Problems with possibly regdefend?

Discussion in 'Ghost Security Suite (GSS)' started by Alpha_Blue, May 4, 2007.

Thread Status:
Not open for further replies.
  1. Alpha_Blue

    Alpha_Blue Registered Member

    Joined:
    May 4, 2007
    Posts:
    4
    Hi, I was installing some of the products from antirootkit.com, to test them out, and now I can no longer install anything, it will restrict my ability to install from run keys in the registry and say the system policies restrict me, also it keeps me from creating desktop shortcuts. This occured rather recently after I had installed RegDefend and AppDefend so I was just wondering if those 2 programs might be responsible? is that how they normally behave? I removed the programs but apparently they still exist or some other protection software is doing this..

    Heres a list of what else I downloaded from that site that I can remember:

    AVG Anti-Rootkit
    DarkSpy (got rid of it after I tried to run it and got a BSOD)
    F-Secure Blacklight Beta (no problems that I am aware of)
    Gmer (after I activated its protections my comp wouldnt fully load the shell and I had to go to safe mode to kill it..so it caused a lot of problems and I finally think i removed it..the driver, the dll, and the exe and also the bat and log files as well as the service).
    Helios (warned me not to run it but i did anways, smart i know, but then i removed it after it froze so i dont think its still there...)
    Helios-Lite
    IceSword-wouldnt run because of that protection program interfering..
    Panda Anti-rootkit (worked fine, no problem suspected)
    Rootkit Detective Mcafee (worked fine)
    Rootkit Revealer (didnt run for some reason)
    System virginity Verifier-ran it once but then didnt use it
    Unhackme- I believe i removed it so it shouldnt theoretically cause problems but who knows..it may remain on my system...
    AntiHook (wouldnt really install very well because protection activated at that time)
    App and RegDefend (mentioned above)
    DefenseWall HIPS (seemed to work fine and not cuase problems)
    ProcessGuard (seems fine)
    Socket Shield- tried to install but something is preventing it..

    This is I think a mostly complete list of the software i downlaoded and installed from antirootkit.com

    Additionally to this I have SpywareBlaster SpywareGuard, Lavasoft Ad-aware, Spybot S and D, AVG anti-spyware, Trend Micro Internet Security Suite, TrojanHunter, HijackThis, ProcessExplorer, APT, and some other sysinternals and random tools.

    Basically I was wondering which program do you guys think is not allowing me to install anything? Its really confusing and I dont know what to do.

    My guess would be one of the following, just a guess from experience..

    Probably its either App/Reg defend or Unhackme, possibly Helios? Gmer? I dont know. Probably not any of the additional security stuff, im guessing its a distinctly anti-rootkit package..but any help would really be appreciated, i want to remove whatevers keeping me from installing things because until I do, i can kiss installing new stuff goodbye!!

    Thanks for any help in advance
     
  2. Kegel

    Kegel Registered Member

    Joined:
    Oct 28, 2003
    Posts:
    159
    You are using WAY too many security apps dude. No need. A good AV and a firewall is all you need. Maybe regdefend and apdefend too.
     
  3. Alpha_Blue

    Alpha_Blue Registered Member

    Joined:
    May 4, 2007
    Posts:
    4
    That doesn't help at all.

    What I asked is, what is causing these errors installing programs and how can I find whatever it is and remove it.
     
  4. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Well the best thing to do is disable AD and RD and then see if you can install anything, if you can't then its not caused by AD/RD.
     
  5. Kegel

    Kegel Registered Member

    Joined:
    Oct 28, 2003
    Posts:
    159

    I still say you are using WAAAYYY too many security apps. LOL.
     
  6. Alpha_Blue

    Alpha_Blue Registered Member

    Joined:
    May 4, 2007
    Posts:
    4
    Wow maybe you should be a comedian..

    Can i get some real help here from a professional please?

    @farmerlee: I already "removed" them and yet i am not sure if tehy are fully removed..something seems to be blocking certain keys that only security programs generally modify-usually normal programs install without a problem but keys like Inprocserver32, Run, RunOnce, and other keys known to have issues w/ spyware are blocked, as well as sometimes the installation of .lnk shortcuts.

    Is this characteristic of any type of program you can think of? Once I can figure out what is causing it, I can search the file and registry for that string, but until then I really have no idea..I have tried to officially remove each of those programs i installed and all of them officially are probably gone but unofficially something is remaining,...what i mean by officially is via their uninstaller or add/remove.

    Thus I have no clue which program is doing this
     
  7. BILL G

    BILL G Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    80
    Location:
    MN USA
    It looks like you have Uninstalled 6+ Programs. This will leave Junk Files + Reg entries. I would run RegSeeker, CCcleaner+EasyCleaner to get rid of this. Also Check + Clean Your Start Menu.
     
  8. Alpha_Blue

    Alpha_Blue Registered Member

    Joined:
    May 4, 2007
    Posts:
    4
    Ive tried that. I ran ccleaner. The issue isnt temporary files the issue is:

    Something is denying my administrative rights to the registry somehow through a protection mechamism..does anyone know what program might do that?
     
  9. Kegel

    Kegel Registered Member

    Joined:
    Oct 28, 2003
    Posts:
    159
    Reformat. And dont install so many security apps next time. ;)
     
  10. BILL G

    BILL G Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    80
    Location:
    MN USA
    Have You CK Registry Permmisions + User Rights?
    You may have to go to Safe-Mode with Adm Rights.
     
  11. sentry42

    sentry42 Registered Member

    Joined:
    Apr 2, 2007
    Posts:
    9
    Try re-installing RD. Enable and then disable RD. Make sure RD is disabled and then uninstall it again and check if this helps.
     
  12. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Something seems to be broke. Or you've got a nasty that is blocking certain accesses.

    1. Click start, then run and in the dialog box type this(and yes there is a space between the sfc and / ) sfc /scannow then click the ok button. This will check your system files to see if any are corrupt or missing and put them right. You may get prompted to insert your windows installation disk. So have it handy.

    2. Have you tried scanning your system for the presence of malware? Maybe trying a web based one which is not installed to your hard drive. http://www.kaspersky.com/kos/english/kavwebscan.html

    3. Can you perform a system restore to an earlier date when you know your system was functioning correctly?

    Let us know how you go on with these.

    muf
     
Thread Status:
Not open for further replies.