hi,
just a few questions about defenswall so if you guys could answer that would be great :}
1) how should i proceed if i want to install a program that uses its own dowloader. I for example have tried to install java with defensewall on however since the exe the site provides me with is only 697 kb I am guessing its some sort of downloader which downloads the files itself. The issue is however is that when i do try to install java using the 'run as trusted feature' defense wall only marks the exe and not the subsequent downloaded files by the exe as trusted. Thus when the program tries to install java is unable to install b/c it cannot acess a certain registry file. I have tried expert mode and the issue still persists but when i disabled the protection then it worked flawlessly. However, i want to know if there is a way to do this without disabling protection.
2) With respect to the disabling mode what does this do. What i mean is when i disable protection which ends all untrusted proceses what happens to process which can start manually, without user intervention, themselves (i am hypothesiszing and am not sure if there is malware that can do this or not). Will these process be able to then be able to affect the system?
3) With respect to games, is it possible to install legitamate games with defensewall especially ones that update themselves via the internet and have an internet based components ? and would it be possible to add them as untrusted and still have their components work normally thus protecting myself agianst infected updates? I am unsure if games require the abilty to be able to modify sensitive c drive files however i fail to see why they would need to.
4) and finally p2p programs such as limewire and torrents etc. If the programs is set as untrusted then will this apply for lets say any files downloaded within the p2p program?
i have so far been testing the software on windows vista 32 in a virutal pc.
thanks for your time
Full Version: Defenswall questionsss : D
QUOTE (nokure @ Jun 26 2009, 04:04 PM) 
1) how should i proceed if i want to install a program that uses its own dowloader. I for example have tried to install java with defensewall on however since the exe the site provides me with is only 697 kb I am guessing its some sort of downloader which downloads the files itself. The issue is however is that when i do try to install java using the 'run as trusted feature' defense wall only marks the exe and not the subsequent downloaded files by the exe as trusted. Thus when the program tries to install java is unable to install b/c it cannot acess a certain registry file. I have tried expert mode and the issue still persists but when i disabled the protection then it worked flawlessly. However, i want to know if there is a way to do this without disabling protection.
It's a bug, I'll take care about it. But I've been downloaded Java online installation program and run through it with no issues at all. So, I need a link to reproduce the issue. Also, it could be a "plugin injection" protection- check if you have c:\windows\dwall_log_file.txt and, if you do, post it here.
QUOTE (nokure @ Jun 26 2009, 04:04 PM)
2) With respect to the disabling mode what does this do. What i mean is when i disable protection which ends all untrusted proceses what happens to process which can start manually, without user intervention, themselves (i am hypothesiszing and am not sure if there is malware that can do this or not). Will these process be able to then be able to affect the system?
If you terminate untrusted processes and disable protection, the only way for malware to run if you double-click on it.
QUOTE (nokure @ Jun 26 2009, 04:04 PM)
3) With respect to games, is it possible to install legitamate games with defensewall especially ones that update themselves via the internet and have an internet based components ? and would it be possible to add them as untrusted and still have their components work normally thus protecting myself agianst infected updates? I am unsure if games require the abilty to be able to modify sensitive c drive files however i fail to see why they would need to.
The games I'm not sure about I always set up as untrusted. The only problem here are the games require driver's installation as a part of their DRM system. And yes, you can update it.
QUOTE (nokure @ Jun 26 2009, 04:04 PM)
4) and finally p2p programs such as limewire and torrents etc. If the programs is set as untrusted then will this apply for lets say any files downloaded within the p2p program?
The only problem here is about partially downloaded files. With P2P untrusted, you can't continue to download it.
hi,
as u instructed the file has been attached with this post. At this time i think i am just installing the wrong exe so i am sorry for wasting your time however if it is a defensewall issue please get back to me.
here is the link: http://www.java.com/en/download/manual.jsp#win
also with respect to the games once the game has been installed will its updates automatcially go into untrusted? even though the game was installed as trusted?
thanks for all your help hopefully i will be getting a liscence of your product in a day or 2 : ]
as u instructed the file has been attached with this post. At this time i think i am just installing the wrong exe so i am sorry for wasting your time however if it is a defensewall issue please get back to me.
here is the link: http://www.java.com/en/download/manual.jsp#win
also with respect to the games once the game has been installed will its updates automatcially go into untrusted? even though the game was installed as trusted?
thanks for all your help hopefully i will be getting a liscence of your product in a day or 2 : ]
1. Looks like, you did install Java as untrusted first time or have added untrusted paths manually:
"Loading untrusted/untrusted created module C:\Users\reag\AppData\LocalLow\Sun\Java\jre1.6.0_14\lzma.dll. Process is untrusted now."
Check your untrusted ruleset first and, if it's OK, just delete "Sun\Java" folder and install one more time.
2. If you did install a game as trusted, you can't update it with untrusted updater, obviously. Other case, malicious software can "update" your game too.
"Loading untrusted/untrusted created module C:\Users\reag\AppData\LocalLow\Sun\Java\jre1.6.0_14\lzma.dll. Process is untrusted now."
Check your untrusted ruleset first and, if it's OK, just delete "Sun\Java" folder and install one more time.
2. If you did install a game as trusted, you can't update it with untrusted updater, obviously. Other case, malicious software can "update" your game too.
hi,
unfortunately the issue persists. I 'removed' the sun folder in the DW list and then did a reinstall with the exe as 'trusted' i also marked the exe as trusted process regardless it seems that dw blocks the installation.
the precise aciton that is being blocked accoriding to the DW log file is:
Attempt to delete value VisitorId within the key HKLM\SOFTWARE\JavaSoft\Java Update\Policy\
Also i dont know if its worth mentioning however the specific exe or process that i am running does not show up in the DW main list of processes running rather it lists 'jxpinstall.exe' as an untrusted process. I have tried running thsi process as trusted but the issue still comes up.
thanks again for all your help,
anand
unfortunately the issue persists. I 'removed' the sun folder in the DW list and then did a reinstall with the exe as 'trusted' i also marked the exe as trusted process regardless it seems that dw blocks the installation.
the precise aciton that is being blocked accoriding to the DW log file is:
Attempt to delete value VisitorId within the key HKLM\SOFTWARE\JavaSoft\Java Update\Policy\
Also i dont know if its worth mentioning however the specific exe or process that i am running does not show up in the DW main list of processes running rather it lists 'jxpinstall.exe' as an untrusted process. I have tried running thsi process as trusted but the issue still comes up.
thanks again for all your help,
anand
It means something's still loaded as untrusted into the trusted installation process. Post dwall_log_file.txt one more time. Also, post here your untrusted list ("Advanced"->"Options"->"Save Defenseall HIPS settings"->select "Untrusted" and "Internal" lists and push "OK").
here you go ....
the log file still says that the process is untrusted however i have been running it under "run as trusted' feature
i unfortunately
thanks,
anand
the log file still says that the process is untrusted however i have been running it under "run as trusted' feature
i unfortunately
thanks,
anand
There is no miracle in this world. As I said, the folder is untrusted- "C:\Users\reag\AppData\LocalLow\Sun\". Just remove from the untrusted list and proceed.
hi,
sorry for being so bothersome however my last log file was given to you after i removed the sun folder manually and then reinstalled and still error occured.
i have also discoverd a similar problem occuring with Ux installer http://uxstyle.com/ heres the link
in fact the option to run as trusted and change status to trusted are always seem to be disabled in the right click context menu. I am very sorry i should have noticed this earlier, i just thought it was supposed to liek that.
sorry for being so bothersome however my last log file was given to you after i removed the sun folder manually and then reinstalled and still error occured.
i have also discoverd a similar problem occuring with Ux installer http://uxstyle.com/ heres the link
in fact the option to run as trusted and change status to trusted are always seem to be disabled in the right click context menu. I am very sorry i should have noticed this earlier, i just thought it was supposed to liek that.
You are doing something wrong, but I can't understand what exactly.
yeah so i have figured,
well i dont know heres a step by step of what im doing maybe this will indicate my mistake.
1) download installer
2) right click context menu for defense wall hips in the download folder
3) choose the option 'run as trusted' option (which is always grey which im guessing means its disabled)
4) program begins running UAC pops up
5) installer begins
6) error for lack of acess
is there any reason for the option ' run as trusted' to ever be disabled?
thanks alot for you help though if all products could get support like this the world would be a much better place : ]
regards,
anand
well i dont know heres a step by step of what im doing maybe this will indicate my mistake.
1) download installer
2) right click context menu for defense wall hips in the download folder
3) choose the option 'run as trusted' option (which is always grey which im guessing means its disabled)
4) program begins running UAC pops up
5) installer begins
6) error for lack of acess
is there any reason for the option ' run as trusted' to ever be disabled?
thanks alot for you help though if all products could get support like this the world would be a much better place : ]
regards,
anand
1. "Run as trusted" doesn't work with .zip archives if you use built-in Windows unzip functionality. You have to "change status to trusted".
2. What happens if you "change status to trusted" and then run an installation file? Did you totally remove "Sun" folder with the "Files and Registry tracks" dialog?
2. What happens if you "change status to trusted" and then run an installation file? Did you totally remove "Sun" folder with the "Files and Registry tracks" dialog?
hi,
sorry for the late response. Yes i did delete all the registry files etc for java/sun. Infact i even went as far as deleting all proceses that were listed in the (registry and files) list. Furthermore i did a reinstall of the entire program and yet the issue is still present. I understand that the zip file has to be marked as trusted etc which i have done but still i cannot install the Ux patcher i was talking about earlier. also i tried to install just a normal exe process however DW still said that the file was 'untrusted' even though i ran it as trusted first and then changed its status to trusted. even still DW in the title caption said it was 'untrusted'.
could the issue be that im running DW in a virutal machine? or that its on a 32 bit vista ? should i try and install the v2.56 instead?
anand
sorry for the late response. Yes i did delete all the registry files etc for java/sun. Infact i even went as far as deleting all proceses that were listed in the (registry and files) list. Furthermore i did a reinstall of the entire program and yet the issue is still present. I understand that the zip file has to be marked as trusted etc which i have done but still i cannot install the Ux patcher i was talking about earlier. also i tried to install just a normal exe process however DW still said that the file was 'untrusted' even though i ran it as trusted first and then changed its status to trusted. even still DW in the title caption said it was 'untrusted'.
could the issue be that im running DW in a virutal machine? or that its on a 32 bit vista ? should i try and install the v2.56 instead?
anand
hi just as an update,
i installed DW in a xp virtual pc and it worked flawlessly i was able to install all the files mentioned above no issues whatsoever
so could vista's uac affect DW in some way that is causing all these issues??
i installed DW in a xp virtual pc and it worked flawlessly i was able to install all the files mentioned above no issues whatsoever
so could vista's uac affect DW in some way that is causing all these issues??
That's all very strange. I'll contact you via e-mail.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.