RegDefend doesn't defend me at all

[rat]

I've downloaded RegDefend 1300, installed it and run it. I know it is running because Process Guard tells me it has allowed it to start. But when I try RegTest,Test 1, every single modification is successful: RD is not defending at all my registry.
Please explain what has happened - is RD on strike?
By the way: I run win2k, have PG, Outpost,Nod32 and TDS3 installed:
.

[richrf]

Hi,

Just to make sure the install was sucessful, does your PG Protection indicate that REgDefend has the Install Driver/Services options. This is needed while RegDefend is installing. If not, you might want to try to uninstall and re-install with PG in learning mode and the Drivers/Services unchecked so that RegDefend can install all of the stuff it needs. That is what I normally do.

Rich

[Peter2150]

Try Changing something in your startup, or if you run IE, change your home page. You will know if Regdefend is working.

Pete

[rat]

Hi Rich, yes I have given RegDefend the privilege to install drivers/services.
Hi Pete, no I am using Opera 8 and Firefox 1.04. Anyway I changed somrthing in Startup - no sign of life from RD.

[Jason_R0]

Try uninstalling, rebooting then reinstalling RegDefend. Make sure your ANTIVIRUS, ANTISPYWARE, ANTIADWARE applications are all closed before installing it again.

[rat]

HI Jason, I've uninstalled RegDefend, rebooted, closed Outpost,TDS3,Nod32,Ewido,Spybot, Adaware and Spywareblaster, reinstalled RegDefend and run RegTest: same results as before.

[nick s]

Quote:

Originally Posted by rat

HI Jason, I've uninstalled RegDefend, rebooted, closed Outpost,TDS3,Nod32,Ewido,Spybot, Adaware and Spywareblaster, reinstalled RegDefend and run RegTest: same results as before.

Hi rat,

Try using TopToBottom for Windows 2000 and Windows XP to see if the RegDefend driver (regdefend.sys) is being loaded.

Nick

[rat]

Hi Nick, thank you for your suggestion.I've downloaded TopToBottom and
I can't in fact see the RegDefend driver.... What should I do ? I'm a little out of my depht...
(I am not sure I shall be able to browse again to the Forum in the next hours because my phone line is in very bad state: ADSL is gone and the 56 kb modem hops
along at about 6 kb/s....)
Rat

[nick s]

Hi rat,

Sorry about your phone lines. Try installing RD in Safe Mode (tap the F8 key a few times before the OS starts to load). That will minimize the chance of collisions with other apps during the install process. Reboot normally after the install completes.

Nick

[nick s]

When properly installed, the RD driver should have a registry key like the one below. The Start value should be 2 (for automatic startup).

Nick

[rat]

Hi Nick, nothing doing. I've installed RegDefend in Safe Mode, no anti-spyware/virus /malware applications running (even Task Manager said so), rebooted and run the test :same results. To be quite sure that the RD file had not become corrupted I re-downloaded it - still the same results. And no RD driver in the registry.
Maybe Jason has a cure?

[BlueZannetti]

Quote:

Originally Posted by rat

HI Jason, I've uninstalled RegDefend, rebooted, closed Outpost,TDS3,Nod32,Ewido,Spybot, Adaware and Spywareblaster, reinstalled RegDefend and run RegTest: same results as before.

rat,

While you've closed out many of your programs, there's no mention of either putting PG into learning mode or disabling protection (not shutting down the GUI - disabling protection) in the mix of things tried.

There's really not a lot of information to go on, but it sure sounds like a configuration issue (either application or system/OS level) or a conflict during install that we're not seeing at this point.

I assume no tweaking with permission levels, policies, etc., has been performed on this machine. Correct?

Blue

[nick s]

Hi rat,

As Blue suggests, it does look like some other app/setting/policy/permission is blocking the RD driver/service creation. Since this also happens in Safe Mode, I would first suspect system policies and permissions. One way to test your permissions is to try manually creating a driver/service key called regdefend with regedit. If you do not have permission, W2K will tell you. So will PG unless you disable it or give regedit.exe permission to install drivers.

Nick

[nick s]

FWIW, I played around a bit with deleting the driver registry key, and found that if I delete the key and reboot, RD re-creates the key at startup. If I delete the driver registry key and also delete the RD GUI autostart key, the driver key will remain absent when I reboot. However, when I then start RD manually, the driver key is restored. So RD will attempt to reinstall the driver key when required.

Nick

[rat]

Hi Blue, hi Nick - yes, if I do not give regedit.exe permission to install drivers/services PG wont let me create a regdefend key. But if I give the permission (or if I disable PG) I have no difficulty at alli in creating it.
I'm very grateful for your support - but....will the patient die?
(a sad) Rat

[nick s]

Hi rat,

I installed RD on a W2K system just so I could export the driver registry key. Rename the attached rd_2kdriver.reg.txt to rd_2kdriver.reg. Double-click it to merge it into the registry. I'm not 100% sure that the key is transportable from one W2K system to another, but it is worth a try. Anyway, let's see if the key sticks and the driver stays installed.

Nick

[rat]

Hi Nick, Hooray! The key did stick and the driver appears in the registry: everything seems OK to me. I'm trying to attach a screnshot of the registry
but this godforsaken modem+this miserable phone line keep disappearing during upload. Anyway, I'll try now to install and shall come back as soon as possible.
Thanks!
Rat
Edited: impossible to upload.

[rat]

Hi Nick, I rejoiced too soon.. RegTest failed as before. What I cannot understand is that the regdefend key is in the registry (I think this time the screenshot got attached) and the program is installed and starts - but does nothing...

[Pilli]

Hi Rat, Have you checked that the default groups are all enabled in "Main"? There should be two instances of RegDefend.exe running in Task manager.

Also check the following - Open "System Information" and make sure that you have this entry under "Software environment" - "System drivers"

regdefend regdefend \??\c:\program files\regdefend\regdefend.sys Kernel Driver Yes Auto Running OK Normal No Yes

HTH Pilli

[Bowserman]

Also, just in case you did by accident.....check that you haven't added regtest.exe to the APO list (Application Permission Override) for any of the groups .


Regards,
Jade.

[rat]

Hi Pilli, to sum up the situation:when I install RegDefend (in safe mode, no other defensive applications running) no RD key appears inthe registry. If I merge the key Nick sent me, it appears in the registry.
In System Information "Drivers": no RegDefend driver; in System Information,"auto-execute programs":
(Program): RegDefend
(Command): "c:\∞\regdefend\regdefend.exe" -minimize
No instance at all of RegDefend running in Task Manager.
Finally, you wrote:"Hi Rat, Have you checked that the default groups are all enabled in "Main"?". Excuse my stupidity, but I haven't understood what you mean by that.

Hi, Bowserman: no, I haven't added anything to the APO of the groups (By the way, I am unable to see any APO. Where should I look?).
Regards
Rat

[BlueZannetti]

rat,

This is a real puzzler.

About the only thing I can think of is a fundamental configuration problem related to machine localization - I noticed that the registry editor title bar is in Italian. Crossed signals due to language expectations? Wouldn't think this is a problem, but I can't think of any other options at the moment which would be benign.

Comments? I know, a shot in the dark.

Blue

[Pilli]

Quote:

Finally, you wrote:"Hi Rat, Have you checked that the default groups are all enabled in "Main"?". Excuse my stupidity, but I haven't understood what you mean by that.

Not stupid The unasked ones are the stupid ones. In RD's Main tab you should see the groups listed, the default ones are:
Autostarts,
Extra protection
Internet Explorer protection.
To the left you should see an "on / Off" tick box. Thes should be enabled if they are not already as if X RD is effectively disabled.

Please uninstall then reinstall RegDefend in normal mode as an Administrator with all your running security programs disabled. If this does not work there must be a deeper problem which is alluding us at the moment.

Attached shows how you can see that the drive is installed properly

HTH Pilli

[Pilli]

Here is how Main should look with the default groups enabled:

[rat]

Pilli, this issue is becoming ....well I don't know how to define it. I did what you told me to do: uninstalled and reinstalled RD, only to discover that the downloaded setup file had become corrupted.
Ok, I download it again, I install it and two things happen in sequence:
1) RD suddenly awakens and blocks a program which is trying to modify the registry (I have verified that it is not a false alarm),
2) RD tells me that my trial period is ended and stops working...
Only 5 of the 14 trial days have elapsed, but what should I do ? Could I receive an 8-day-key to verify if RD really works on my system (and buy it, of course)?
Regards
Rat