RegDefend v1.300 Released!

[Jason_R0]

http://www.ghostsecurity.com/index.php?page=regdefend

Please uninstall your current RegDefend version before installing this one, and make sure you reboot. You should not install over the top of an existing installation.

What is RegDefend?
RegDefend is a kernel based registry protection system, designed to use as few resources as possible. Instead of polling the registry looking for changes, RegDefend intercepts the changes before they occur. RegDefend comes installed to protect registry autostarts and some special registry keys, custom rules can also be added.

New features and changes since the last version :-

-Fast and powerful registry monitoring added with a full compliment of filtering abilities during and after capture
-If a registry item is set to "ASK USER" and the operation being performed is "set value" AND the data is the same as exists currently in the registry, then no alert will occur anymore. ie it now checks what is written to what is already there, if the same then it will "allow" the operation to occur.
-If the desktop is switched whilst an alert is being displayed or going to be displayed, then RegDefend will simply block the operation by default instead of asking the user.
-Fixed balloon alerts from not appearing due to "Show Ghosts in background option" which has now been removed. Also changed tooltips to balloons instead of simple rectangles.
-Fixed issue with regdefend.exe being suspended and not able to process "Ask User" requests
-Now log any registry actions which are allowed by the user, rather than only showing actions which are blocked
-Any log event which is blocked automatically due to inability to ask the user, will be shown with [AUTO RESPONSE] in the log
-GUI now selects first registry group upon startup
-Now show all information about registry items in the listview
-Now show which registry group a log event belongs to
-Optimized sorting
-Lots of other small fixes and tweaks, thanks to all testers.

[Jason_R0]

Just another note, if you have trialed RegDefend before and the 14 day trial has expired then you can have another trial starting from this release and on. Basically with every new "major" release the trial period will be set back to 14 days.

[Infinity]

Thanx Jason, It felt like it was already finished lol, sometimes I am rather quickly satisfied
enjoy the evening and thanx for sticking with it.

Andy

[puff-m-d]

I would just like to point out that if you have any custom groups, you need to back them up as the uninstall will delete them .....

[puff-m-d]

And my install went flawlessly and so far I am loving the new version..... Thanks to Jason and the beta team for another great version.....

[richrf]

Hi Jason and puff,

Thanks for the new release Jason.

Puff, are there any changes to the special RegRun group or do I leave them the same?

Thanks for a great program and program additions!

Rich

[puff-m-d]

Hi Rich,

Quote:

Originally Posted by richrf

Puff, are there any changes to the special RegRun group or do I leave them the same?

So far, it does not appear that the new version affects the group in any way. If, during the next few days, I come across anything that may need to be changed, I will post it to the RegRun Entries thread, but I do not beleive there will be any...

[Pilli]

Nice Job Jason, Love the new logging and monitoring

Regarding the groups, I believe only the default groups are altered by uninstalling and re-installing, any other groups that you have should be retained.

Pilli

[puff-m-d]

Quote:

Originally Posted by Pilli

Regarding the groups, I believe only the default groups are altered by uninstalling and re-installing, any other groups that you have should be retained.

All I know is that mine were deleted but luckily I had them backed up.....

[nick s]

Hi Jason,

Thanks for the release as well . The new monitoring feature is a great addition.

I did find a problem involving RD's checking for new version and Outpost Pro's Open Process Control protection. I get the typical OP tray alert as Windows is loading and a corresponding log entry (see the pic below). This is followed by OP crashing.

From the application event log:

The application, C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe, generated an application error The error occurred on 05/12/2005 @ 12:07:13.838 The exception generated was 80000007 at address 00000000 (ntdll!KiFastSystemCallRet)

From the Dr. Watson log:

Application exception occurred:
App: C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe (pid=1408 )
When: 5/12/2005 @ 12:17:05.402
Exception number: 80000004 (single step exception)

Disabling OP's Open Process Control eliminates the problem, although I would rather be able to disable RD's checking for new version.

Nick

[Pilli]

Ah well, Best to back up just in case then

Cheers. Pilli

[tuatara]

Quote:

All I know is that mine were deleted but luckily I had them backed up.....

I've just installed regrun.ghst today, before i found the new release,
so thanks Kent.

But i didn't have to reinstall this file.

New release seems to work great.

[jvillas]

Thank you Jason, and beta testers. My problems with RegDefend hanging on log-off have been fixed. Once again, Thankx.

[Jason_R0]

Quote:

Originally Posted by nick s

Hi Jason,

Thanks for the release as well . The new monitoring feature is a great addition.

I did find a problem involving RD's checking for new version and Outpost Pro's Open Process Control protection. I get the typical OP tray alert as Windows is loading and a corresponding log entry (see the pic below). This is followed by OP crashing.

From the application event log:

The application, C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe, generated an application error The error occurred on 05/12/2005 @ 12:07:13.838 The exception generated was 80000007 at address 00000000 (ntdll!KiFastSystemCallRet)

From the Dr. Watson log:

Application exception occurred:
App: C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe (pid=1408 )
When: 5/12/2005 @ 12:17:05.402
Exception number: 80000004 (single step exception)

Disabling OP's Open Process Control eliminates the problem, although I would rather be able to disable RD's checking for new version.

Nick

Hi Nick, see the other thread relating to my Outpost concerns. They definately need to do some tweaking to their protection , but in the meantime I can send out a build which doesn't have quite as much protection in it which should solve that issue.

[bigc73542]

Installed it a couple of hours ago and it seems to be running just fine.

[Triple Helix]

Running great here!! Thanks Cheers

[Disciple]

Quote:

Originally Posted by Pilli

Regarding thegroups, I believe only the default groups are altered by uninstalling and re-installing, any other groups that you have should be retained.

Quote:

Originally Posted by puff-m-d

All I know is that mine were deleted but luckily I had them backed up.....

Sorry to hear your additional groups were deleted. I know you don't want to hear this, In my uninstall/install the additional groups were left intact, and loaded. It may be a situtation of; your results may vary.

[richrf]

RegRun group was left intact when I installed V1.3. I had made a backup just in case.

Rich

[siliconman01]

Smooth install...running excellent...really like new features...custom groups left alone on installation.

thanks much, as always

[puff-m-d]

My custom groups must have been deleted by a glitch somehow, but I always keep backups so it was not a problem. I thought I remembered previously on an upgrade they had been left intact. I guess the motto is to back them up just in case... I might have been the only one that they were deleted ...

[tlu]

Quote:

Originally Posted by jvillas

Thank you Jason, and beta testers. My problems with RegDefend hanging on log-off have been fixed. Once again, Thankx.

Yes, I'm happy to confirm this! No more hanging on log-offs. I'll try the new version for some days. Unless there are unexpected problems Jason will receive my registration.

Greetings, Thomas

[Jason_R0]

For all the Outpost users experiencing slowdown, please RE-download the setup again and all should be set right. Thanks to the Outpost users who tested the new build.

[Antarctica]

Quote:

Originally Posted by Jason_R0

For all the Outpost users experiencing slowdown, please RE-download the setup again and all should be set right. Thanks to the Outpost users who tested the new build.

Hello Jason_RO,

Sorry for my dumb question, which setup to re-download are you refering to?

Thanks

[Bowserman]

Quote:

Originally Posted by Antarctica

Hello Jason_RO,

Sorry for my dumb question, which setup to re-download are you refering to?

Thanks

Hi Antartica .

The setup to re-download is available from here.


Regards,
Jade.

[Antarctica]

Thanks Bowserman,
O.K. I understand now...