RegDefend v1.300 Released!

Discussion in 'Ghost Security Suite (GSS)' started by Jason_R0, May 12, 2005.

Thread Status:
Not open for further replies.
  1. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    http://www.ghostsecurity.com/index.php?page=regdefend

    Please uninstall your current RegDefend version before installing this one, and make sure you reboot. You should not install over the top of an existing installation.

    What is RegDefend?
    RegDefend is a kernel based registry protection system, designed to use as few resources as possible. Instead of polling the registry looking for changes, RegDefend intercepts the changes before they occur. RegDefend comes installed to protect registry autostarts and some special registry keys, custom rules can also be added.

    New features and changes since the last version :-

    -Fast and powerful registry monitoring added with a full compliment of filtering abilities during and after capture
    -If a registry item is set to "ASK USER" and the operation being performed is "set value" AND the data is the same as exists currently in the registry, then no alert will occur anymore. ie it now checks what is written to what is already there, if the same then it will "allow" the operation to occur.
    -If the desktop is switched whilst an alert is being displayed or going to be displayed, then RegDefend will simply block the operation by default instead of asking the user.
    -Fixed balloon alerts from not appearing due to "Show Ghosts in background option" which has now been removed. Also changed tooltips to balloons instead of simple rectangles.
    -Fixed issue with regdefend.exe being suspended and not able to process "Ask User" requests
    -Now log any registry actions which are allowed by the user, rather than only showing actions which are blocked
    -Any log event which is blocked automatically due to inability to ask the user, will be shown with [AUTO RESPONSE] in the log
    -GUI now selects first registry group upon startup
    -Now show all information about registry items in the listview
    -Now show which registry group a log event belongs to
    -Optimized sorting
    -Lots of other small fixes and tweaks, thanks to all testers.
     
    Last edited: May 12, 2005
  2. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Just another note, if you have trialed RegDefend before and the 14 day trial has expired then you can have another trial starting from this release and on. Basically with every new "major" release the trial period will be set back to 14 days.
     
  3. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Thanx Jason, It felt like it was already finished lol, sometimes I am rather quickly satisfied ;)
    enjoy the evening and thanx for sticking with it.

    Andy
     
  4. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,449
    Location:
    North Carolina, USA
    I would just like to point out that if you have any custom groups, you need to back them up as the uninstall will delete them .....
     
  5. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,449
    Location:
    North Carolina, USA
    And my install went flawlessly and so far I am loving the new version..... Thanks to Jason and the beta team for another great version.....
     
  6. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi Jason and puff,

    Thanks for the new release Jason.

    Puff, are there any changes to the special RegRun group or do I leave them the same?

    Thanks for a great program and program additions!

    Rich
     
  7. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,449
    Location:
    North Carolina, USA
    Hi Rich,

    So far, it does not appear that the new version affects the group in any way. If, during the next few days, I come across anything that may need to be changed, I will post it to the RegRun Entries thread, but I do not beleive there will be any...
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Nice Job Jason, Love the new logging and monitoring :D

    Regarding the groups, I believe only the default groups are altered by uninstalling and re-installing, any other groups that you have should be retained.

    Pilli
     
  9. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,449
    Location:
    North Carolina, USA
    All I know is that mine were deleted but luckily I had them backed up.....
     
  10. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    Hi Jason,

    Thanks for the release as well :). The new monitoring feature is a great addition.

    I did find a problem involving RD's checking for new version and Outpost Pro's Open Process Control protection. I get the typical OP tray alert as Windows is loading and a corresponding log entry (see the pic below). This is followed by OP crashing.

    From the application event log:

    The application, C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe, generated an application error The error occurred on 05/12/2005 @ 12:07:13.838 The exception generated was 80000007 at address 00000000 (ntdll!KiFastSystemCallRet)

    From the Dr. Watson log:

    Application exception occurred:
    App: C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe (pid=1408 )
    When: 5/12/2005 @ 12:17:05.402
    Exception number: 80000004 (single step exception)


    Disabling OP's Open Process Control eliminates the problem, although I would rather be able to disable RD's checking for new version.

    Nick
     

    Attached Files:

  11. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Ah well, Best to back up just in case then :)

    Cheers. Pilli
     
  12. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    I've just installed regrun.ghst today, before i found the new release,
    so thanks Kent.

    But i didn't have to reinstall this file.

    New release seems to work great.
     
  13. jvillas

    jvillas Registered Member

    Joined:
    Nov 22, 2004
    Posts:
    23
    Thank you Jason, and beta testers. My problems with RegDefend hanging on log-off have been fixed. Once again, Thankx.
     
  14. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Hi Nick, see the other thread relating to my Outpost concerns. They definately need to do some tweaking to their protection , but in the meantime I can send out a build which doesn't have quite as much protection in it which should solve that issue. :)
     
  15. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Installed it a couple of hours ago and it seems to be running just fine. ;)
     
  16. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    Running great here!! Thanks :D Cheers ;)
     
  17. Disciple

    Disciple Registered Member

    Joined:
    Nov 14, 2002
    Posts:
    292
    Location:
    Ellijay, Georgia - USA

    Sorry to hear your additional groups were deleted. I know you don't want to hear this, In my uninstall/install the additional groups were left intact, and loaded. It may be a situtation of; your results may vary.
     
    Last edited: May 13, 2005
  18. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    RegRun group was left intact when I installed V1.3. I had made a backup just in case.

    Rich
     
  19. siliconman01

    siliconman01 Registered Member

    Joined:
    Mar 6, 2003
    Posts:
    780
    Location:
    West Virginia (USA)
    Smooth install...running excellent...really like new features...custom groups left alone on installation.

    thanks much, as always :D
     
  20. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,449
    Location:
    North Carolina, USA
    My custom groups must have been deleted by a glitch somehow, but I always keep backups so it was not a problem. I thought I remembered previously on an upgrade they had been left intact. I guess the motto is to back them up just in case... I might have been the only one that they were deleted :ninja: ...
     
  21. tlu

    tlu Guest

    Yes, I'm happy to confirm this! No more hanging on log-offs. I'll try the new version for some days. Unless there are unexpected problems Jason will receive my registration.

    Greetings, Thomas
     
  22. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    For all the Outpost users experiencing slowdown, please RE-download the setup again and all should be set right. Thanks to the Outpost users who tested the new build.
     
  23. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada
    Hello Jason_RO,

    Sorry for my dumb question, which setup to re-download are you refering to?

    Thanks
     
  24. Bowserman

    Bowserman Infrequent Poster

    Joined:
    Apr 15, 2003
    Posts:
    510
    Location:
    South Australia
    Hi Antartica :).

    The setup to re-download is available from here.


    Regards,
    Jade.
     
  25. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada
    Thanks Bowserman,
    O.K. I understand now... :oops:
     
Thread Status:
Not open for further replies.