AppDefend v1.300 Alpha A3

Discussion in 'Ghost Security Suite (GSS)' started by Jason_R0, Nov 2, 2007.

  1. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    32-BIT VERSIONS
    http://www.ghostsecurity.com/downloads/setupadrd1300a3.exe

    If you are having problems related to other networking applications, try this build below which doesn't have network support
    http://www.ghostsecurity.com/downloads/setupadrd1300a3_nonet.exe


    64-BIT VERSION Released November 20, 2007
    http://www.ghostsecurity.com/downloads/setupadrd1300a3_x64.exe







    This is a "stop gap" release containing some fairly significant internal updates to the RegDefend kernel engine and some smaller changes to AppDefend. As it is now the driver is mostly complete, with only some more default RD rules to be added and other small things. The new GSS GUI is being worked on and is still a few weeks away, but it is shaping up quite nicely, so expect a BETA in a few weeks. I was going to delay this driver update until the BETA, but the GUI is taking slightly longer than I expected and there was no real reason to hold it back.

    It hasn't been tested as extensively internally as my driver updates usually are, so if you find any issues report them like usual. I'll be releasing a new separate build tomorrow which doesn't have the network code attached ( to help track down some bugs and give some a working version ), so if you get the complaints in quick they will be fixed if small.. :)
     
    Last edited: Nov 20, 2007
  2. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    759
    Thank you. :D
     
  3. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Sweet! I have been using the old version 1.2 to avoid the regdefend problems. This release sounds a lot more promising, thanks!
     
  4. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    759
  5. Cazandros

    Cazandros Registered Member

    Joined:
    Oct 14, 2007
    Posts:
    36
  6. Eh_Greg

    Eh_Greg Registered Member

    Joined:
    Oct 21, 2007
    Posts:
    64
    Location:
    US.
    Looked pretty good so far here. Installed and after going through alot of prompts after reboot There were no immediate problems. Reg keys can be deleted as of now. I was fooling around with an uninstaller. I got prompted by app defend when the uninstaller program I was using tried running app defends uninstaller so I blocked that purposely. My uninstaller still took a scan of app defend's components and when I hit delete, I wasnt promted about anything. Driver remained by itself and then some weirdness started occuring till I went safe mode. Look forward to using regdefend more in future :)

    I never used Regdefend fulltime but I did keep the free version around as I do all applications that are elite in their area of the OS. and I like. I thought the "remember action" just wouldnt of worked only in the free version when you were blocking something, but that one could really tweak everything (by creating rules) if they took the time. Maybe thats what you do mean, i'm not sure.
     
    Last edited: Nov 2, 2007
  7. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    That issue is most likely related to the network issues. Have you tried any previous alphas, and did they do the same thing?
     
  8. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Well I usually don't put any restrictions on during an Alpha test. In the last Alpha RegDefend wasn't remembering any actions you took because the code to do such hadn't been moved to the kernel yet. So every time you got a prompt and hit "always remember my action" it wouldn't, and you would get the same prompt next time. Trial restrictions will be put back by the next beta most likely.
     
  9. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    759
    No, I only tried it with Eset NOD32 V2.70.
     
  10. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Ok, well try the next build I will release in a few hours which has the network stuff removed and see how it goes.
     
  11. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    After quite a few pop ups during the first restart, it tested and ran well along side GhostWall. Looking good Jason, great job :thumb: .

    dja2k
     
    Last edited: Nov 3, 2007
  12. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    I've added the "no network" build to the first post. If you're having problems with other networked applications (comodo, nod, etc) try that one.
     
  13. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    759
  14. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
  15. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    759
    Still no go. :(

    I have tried uninstalling completely (plus cleaning up residues) and reinstalling it several times.

    The same error still shows.

    By the way, there is no ghostsec.sys in system32\drivers\ .
     
  16. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Does the original A3 alpha install still?
     
  17. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    759
    No.

    It was removed when this error occurred.

    By the way, I have no problem installing the original A3 alpha.
     
  18. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    So you have tried installing the original A3 alpha again?

    I just downloaded the exact version you ran and it installed no problems, so something must have changed on your system. What other security software are you running besides NOD? Nothing changed in this package except for the driver, and the driver works ok. The error you are getting is from installing the driver, something must be blocking it from creating the service entries in the registry.

    Check out HKLM\SYSTEM\currentcontrolset\services and see if there is a ghostsec entry before you install.
     
  19. smith2006

    smith2006 Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    759
    The mystery is solved. :D

    It seems that there is a conflict between A3 alpha (both version) with Outpost Firewall Pro 6.0.2168.211.415.268 (which I have upgraded this morning from the previous build 6.0.2162.205.402.266).

    I have managed to install setupadrd1300a3_nonet.exe. :thumb:

    What I did was to disable the host protection & self protection of Outpost Firewall Pro and the installation went through.

    The funny thing is I did not require these extra steps yesterday (with previous build build 6.0.2162.205.402.266), Agnitum may have implemented some enhancement.

    By the way, the problem with NOD32 is solved with "no network" build. :thumb:

    Thank you for your help.
     
  20. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    Is this compatible with XP Pro x64 ?
     
  21. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    I'm guessing no, since ghostsec.sys is installed under WINDOWS\SysWOW64\Drivers.
     
  22. buffet

    buffet Registered Member

    Joined:
    Mar 31, 2006
    Posts:
    53
    I still have problem running GSS1.300Alpha1/2/3 so far on the Dell desktop box model E510 { windows xp, windows 2003 srv, intel dualcore 820D, sata-2 hd, nvidia Geforce 7200LE & Ati X1200 video card, Intel Pro 100VE NIC }, after reboot is constantly BSOD cycling until shut it down in cold hard pressing power button on the box.

    Now, I am trying the alpha3 version on newly Dell Inspiron 1720 laptop { running windows 2003 server, intel c2d T7500, sata-1 WD hdd, discrete video card Nvidia Geforce 8400GS, Broadcom 440X 100mbit ethernet NIC, Dell 1390 wireless card...}, I got some BSOD after reboots and got some uninstall of GSS1.300A3 in safe mode. Right now, I have it running with no BSOD yet, but there is constantly with no application entries in the program panel of GSS, dissappeared built-in default rule set.
     
  23. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    I will give it a try soon, actually too many other apps on system in test.. comodo beta, norton antibot and some others...
    .. Okay anyway I gave it a try despite of the many apps, it worked but Internet was not possible together with Comodo Beta 3. Beside nice and funny to see that ZWCreateMutant is hooked. I never trust any mutants :)

    Is it okay if System wants to connect with Internet? I usually block this request.
    Another thing´d be useful to know if it is okay when csrss wants to write process memory to e.g. lsass and services.exe?
     
    Last edited: Nov 7, 2007
  24. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    On a clean install XP---XPpro---XpProS2 its normal for csrss to write process memory to other services. Thats not the only service that does that. System requests connect to internet or wants to establish network connection? System needs this to loop back with other OS services, also normal if not your network card fails. If it don;t fail eventually it will upon next reboot.
     
  25. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    I blocked this in past many times but was able to surf without problems.