Discussion in 'Ghost Security Suite (GSS)' started by Rilla927, Mar 5, 2006.
can anyone tell me if there is an undo/unblock feature in RD yet?
At the moment that feature isn't yet in the product
I agree that it could be quite useful but I can also see that it might cause quite a lot of trouble in some circumstances. If you consider that most RD rulesets intentionally cover a subset of keys (most often specifically related to security issues and sometimes related to configuration preferences) then the issue of "backing out" changes isn't that simple. If someone was to simply undo some registry changes and leave others in place that could well cause a lot of problems and inconsistencies.
On the other hand it would be useful to be able to select a group of log entries and export the "undo" and "redo" as .reg files so that advanced users could keep them for reference (not necessarily to apply directly into the registry given that it is probably an incomplete record of all the changes made)
There is also the issue of doing it whilst malware is active in memory and the possibility that it might be faking values being "read", in that case you wouldn't have a true picture of the original value. It is useful to be aware that you should consider this possibility if you are using RegDefend to cleanse a machine that is currently infected.
NB: For what its worth I have found RegDefend (and AppDefend) quite useful when cleaning malware off machines for the simple reason that it stops changes being made to "undo" fixes that are being applied and can highlight (and optionally kill) the malware processes trying to make the changes
very informative and helpful.
I bought this program last April and had it on maybe two days at the most and I haven't had it on ever since.
Reason being, I didn't quite understand how to answer the prompts and I messed my computer up so I just un-installed it. I have been following in the forum to install at a later time. I would like to install again.
When you say cover subsets of keys, that's what would make the undo's undesirable because you have multiple keys in that group, that makes sense.
I here that AppDefend is very nice. If I wanted that program would I have to make a seperate purchase. I thought I read some where it was integrated with RD.
What suggestions can you give on do's and don'ts and how to set up on a fresh install of RD? Do I need to add more ghost files once installed or are they already there?
Thanks very much for explaining
The latest version of RD has more rules than the original version. You can also add Tony Klein's ruleset.
I believe this is the latest:
Separate names with a comma.