I just installed RegDefend and AppDefend a few days ago (Win2K SP4). Of course I noticed on first startup several alert popups. As I am not very familiar with all the system applications and registry things I gave permission to most of them ("Allow always"), despite of the possibility of giving allowance to probably bad or "infected" applications.
For clarity I would like to know: Are the standard rulesets changed by this immediately? If so, I would suggest that it would be more convenient that RegDefend and AppDefend are starting in disabeled mode the first time, so that one can copy the standard rulesets for safety.

Now I found GSS working very smothly and I like it very much. It works for me even in a non-administrator account (Power User).
With GhostWall installed I experienced today that RegDefend blocked GhostWall to set value to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Run when I logoff from power user account and login as Administrator (not vice versa).
Because I was worried about this I created an application rule in RegDefend as described here http://www.wilderssecurity.com/showthread.php?t=104811 , and this works fine.
But I am still wondering why there was no alert popup from Regdefend asking me for allow this set value by ghostwall.exe, because the Autostart rules (HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Run**) were concerned in this case. ("Ask user" is checked there.) Worked RegDefend correct here?

Hi SYS 64738,
Cogratulation to you decition to try GSS.

About Regdefend and Default rules:

Tony Klent devloped a new ruleset with better definition and more registry covered ... try installing this one. You have to understand that Gss is a very powerfull weapon. I'm not talking about how it's implemented but the consequences of using it. The best way to be secure is to know how windows and malware works and be able to revert change yourself. Using google and the key description will help you understand the importance of the key you are covering. You'r not forced to do it, however the more you know the better this is valid for everything ;) .

Pressing allow/block does not change global rules but application rules that are easy to delete in order to reset them. Default ruleset comes with no application rules so you do not overwrite anything previously made. Tony ruleset come with some application rules for certain windows part to work properly. You can delete them anywais ... they are just there as a guide.

Please go to the regdefend tab to understand what i am saying with global / application rule.


Multiple user account / user account switching is very experimental at this stage ... next beta will fix it.

-{ Quote: "
But I am still wondering why there was no alert popup from Regdefend
" }-

This is generally due to two things.
1) the applicaiton try to change the rule before GSS gui load up (automaticly blocked)
2) multiple user account strange behavior (see next beta)

This should also help you getting started

Official Online Help:
http://www.ghostsecurity.com/gsshelp/

Tony ruleset
http://www.wilderssecurity.com/showthread.php?t=85131

What happens after 15 day evals ?
http://www.wilderssecurity.com/showthread.php?t=126145

Tips on how to act with AppDefend:
http://www.wilderssecurity.com/showthread.php?t=125785

Tips on how to act with RegDefend:

-Block once unless you know it's from trustable source. If a program stop working retry and allow once.
If it want to do it many times and you trust it, then allow alwais. (you need to be sure this program cannot be compromised by plugin like IE and activeX)
-Disable RD when installing windows update / big application as word
-If you are block in a popup storm, got to the main windows and disable RD or AD
Then come back and choose alow once. This is better than choosing allow alwais only to get rid of the storm.



Know problem with long/short filename will be corected on next beta
http://www.wilderssecurity.com/showthread.php?t=123893

GSS update "bug"
http://www.wilderssecurity.com/showthread.php?t=122044


(slowly but surely someone here will build a FAQ ;) )


spoiler on next beta
-{ Quote: "
Sorry for the sparse presence on Wilders recently, I have been having some hardware issues with my main development machine which has made me reconsider the way I do the development (I pay the price for having the fastest and newest hardware ) . Now it will be spread across multiple machines with multiples ways to continue development rather than waiting for spare parts from suppliers.

On the issue as to why AppDefend has taken longer, it is because of things like the firewall aspect being improved (basically an optimized version of the big brand firewalls internally) and a probably world first approach to multi-user support (with benefits to single users also). This is only a small aspect of why it has taken longer than I anticipated, when doing new things it is always longer.
" }-


Should I install Regdefend when I have installed AppDefend?
http://www.wilderssecurity.com/showthread.php?t=108444
-{ Quote: "
AppDefend and RegDefend are components in Ghost Security Suite. Regardless of the downloaded name of the setup file, you are downloading "Ghost Security Suite" which once AppDefend hits final, will contain both AppDefend and RegDefend in the installation.

The current final/non beta version of RegDefend isn't required to install the latest beta of AppDefend/RegDefend. You will need to do 2 serial code activations if you own both AppDefend and RegDefend.

Hope that clears it up.
" }-

How to buy / Is there some bundle ?
http://www.wilderssecurity.com/showthread.php?t=109349&highlight=bundle

-{ Quote: "
There is currently no "bundle pack" for purchasing both, but there will be one soon. I'm not sure if the price will be that much better than what you can get now, simple because the 15% member discount is going to be reduced to 10%, with customers (people who have bought at least one item) then getting at least a 15% discount.
" }-

Register in member area:
http://www.ghostsecurity.com/index.php?page=becomemember

How does it cost / what paiments option are available
http://www.ghostsecurity.com/index.php?page=purchase

|--------------------------------------------------------------
|Issues corrected in the current beta:
|--------------------------------------------------------------

Can someone explain why my regdefend key only works for Appdefend's Regdefend and not the standalone regdefend version?

-{ Quote: "The newer version of GSS removes any whitespace from the keys for you. In earlier versions of GSS which only had RegDefend, the whitespace isn't removed for you. So you need to make sure when entering the key, your name and email, that there are no spaces around them. " }-

Thank you very much, f3x,
your answer and your collection of threads was very helpful to me. I've read here quite much around for the last days and tried to extract any kind of information about GSS, which could be useful for me. I will give a try to Tony's ruleset now. Lukily, there is the option to import own application rules into this ruleset, so that nothing which might be important for my system so far will be lost and can easily restored. When I will have recognized and evaluated the the protection abilities of GSS I will decide about setting up PG again, which I have purchased two years ago. To have PG and GSS side by side I think will be even more challenging to me. Hopefully PG final will be released soon. But for now I think I stay with GSS.
Thank you again, you did a really great job here.

There is many overlaps between PG and AD. You should not need to have both enabled (Unless you like answering popup twice). However if you are one of those people that need redondancy everywhere .. then yes you may use both.
Takes time to familiarise yourself with GSS. If you have multiple computer you can buy a licence of AD for the other computer. If not ... nothing is truely lost as both program give lifetime licence. I've personnaly decide to bet on the GSS side and do not regret my choice.

f3x,

I think you are right, after playing around with GSS for some days I feel very comfortable with it and I decided to license both RegDefend and AppDefend. I must admit I love this application now really. :) I think there'll be no need to setup PG onto my computer again together with GSS, so I will take it for another machine in future. I found GSS much more easier to configure than PG, which drives me into too many thoughts about what to protect and about which application to give rights over protected processes and so on (however, I used only PG 2.xxx so far). Although configuration of PG is quite logic at all, I found it somewhat more difficult to handle. But I don't want to go into a discussion about PG and GSS here, both will serve my needs for security perfectly. Now, looking forward to the next update... ;)

Welcome to the club ;)

Some ppl says waiting is part of the fun ...