder, zip and send them to me.

question. when installing a program like foxit reader,will DW or OA prevent the installation of ask toolbar and other threats?

So far so good the time I've tested it - no problems or anything and it's proven its effectivity previously. ;)

Would you guys and maybe the dev. say that the settings out-of-box are optimal as well?

-{ Quote: "So far so good the time I've tested it - no problems or anything and it's proven its effectivity previously. ;)

Would you guys and maybe the dev. say that the settings out-of-box are optimal as well?" }-

Yes,

After resource management became available, I have done some extensive playing with it. The good thing is that Ilya has made the default config very strong, so normally DW works great out of the box.

I would check a few things
a) do you want dvd/cd to run trusted or untrusted (advanced options)

b) are the default download area's the ones that you want?
Reason for checking is that DW offers two proection mechanismes
- the policy HIPS limitation (comparable with user profilles and SRP) through trusted - untrusted setting
- the access limitation (comparable with ACL) through the protected unprotected option

By default untrusted items are protected after (I thought 2 weeks) in the download areas. This means that they are still untrusted, but newly downloaded items are not allowed to tamper with them. So you have to make up your mind whether you want that (I consider you more a power user than an average user, Raven). It could also be that you want this automatic protection mechanismes on other directories.

The other thing which download areas facilitate is the fact that signed executables are allowed to install. The advantage is that you do not need to set a downloaded executable as trusted (only for signed execs/trusted vendors).

c) In the past when DW ran fine, I used to unselect the logs (a tiny bit higher performance).

Be sure that all optimalisations passed to Ilya by users will be pushed through the updates when Ilya thinks they make sense.

Regards Kees
regards

-{ Quote: "question. when installing a program like foxit reader,will DW or OA prevent the installation of ask toolbar and other threats?" }-

If you mean running the FoxIt Installer as Untrusted, yes. If you install FoxIT Reader as Trusted, then Ask Toolbar would still be installed without warning.

-{ Quote: "Find .dmp files into your c:\windows\minidump folder, zip and send them to me." }-

Thank you. I have sent it to you.

-{ Quote: "That's strange. What's your security setup?" }-
I've mentioned on another topic here that with the help of CTM, I started out with Malware Defender, Windows 7 Firewall Control Plus, Avast 5 with File system shield and Behavior shield. I used another snapshot which had Windows 7 Firewall Control Plus removed. W7FCP is broken by DW for some reason. It can be installed after DW is installed though. Anyhow, I eventually used a clean snapshot with nothing but DW installed for security and got the same results as mentioned in my last reply. My suspicions as to the problem is that it's a svchost.exe process which includes the Base Filtering Engine and Diagnostic Policy Service. I'm capable and willing to test it further but don't really know what else to look for.

THis case you have to send me an e-mail and I'll send you test drivers set back.

@ Ilya

I added [EDIT: removed] two keys to Internet Explorer resource protection (and System)

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings


I should have known :-X