Issues with latest beta as provided with GSS 1.110 beta

Discussion in 'Ghost Security Suite (GSS)' started by mplant99, Aug 11, 2006.

Thread Status:
Not open for further replies.
  1. mplant99

    mplant99 Registered Member

    Joined:
    Mar 13, 2006
    Posts:
    8
    Hi all,

    I finally installed the latest gss 1.110 beta. AppDefend is running without issue in trial mode and happily logging everything that it does/encounters. RegDefend, which has been providing trouble free service for a year now as a registered stand-alone product is now driving me crazy... It IS being recognized as a registered product, if that makes a difference.

    First, I get no prompts from it at all, just error messages from apps stating that writes to the registry have been blocked. Manually entering rules for these apps (PS Tray Factory is the most annoying one) fails to solve the problem as it used to with the stand-alone version of RegDefend. Actually, PS Tray Factory is the only app that I can *see* has been affected. Nothing else is being logged or blocked, as far as I can tell (see below).

    Second, RegDefend no longer writes anything to the log file. It's blocking a particular registry write to HKLM-Software-Microsoft-Windows-RunOnce-TrayFactory and I've gone through numerous "updates" in the last 2 hours trying to remedy this. Only at one point did RegDefend log the activity and that was several updates and an uninstall/reinstall cycle back...

    Third, I am in a seemingly endless cycle of being prompted to update. I click OK to update, then click OK to shutdown GSS to finalize update, get about 15error messages as PS TrayFactory goes crazy, start GSS up (sometimes I reboot after shutting down GSS and before starting it again), and almost immediately am informed that there is an update available.

    I've uninstalled GSS and rebooted, downloaded the appdefendbeta installation file again on the off-chance that it's changed in the last 14 hours and reinstalled. The problem hasn't remedied itself. I am using RDStandard and have not modified my set-up in any way, though I've gone looking for options to do so, and not found any beyond GUI skinning.

    Sorry this is an incoherent ramble but I'm dashing this off and getting on with my day (recycling and garbage out to the curb, feed the kids, get to work, etc.). Any thoughts?
     
  2. mplant99

    mplant99 Registered Member

    Joined:
    Mar 13, 2006
    Posts:
    8
    PS Will future versions allow users to sort the log files by clicking on the column headers? I can't do this in the current beta and it makes finding an entry difficult...

    Thanks for any thoughts/advice/suggestions

    Mike
     
  3. f3x

    f3x Registered Member

    Joined:
    Feb 6, 2006
    Posts:
    311
    Location:
    Montreal, Quebec
    Hi and welcome to Wilders Security / Ghost Security.
    Having move to the current GSS beta is a wise choise.

    ---------------------------------
    THe only case when regdefend block instead of asking is when
    1) You have setup the rules to alwais block it
    2) Driver cannot communicate with GUI part and failing that, block.

    Does it happens with the last tony ruleset ?
    (this ruleset will become default one in next version)
    https://www.wilderssecurity.com/showthread.php?t=85131

    Jason have made an utility to test regdefend.
    You can use it to see if those key are blocked.
    http://www.ghostsecurity.com/index.php?page=regtest

    To see if others programs are blocked too, you can use sysinternals' regmon
    You'll see an access denied error if it's blocked by RD.
    (Notes that there might also have other reason to have it denied)
    http://www.sysinternals.com/Utilities/Regmon.html

    Failing that .... can you try uninstall / reinstall ?
    ---------------------------------

    About *infinite* update loops, solution and problem have been discussed in this thread https://www.wilderssecurity.com/showthread.php?t=122044


    Hope this help.
    Do not hesitate to ask other question or clarification
     
  4. mplant99

    mplant99 Registered Member

    Joined:
    Mar 13, 2006
    Posts:
    8
    Hi f3x,

    Thanks for your quick reply! I came back here to report that RegDefend IS logging blocks afterall (I find it very difficult to distinguish individual entries in the logfile using the default colour scheme - I'll try changing to a different skin). It would be nice to be able to create a rule from the log entry... At any rate, I've tried to uninstall/reinstall without the issue being resolved. I'll work through your other suggestions and post back here.

    Oddly, one of the things that I am noticing is that the functionality of PS TrayFactory does not appear to be affected AND the error messages (from PS TrayFactory) only occur when GSS is shutdown. When it is running the blocks are silent.

    Anyway, I'll see what transpires and post back later in the day.

    Thanks again,

    Mike
     
  5. f3x

    f3x Registered Member

    Joined:
    Feb 6, 2006
    Posts:
    311
    Location:
    Montreal, Quebec
    Oddly, one of the things that I am noticing is that the functionality of PS TrayFactory does not appear to be affected AND the error messages (from PS TrayFactory) only occur when GSS is shutdown. When it is running the blocks are silent.


    As i stated before:

    This is what happens when GSS is shut down.
    You should not shutdown it or else, it'll block be default.


    So when gss is shut down.. everything works as it should.
    The problem migth be when it's open and you can't see the alerts

    Have you tried regtest ?
     
  6. mplant99

    mplant99 Registered Member

    Joined:
    Mar 13, 2006
    Posts:
    8
    Hi again,

    Tony's .gsr solved everything related to TrayFactory so I am a happy camper and after reading the thread you directed me to, I've solved the update problem. It seems that my issue stemmed from GSS not restarting itself. I ran the updater a final time and waited for GSS to restart, which it did almost immediately and all has been well since. I don't know if I did anything to facilitate it restarting itself (like other posters in the thread, I had been waiting 30-60 seconds and manually starting GSS after the updater had shut it down) but it did almost immediately after the update was installed.

    To clarify, I was shutting down GSS in the course of letting it update itself and it was during the minute or so that I waited for GSS to restart that I was receiving error messages from TrayFactory. To add to my other comments about PS TrayFactory, I ran RegTest and ENABLED SpySweeper's Startup Shield (as instructed to and out of curiousity about how effective it would be) and immediately remembered why I shut it off in the first place (beyond redundancy): it keeps asking me to confirm that I want TrayFactory to run at startup, I click yes to confirm that I do, exit the SpySweepr GUI and am almost immediately prompted to go through the whole process again. Thus, I think that there is a problem with TrayFactory and will lodge a support request with the developer.

    Anyway, all is well and I am content.

    Thanks again,

    Mike

    PS added in edit: Passed RegTest with flying colours!
     
  7. f3x

    f3x Registered Member

    Joined:
    Feb 6, 2006
    Posts:
    311
    Location:
    Montreal, Quebec
    If it was all solved by useing tony ruleset i may be because you had badly configured last ruleset or it somehow get corrupted ?

    Anywais ... using tony ruleset is the best thing to do both for protection and decription of the key (+ it solve your problem)

    -----------------------

    I'm happy you get the auto-update thing working.
    Thnak you for the description on how you get thing working, it'll be usefull for nbext one who get this situation.

    ------------------------

    PS added in edit: Passed RegTest with flying colours!

    well... You wouldn't expect a registry protector software vendor to release a test in wich his product fail ... isn't it ? ;)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.