I'm a new user and was experimenting to get a feel for how RegDefend works. I exported a key from one of the RUN keys to use as a test. I found that if I disable the GUI and doubleclick the .reg file a dialog box (doesn't appear to have come from regdefend) appears indicating that the write attempt failed. However, if the GUI is enabled the .reg file successfully writes to the registery. Is this by design? I would have thought the write attempt would have been blocked in either case without having been given permission to write to the registry?