RegDefend v2.000 Public Beta Released!

Discussion in 'Ghost Security Suite (GSS)' started by Jason_R0, Aug 21, 2005.

Thread Status:
Not open for further replies.
  1. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    [NOTE] Uninstall any old version of RegDefend prior to installing this version.

    First off, let me say that unless you are a particularly adept at using your computer then you shouldn't try this beta. For example, if you have no idea what safe mode is, let alone how to boot to it, then you shouldn't try this beta.

    With that out of the way, if you begin having problems with this beta, it is a fairly easy process to stop having problems. Simply boot to safe mode, load up Ghost Security Suite, go to settings and untick "Run GSS when Windows Starts" . Then you should be ok upon your next normal reboot. The GSS/RegDefend driver is not active in safe-mode so you will not have any issues with it when in safe mode.

    It is available to download for everyone, if your trial expired previously, you will have a new 14 day trial. RegDefend now turns into a Free Version instead of disabling itself after trial period is over also. If you are a registered user, you can register using your existing registration details.

    http://www.ghostsecurity.com/downloads/gssbeta.exe
     
    Last edited: Aug 21, 2005
  2. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Changes since RegDefend v1.3 include :-

    Code:
    -Redesigned the GUI, RegDefend now falls under the "Ghost Security Suite" product range
     -Easier to use due to unneeded complexity being removed
     -New custom flat look, which is maintained throughout interface
     -Designed for multiple security components (RegDefend being one)
     -Now includes an integrated updater
     -Color/Theme changes take place dynamically, no restart needed
     -New "Emerald Green" color theme added
     
    
    -New RegDefend Alert/Log window
     -Removed "current live log" setting and simply integrated it into a date based filtering system
     -Viewing old logs is now as simple as choosing the date you want to investigate
     -Logging now incorporates a "smart disk usage system" , which means log sizes are now at least 1/50th the size as previous versions over the same period of time
     -Reduced information in the listview to reduce clutter
     -Now show full alert information when an item is clicked upon
    
    -Updated RegDefend alert/ask user window
     -Now show commandline of application
     -Can now KILL the process or the thread performing the registry operation. Should work regardless of any process protection you have, so be careful
     -Now show recommendations on what to do for each registry alert, along with other information
     -Improved layout and design to aid reading
    
    -New Registry rules editor
     -Totally redesigned the interface, allowing easier creation/modification of rules
     -Application only rules added, allowing people to define rulesets for untrusted/unknown programs. For example you can block a program which is run in a certain location (temporary files, internet cache, etc) from accessing the registry.
     -Application rules can be filtered using both the command line (useful for svchost.exe/rundll32.exe) and with wildcards
     -Application rules can now use special strings to select the Windows directory, program files directory, internet cache, etc
     -Collapsed all of the .ghst files into a simple rdconfig.bin
     -Group ordering added
     -Rule ordering added
     -Rules editor is no longer the main part of the progam, which hides unneeded complexity from users who use the supplied rules
     -Now allow modification of every string the user can enter into the editor
     -Adding multiple rules into the editor is now easier
     -Added importing of RegDefend v1.3/v2.0 rules into the editor
     -Added exporting of RegDefend v2.0 rules
     -Improved wildcard handling, no longer have to manually set whether you used wildcards or not
     -Groups and rules can now have descriptions attached to them, to allow people who have no idea about registry locations to hopefully understand them better
     -Added the ability to move rules between groups through a right click menu
    
    -New Ghost Security Suite driver
     -Incorporated RegDefend into a unified driver system
     -Added command line caching
     -Implemented new rule reading system fixing a few issues whilst being faster
     -Added optimizations to rule list searching, can be up to 200% faster now than previous version
     -Added lots of speedups, with improved design and caches
    
     
  3. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    A screenshot of the main tab using the "Midnight Blues" color theme.
     

    Attached Files:

  4. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Screenshot of the new RegDefend rules editor, using the "White Ocean" color theme.
     

    Attached Files:

  5. voirdire

    voirdire Registered Member

    Joined:
    May 26, 2005
    Posts:
    13
    So far, so good. Thanks.
     
  6. cliffordly

    cliffordly Guest

    does this mean I can uninstall anti-spyware and anti-virus?
     
  7. @Jason

    I feel that you will do it again (i.e., creating a real good application like PG).

    Respectfully.
     
  8. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    I wouldn't uninstall a good anti-virus or anti-spyware program, because they can still be helpful when used in a non monitoring fashion. I for instance don't use any scanner based monitoring software, instead I rely on RegDefend and some other intercepting programs to cover my bases. Relying upon scanner monitors to detect things usually affects system performance in a noticable way, and they never get everything. Whereas with RegDefend you will ALWAYS receive an alert when malicious software tries to autostart on your machine by altering a registry autostart value.

    I do use a lot of AV/AS/AT scanners when it comes to detecting certain malware in files in an on demand fashion. There is no way at all I personally would rely upon any scanner based software to protect my computer, simply because I know how easy it is to for malware developers to get around scanners.

    It's only my opinion though, some folks swear by having a few anti-virus/anti-trojan programs monitoring their computer. :)
     
  9. Disciple

    Disciple Registered Member

    Joined:
    Nov 14, 2002
    Posts:
    292
    Location:
    Ellijay, Georgia - USA
    To Jason, or any of the beta testers,

    I did not see any reference in the announcement message of whether to uninstall the current release version or not. I am guessing the answer is to uninstall. It might be nice to add that to the top of Jason's announcement message for those that may try an install over their current version.

    If it was stated then please disregard this message.
     
  10. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    Thanks for pointing this out. I have edited my initial post to reflect this. :)
     
  11. Disciple

    Disciple Registered Member

    Joined:
    Nov 14, 2002
    Posts:
    292
    Location:
    Ellijay, Georgia - USA
    You are welcome. I thought that is the case.
     
  12. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Hi Jason, just to inform you I cannot use your new jewel...something like this:

    "the source file is corrupted: gss.exe

    ... damn, I closed everything down...not interested in installing vmware again ... weird ... last time I had the same error but it still continued to work:

    amd64 3000 pci-e x300 (again not high end anymore .. overkill...)

    anyway ... everything was closed...ended.

    grtz
     
  13. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    You might want to redownload gssbeta.exe , this time make sure it isn't cached by your browser or ISP. I think this error is when the installer .EXE is corrupted.

    Here is the MD5 of the gssbeta.exe file, check yours is the same :-

    EB5C86A7A0376345654A3DE73F660E1F
     
  14. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Thanx Jason :) it worked but only when I executed immediately and it still didn't worked when I downloaded it (couple times, on C, D, E ... disk, still...)

    so I executed it and it worked, I'll keep you informed here whenever I encounter something.

    cheers!
     
  15. cliffordly

    cliffordly Guest

    Thank you. This will also prevent rootkit and Trojan install?
     
  16. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    rootkit will rd block as for trojans adding registry entries...rd will block it ... but it is not based on signatures ... and it is not a scanner...
     
  17. vee

    vee Registered Member

    Joined:
    May 29, 2005
    Posts:
    34
    Location:
    Zagreb, HR
    you said it so may we hear it? which ones? *puppy*

    regards,
    vee
     
  18. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Jason - Will there be any conflicts with RD 2 and other security programs?
     
  19. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    So if I uninstall the 1.300 version, should I backup the ghst files first or they are worthless to add to the beta 2.000? I mean do they conflict with the newer ones or they have diffrent names? Or am I going to have to put up with all those pop-ups again?

    dja2k
     
  20. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
    I've been running the Beta of RD 2 with ProcessGuard, Online Armor, Safe,n'Sec,Outpost 2.7, Kav 5.0 and up until a few days ago, Prevx1. No conflicts.

    Pete
     
  21. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    All working great here no Conflicks at all!! Plays very nice with all the Security software that I use!! I just would like to see a warning when you Close or Minimize!!!!! As compared to V1.3!!!!!


    Cheers,
     

    Attached Files:

    Last edited: Aug 21, 2005
  22. Starrob

    Starrob Registered Member

    Joined:
    Apr 14, 2004
    Posts:
    493

    You can backup the ghost files. The same ones used in the previous version can be used in the beta.

    The only ones that you will probably need though is the ghost files from Tony, Puff-M-D, and your own personal ones.

    All the the other ghost files that were included by default in version 1.3 would probably be redundant to the default files that are included with the beta.



    Starrob



    Starrob
     
  23. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Thanks Pete - I have ProcessGuard (paid), WormGuard, KAV and Outpost 2.7. Glad to hear there are no conflicts.
     
  24. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    I already have Tony's and Puff-M-D, what I meant is that if I would have to start from the start in respect to the options I have saved already. I mean of course I can add the back up I have of Tony and Puff-M-D that have the presets I have set, but what about the defualt .ghst files that I have preset, those are the ones I wouldn't be able to overide.

    dja2k
     
  25. Jason_R0

    Jason_R0 Developer

    Joined:
    Feb 16, 2005
    Posts:
    1,038
    Location:
    Australia
    RegDefend v2.000 has a new set of standard items which include all of the ones from RegDefend v1.300 plus a few more. So you don't need to worry about the original/standard rules from 1.300
     
Thread Status:
Not open for further replies.