CryptoSuite - anyone still using it?

Discussion in 'other software & services' started by FanJ, Feb 24, 2014.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Is anyone still using CryptoSuite from Ghost Security?
    Many years ago we had a forum section here at Wilders for this very nice program from Jason; that (closed) forum is now in the archived forums section.

    I absolutely loved this program! Even with my bad eyes it allowed me to compare hashes (checksums).

    For some reason I cannot use it anymore since some weeks on my XP-home SP3. Right clicking a file to let CryptoSuite calculate its checksum doesn't work anymore. H*ll, I cannot even re-install it anymore.
     
  2. Dieter Bressem

    Dieter Bressem Registered Member

    Joined:
    Sep 1, 2004
    Posts:
    36
    Location:
    Germany
    I am still using this software. Which version do you use ?. I am not able to start the program since a few weeks.
    Maybe an Microsoft Update causes this issue, reinstall doesn't help either. Affected version 1.1.
    Luckily I found the previous Version V1.07 and this is working. Win7 32Bit and Win8 64Bit also.
    The checksum feature I never tried.
     
  3. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    MultiHasher lets you do the same. I don't know if it's bad eye-friendly though.
     
  4. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Hi Dieter,

    This was indeed version 1.1.0.0. Same problems as you described.
    I don't have version 1.07 anymore, alas ...
     
  5. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Link to the site?
     
  6. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  7. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
  8. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Dieter,

    Did you found Version 1.07 on the internet? If so, may I ask where? I really would love to have it.
    (I still have my old licence). Thank you in advance.
     
  9. inpersonam

    inpersonam Registered Member

    Joined:
    Oct 17, 2004
    Posts:
    31
    I was/am still using Cryptosuite too.

    Now sometimes it runs and sometimes it does not. I get "Failed to execute target process - error code 5" when I attempt to run it, and when I attempt to reinstall it I get the message "Unable to execute file in the temporary directory. Set up aborted. Error 5: Access is denied". Then subsequently I have been able to run it, but it fails to decrypt my encrypted files. I investigated this problem by restoring my system from image file backups, and then reinstalling the programs I had installed since the date of the backup, but have come to no firm conclusion about what program installation may have caused the problem, probably because it appeared to run when I tested it, but I did not test whether it would decrypt files. I suspect that one of those program installations is a factor, since Cryptosuite was consistently running well immediately after I restored my system from the image file backup, but I would need to repeat quite a lot of work to draw a conclusion. It looks like the writing is on the wall for Cryptosuite, and I must retrieve my data by running an old system and then give up using it. Does anybody have any good suggestions for a replacement?

    I should be very grateful if someone would let me have version 1.07, perhaps by email, or point me to some means of downloading it (I can find no download by searching on the web), if version 1.07 is still working ok, since I now only have v1.100.
     
    Last edited: Jun 1, 2014
  10. inpersonam

    inpersonam Registered Member

    Joined:
    Oct 17, 2004
    Posts:
    31
    I now have a little more news to share.

    By restoring my system from image file backups, I have got back to a system state in which Cryptosuite will run and decrypt .cse files. Also, running the installer file for Cryptosuite now runs and no longer produces the error report that it produced before I restored my system. The difference between the restored system that will run Cryptosuite and the system that would not run Cryptosuite is the following installations:
    Eset nod32 antivirus update to v7.0.317.4
    Malwarebytes update to vv2.0.2.1012
    Ghostery
    NoScript
    CCleaner update to vv4.14.4707

    Earlier observations made while installing programs suggested that the problem was either the Eset update or an update of another program not listed above, and so I now suspect that the Eset update was at least a proximate cause of the problems with Cryptosuite. I will now proceed to install progressively the other programs and updates in the above list to see whether they affect the running of Cryptosuite, and thus to check my hypothesis that the problem is related to the Eset update. I should note however that it appears from my records that I had not installed the Eset update when I first noted the Cryptosuite problem, nor the Malwarebytes update, but did then have NoScript and Ghostery, and that I appear from those records on another occasion to have had the problem when neither NoScript nor Ghostery were installed. I think my records are accurate, and so I wonder whether there is some more oblique problem at work - in other words, some other causative factor in play. Perhaps time will tell, or maybe my move to Window 8.1 will overtake the problem.

    I might suggest that those who have had this problem might post whether they have updated Eset antivirus to v7.0.317.4, or installed any of the other programs/updates listed above. I do not know whether reinstalling the earlier version would fix the problem - I suspect not - and I have not investigated the system restore root either, but if you have image file backups from prior to the update you may have a way back to being able to use Cryptosuite again.

    I also had some other glitches in my post Eset update etc system - for example, I repeatedly got the following error in the applications event viewer, and could not fix it by running lodctr /r from the command line:
    I got an error in the applications event viewer:
    Event Type: Error
    Event Source: LoadPerf
    Event Category: None
    Event ID: 3001
    Date: 01/06/2014
    Time: 17:03:09
    User: N/A
    Computer: TOM-I7
    Description:
    The performance counter name string value in the registry is incorrectly formatted. The bogus string is ?9, the bogus index value is the first DWORD in Data section while the last valid index values are the second and third DWORD in Data section.

    Post the Eset update etc I also had a problem with Outlook folders, and with sorting of entries in a database, and a scheduled image file backup failed to run, but whether they were related to the Eset update etc I did not investigate. There also seemed to be a possible memory leak in Eset, which I found at one point using 3.5 times as much ram as usual.

    Hopefully, I have nearly completed the task of identifying the cause of the Cryptosuite problem, but I would still very much appreciate a copy of v1.07, if Dieter would be so kind as to share it.
     
    Last edited: Jun 2, 2014
  11. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Hi inpersonam,

    I'm not so sure at all whether it is NOD32 causing this. Yes, we both run NOD32, but that in it self doesn't proof it.
    As for the latest NOD32 release, it was released about 21 May 2014; see thread https://www.wilderssecurity.com/thre...s-service-release-1-has-been-released.364105/ . Well, I had the problem with CryptoSuite before that latest NOD32 release.
    I guess that you saw in the NOD32 logs something like:
    cryptosuite_setup.exe » INNO » {app}\Cryptosuite.exe - is OK
    which is simply info. And NOD32 has been telling that for quite some time. I guess that even that hasn't caused it.

    I hardly have time to look at it further; one of the reasons (among other private things) is that I'm trying to migrate to a new computer.
    But I do want to tell you that I do appreciate you trying to tell what is causing this. For that I do thank you!!

    As for CryptoSuite 1.100 vs 1.07 you need to know that they had different ways for your licence.
    Version 1.100 used a serial number.
    Version 1.07 used a licence key file (with in-build name, email-address, etc.).
    So for version 1.07, you will need that original key file from more than ten years ago.
     
    Last edited: Jun 2, 2014
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,050
    This thread just rang a bell. I do have Cryptosuite on this win7 x64 machine. The version I have is 1.1 It's running fine, but no Eset.

    Pete
     
  13. inpersonam

    inpersonam Registered Member

    Joined:
    Oct 17, 2004
    Posts:
    31
    Thanks FanJ.

    I too had the problem before the Eset update, and as I say above, there seems to be some other causative factor at work. Maybe there are 2 recent installs that cause the problem, and if so perhaps there is a third event somewhere behind that. Perhaps there are programs and updates coming out now that are no longer really compatible with XP, and we shall see a string of updates etc that damage XP. It may not be possible to find the cause by basic methods. However, I have restored the functionality now, and it seems that the problem is associated with installing updates or new programs. And the windows updates are not an immediate cause. I will let you know if I find the cause, but like you am likely to turn to building a new system on windows 8.1, which is a more promising investment of time.

    I am pleased to report however that I still have the key file from 10 years ago. It activates v1.1 as well as 1.07. Somehow I must have rashly deleted v1.07 from my system, but your mentioning the date triggered a recollection of where I might have backed it up, and I quickly found it on a dvd that I backed up my apps on 10 years ago. When I try to upload it, the forum rejects the nature and size of the file, even if I zip it or change the file extension. But if you will send me your email address, I will happily email you a copy of v1.07.
     
  14. inpersonam

    inpersonam Registered Member

    Joined:
    Oct 17, 2004
    Posts:
    31
    Version 1.100 has partially stopped working for me again (the delete function continued ok but encrypted files would no longer open and the installer file would no longer run), without my having updated Eset Nod32 to the latest version - a suspected cause of the failure of nod32 - and so I have concluded that Nod32 was not the problem and given up trying to track down the cause of the failure.

    I have now installed v1.070, which works fine. Thanks Dieter.

    I see that you need a .csu file to licence it but only a code to licence v1.100 (I had previously thought that the key would work with v1.100 as well as with v1.070).

    I was a little surprised not to hear from FanJ. How does one contact another member of the forum directly?

    Ddoes anyone know what was the difference between the functionality of v1.070 and v1.100?
     
  15. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Dear inpersonam,

    I want to offer you my apologies for not having replied; I'm really sorry!
    I will later send you a PM here at the board (but I want to watch soccer game and things about that).

    Here is an old thread in the archived forum about changes in version 1.100 :
    https://www.wilderssecurity.com/threads/cryptosuite-v1-100-released.68902/
    (wow, several old friends there; wished I could get contact with them)

    After going back through a lot of old emails, I had found my old licence file (indeed a .csu file) (from December 2003).

    I am mostly interested in the checksum comparing feature of it. Here is just a little example of version 1.070 working on my XP machine (slightly edited by me):

    The file C:\...\Adobe Flash Player\Uninstaller 2014_06_11_1\uninstall_flash_player.exe has the following Checksum(s)
    MD5 - A2F46DBB93F2437211EEBFD181D49CC6
    ---------------------------------------------------
    The file C:\...\Adobe Flash Player\Uninstaller 2014_07_10_1\uninstall_flash_player.exe has the following Checksum(s)
    MD5 - 6E1F12C092CFCCF1656301F16379C6E6

    ===
    Edited to add:
    inpersonam, I have send you a PM here on the board.
     
    Last edited: Jul 12, 2014
  16. inpersonam

    inpersonam Registered Member

    Joined:
    Oct 17, 2004
    Posts:
    31
    Hi FanJ, Thanks for your message. I was only concerned in case you wanted a copy of v1.070 and had been unable to contact me. What is a "PM"? And thanks for the info about what was added in v1.100. It does not appear from the thread you sent me a link to that the changes were more than embellishments.
     
  17. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Hi inpersonam,
    About PM: it is a private message here on the board. I have just send you one.
    Go to the top of the board, at the right side you will see "inbox". It is there that you see PMs, which is called now "conversations". Does that help?
     
  18. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    Hi inpersonam,
    I know and I do appreciate it. We had already contact today/yesterday (depending on time-zone).

    I don't remember me all the changes between version 1.070 and 1.100. Maybe the archived forum could tell more; I didn't have a closer look there.

    ===

    In the meanwhile I had noticed since some time that version 1.070 on my Win 7 Pro 64-bit does not give me the right click menu option on a file to let CryptoSuite calculate its checksum.
     
  19. inpersonam

    inpersonam Registered Member

    Joined:
    Oct 17, 2004
    Posts:
    31
    I think I may have solved the problem with installing Cryptosuite v1.100 now. The solution appears to be to add the installer file to the exceptions in Eset Nod32. Then the installer ran fine for me, where as it had not immediately before I created that exception. Strangely enough, I had also been able to run it with all of the non-windows services and start-ups turned off via msconfig. I am not sure what that has in common with creating an exception in Eset, unless msconfig turned off the eset service, which I have always assumed it would not do, but I have yet to check that. I wonder whether to create an Eset exception for the executable in the Cryptosuite program files folder as well, since it was presumably also Eset that corrupted the running of Cryptosuite.

    I got the idea from a post at http://www.foolishtech.com/viewtopic.php?f=34&t=1498&start=10, the same problem and error report there addressed in relation to CryptoPrevent. Fortunately, I did not also need to make the slightly obscure adjustment to the HIPS suggested in the post, which I will copy below:

    Hello Nick,

    Well, it took a while but I finally got it to install. It seems ESET Smart Security (and probably is the same issue with NOD32) was the cause. I had ruled this out early on in the troubleshooting process as I had set ESET to fully log everything. Since nothing appeared in the logs, I had ruled ESET out. It seems ESET is blocking something and thus causes the install to fail, even though the logs remain empty. I decided today that "just in case" I would exclude the CP installer from scans and set the HIPS component to allow all actions for the installer. After that the install went fine, no issues at all. Very strange nothing appeared in ESET's logs as if they had, I could have solved this issue a lot earlier. I will have to wait to see how the next in program update goes with CP and if an issue persists with that, will have to set rules in ESET to allow the update.

    Thanks for all of your help and time. It was and is very much appreciated. I have talked this user into upgrading to the premium version as well. Thanks again.

    Best regards,
    Kent​
     
  20. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,451
    Location:
    North Carolina, USA
    Hello inpersonam,

    I am glad that you were able to correlate my post over on the CryptoPrevent forums to help you with your issue installing CryptoSuite. I have had three instances with the HIPS in ESS/NOD32 blocking things that would not show up in the logs even with the "Log all blocked operations" option ticked in "Advanced setup". I have now learned that if I have this type of issue, to disable HIPS, reboot, and see if the issue goes away, and if it does, make rules in HIPS to allow for it. I created the additional rules that you mentioned because CryptoPrevent both updates its program and definition files, thus having to run an installer when the version updates. With CryptoSuite, just disabling HIPS to install then enabling again should work fine as CryptoSuite is not supported any longer and never updates.

    Edited to add: Am I correct in understanding that your issue only involved setting an exception in "Antivirus and antispyware" and not in the HIPS component of ESS/NOD32?
     
    Last edited: Jul 28, 2014
  21. inpersonam

    inpersonam Registered Member

    Joined:
    Oct 17, 2004
    Posts:
    31
    Hi Kent,

    Thanks for your post and advice. It seems quite a coincidence that you were watching this thread.

    Two points, though.

    First, I managed to install Cryptosuite ok by adding the installer to my exceptions in eset, which I take it excepts the installer from real time protection as well as from scans. I am wondering whether that will suffice to prevent eset from degrading the installation, or whether I need to add cryptosuite.exe in the program files folder to the exceptions, and whether if I do that it will suffice to protect the installed program from eset (I have discovered that without protection from eset Cryptosuite eventually becomes non functional), or whether I need to go further and add something to the hips, which I am not familiar with managing. I can leave all as is and wait to see, but wonder whether you already know that the hips settings need to be amended, and if so exactly what I should do there.

    Secondly, the same point arises with CryptoPrevent, but more so given its activity when updating. Do you know that merely excepting the executables in the program files folder will not suffice, and again how does one set a hips component to allow all actions for the installer? Are you talking about adding a rule when the filtering mode is set to automatic mode with rules? If so, what would be the target files, applications and registry entries?
     
  22. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,451
    Location:
    North Carolina, USA
    Hello inpersonam,

    First concerning CryptoPrevent: With the initial install on my system is when I found the issue with ESET's HIPS blocking something during install. At that time I was stretched for time and just disabled HIPS, rebooted, installed CP, re-enabled HIPS, and rebooted once more. Since I did not have the time to investigate if there would be issues with CP and updates, I manually made exclusions and manually made HIPS rules. I do not really know if ESET will interfere with CP doing updates after that initial install since I have not thoroughly investigated it. I just added the exclusions and rules "just in case" as I did not have the time to investigate it. If I were you, I would wait before doing anything with ESET unless you see you have a problem updating CP. If you have had CP on your system and have the premium version, it just updated to 6.1.3 in the last couple of days. I would open CP and see if you have that version. If you use the premium version, you should have been alerted that it updated and needed a reboot to enforce the new policies. If you have the free version and when you open CP you see you have version 6.1, do the manual update and see if it updates to 6.1.3 with no issues. That is the easiest way to see if you need to add anything to ESET or not. If you have issues, I can help you set up the exclusions and HIPS rules if needed.

    As to CryptoSuite, I can not tell you much (has been many years now since I used it and is no longer developed as we know). If you are having issues and believe excluding the install folders fixes it, then by all means do so. I would not think of adding any HIPS rules unless you continue having issues. If you decide to you need to do this also, temporarily putting ESET HIPS into learning mode, launching CS and doing what you would normally do with it, closing CS, and then putting ESET back into automatic mode would be the easiest. You could use interactive mode also but will get pop ups to allow and deny for the operations that CS does, so is a bit more involved. I cannot advise as to what to do manually to set up the rules since I do not use CS. To be honest, I do not think you would need HIPS rules as stated in my previous post and think if you decide you need to add exclusions, that should be enough.

    HTH...
     
  23. inpersonam

    inpersonam Registered Member

    Joined:
    Oct 17, 2004
    Posts:
    31
    Thanks again.

    Hips is a bit too obscure for my taste, and rather as you did, I have taken a broad brush to it. I excluded the .exe files in the program files folders of both Cryptosuite and Cryptoprevent, and then switched hips to learning mode and ran Cryptosuite and updated Cryptoprevent to version 6.1.5 (when I installed it on 27 July, it was version 6.1.0 and it had not updated since) and then switched hips back to automatic mode, having accumulated scads of learned rules in no time. I don't even know whether hips learned rules apply in automatic mode, despite reading the help file, or what the point is of applying rules and then allowing what does not comply, as the help file appears to say in the modus operandi of hips in automatic mode, so all to do with hips feels distinctly like blind flying, in spite of the help file (so what's new?).
     
  24. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,451
    Location:
    North Carolina, USA
    Hello inpersonam,

    Learning mode creates a rule for everything even though some rules it creates would have been allowed anyway in automatic mode. The reason for this is if you wanted to run in interactive or policy mode, only the created rules would be allowed (may or may not be prompted for new rules). This lets you use learning mode for either automatic, interactive, or policy mode. Automatic mode does use the rules you created by checking them first for allow and block rules and then everything else that your created rules does not effect defaults then to automatic. These different options gives a lot of flexibility in how you use the HIPS, from very easy and simple with almost never a pop-up (automatic with rules): to being prompted for anything you do not have a rule for (interactive): to locked down where if you have not created a rule to allow it, it is blocked (policy). You should be fine the way you did it. It should not lower your security any and will hopefully solve the issues you were experiencing...
     
  25. inpersonam

    inpersonam Registered Member

    Joined:
    Oct 17, 2004
    Posts:
    31
    Hi Kent,

    Thanks for all your help.

    Do you happen to know whether excluding an executable from the real time file system protection will affect the application of hips in any way? If not then I have at least ascertained that the real time file system protection is relevant to installing Cryptosuite and CryptoPrevent, but that turning off non-windows services and start ups is relevant to, and I thought that doing so via msconfig did not in fact turn off the eset service.

    My CryptoPrevent rules resulting from a very brief time - a couple of minutes - in learning mode allow CryptoPrevent.exe to:
    1 write to all files;
    2 delete all files;
    3 start reg.exe;
    4 start gpupdate.exe;
    5 start cmd.exe;
    6 start cryptoprevent.exe;
    7 modify any part of the registry.

    Does that seem adequate to you? Are they the rules that you added? Rules 1, 2 and 7 seem a little wide somehow, but I suppose refinement of that is not going to be possible. Also, it is not apparent to what extent these rules permit what would be prevented by the rules otherwise applicable in automatic mode, since I cannot find anywhere a statement of what they are.

    Apart from the laborious detail of getting to grips with HIPS rules, and the ever present problem of discovering the meaning of such technical writing as there is on the subject, what I find obviously daunting about HIPS is the need to know what actions and executables the rules need to be aimed at. We shall see whether CryptoPrevent updates, and if not switch to automatic mode and try to prompt the updating. Will opening CryptoPrevent do that?

    I suppose the counsel of perfection would be for CryptoPrevent to publish the HIPS rules that they need for their application to function freely. Shall I suggest that to them? I presume that other software providers' HIPS work in much the same way.
     
Loading...
Thread Status:
Not open for further replies.