Help - Search - Members - Calendar
Full Version: ::REGRUN GOLD::
B.I.S.S. Forums > Internet Security Forum > B.I.S.S. Security Guides
Moore
Mar 14 2004, 08:53 AM
######################

REGRUN GOLD SECURITY SUITE 3.90

######################

$hareware from www.GREATIS.com

RegRun is a powerful and totally unique software system, which manages and protects a vital and often-ignored area of Computer management - the Windows startup managers.

These managers include the Registry and DOS /Windows9X (or NT/2000/XP) startup files which are the first step in starting a computer after power up, and which identify and control execution of the first Windows programs.

These processes are also an increasingly popular target of Trojans which, with insertion of a single command, can destroy all of the data on your computer (including Windows itself), or start up a program that can communicate surreptitiously with computer crackers (malevolent hackers).

RegRun is a integrated suite of utilities that can help remove the mystery of Windows.
It monitors your computer operation, shows the many hidden features and helps you to get full control of your computer.
We offer three versions of RegRun Security Suite:

· The Standard version includes a minimum set of security core applications.

· The Professional version utilizes a medium set of security core applications.

· The Gold version is recommended for much protection and security.

QUOTE
Yesterday you used several products to do your work; today you need only RegRun Gold.



The Start Control Center :
Moore
Mar 14 2004, 08:54 AM
SECURITY SETTINGS :
Moore
Mar 14 2004, 08:55 AM
REGISTRY SETTINGS:
Moore
Mar 14 2004, 09:03 AM
UTILITIES:
Moore
Mar 14 2004, 09:10 AM
REGRUN main control window:
Moore
Mar 14 2004, 09:16 AM
File Protection is one of the most useful functions serving to protect your computer from viruses, Trojans and malfunctioning programs. We strongly recommend that you the run file protection setting immediately.
The sooner you do it, the greater the troubles you can avoid.

How do these troubles arise?

QUOTE
When you receive an email message, containing an interesting screen saver or an executable file, you can't help opening it. Of course, it may turn out to be a virus or a Trojan. Every virus tries to ensure its activity and life-support after the computer is re-started.  RegRun is reliable in locating all the programs that try to launch automatically when Windows is starting. Unfortunately, a virus can use the techniques of system files substitution (DLL).

Will RegRun be helpful?
It most certainly will.
File wininit.ini(Windows 95/98) and registry key PendingFileRename (Windows NT/2000/XP) are employed to substitute files, permanently used by Windows.
Be sure to mark "Check wininit.ini" checkbox in the Control Center, Options, Secure Start.

File Protection uses another protection technique.
The protected file is saved in the folder RegRun2\Files.
Check the box named "Enable File Protection" and activate the "Secure Start" option.


To select files, press the "File Protection" button.
Moore
Mar 14 2004, 09:20 AM
You can add any files for protection. We suggest you protect the most vital ones.


QUOTE
RegRun supports full file comparison or signature checking. If you check the box "Use Signature Checking" RegRun makes an MD5 signature of the source file and saves it. While comparing, it compares the original signature with a calculated signature. When you select an item in the list, you will see the current signature, if it is assigned. To apply a signature to a currently protected file, you must remove it from storage, check the  "Use Signature Checking" box, and then add it again. You can copy the signature to the clipboard and save it in its own location (use context popup menu). The MD5 signature is commonly used to check the integrity of files. You may use freely available MD5 utilities to make a signature and compare.

Recommended protection:
Viruses often use Winsock (Socket API for Windows). By substituting Winsock, any virus can get control over your Internet access and do whatever it wants.
CTL3D 3D Windows Control Library, Common Controls library, Microsoft OLE library, MFC42 DLL lots of programs by exterior implementers try to substitute these libraries to provide their own working efficiency. Yet, as a rule, these programs don't check versions of libraries and substitute them anyway, even if a newer and better working version is already installed. As result, Windows operates slowly and/or malfunctions. Errors may appear while downloading and it may misrepresent some of the elements.

MSDOS.SYS is an important file for Windows startup.
When it is missing Windows cannot launch at all. In this case the standard error "VMM32.VXD not found" occurs. MSDOS.SYS contains paths to your Windows folder. Our recommendation is to have a copy of the file to secure yourself.
Boot.ini is an important file for Windows NT/2000 startup or if several operating systems startup on one drive. Windows NT/2000 can't start when boot.ini is missing or contains errors.


If any disagreement of files is detected, you will see a warning message. You can see the date and the size of both of the files. By pressing "?" you access scroll menu, that contains commands of this file. With the help of this menu you can scan the file for viruses, and copy, delete, rename or view it.

Press the "Restore from storage" button to restore the initial file. If you find it necessary to update the file in storage, press the "Update in storage" button. If you want to decide later, then press the Close button
Moore
Mar 14 2004, 10:01 AM
Run Guard


RunGuard is a tool allows you to automatically check a file before its execution.
If the file is found to be suspicious in any way , RunGuard will warn a user to proceed execution or decline it.

RunGuard uses own "ScriptCheck" technology to determine if a file is useful or harmless.

RunGuard can check:

QUOTE
· Microsoft Office files (doc, dot, xls, xlt, ppt);

· HTML files (htm, html, shtml, asp, mhtml);

· Windows script and batch files (vbs, wsh, js, bat pif, cmd);

· Windows HTA (hta);

· Windows registry files (reg.)


Note!

RunGuard is included in the Gold Edition only.

When does RegRun begin defend you?

Immediately after installation RegRun Gold if you chosen "High" or "Ultra High" Security Level.

What will I see when I use RunGuard?

You will not see anything until you actually run a suspicious file.
RunGuard will display an alert if it decides that you must pay attention to this file.

What can I do when I get an alert?

QUOTE
You can:

1. Quickly check this file by antiviral software installed on your computer.

2. View file source code.

3. Block file execution. You may send this file to Greatis Software or to another antiviral company for testing.

4. Safely view file contents. This allows you to see Microsoft Word files in WordPad without macros execution. If you check HTML file RunGuard will strip all dangerous tags and will create the safe file in the temporary folder. You can see a text without images.

5. Cure file. This feature is valid for HTML files only. RunGuard will strip dangerous tags and replace the original file.


How can I block execution of the file?

QUOTE
Add this file to the Black List.

Click on the "Stop this file from running" button and choose "Never run this file" option.

Also you can choose "Delete File" and "Quarantine File" (move to Quarantine folder) options.
Moore
Mar 14 2004, 10:05 AM
ADVANCED SETTINGS - RUNGUARD
Moore
Mar 14 2004, 10:10 AM
EXCLUSIONS LIST :

you can specify which programs you want Regrun to ignore ,
if you explicitly trust a program and do not wish to see anything monitored on it then add it to this list:
Moore
Mar 14 2004, 10:19 AM
even better if you have executable files , [like msrexe.exe and link.exe wink.gif and any trojan .exe files you know of ] that you do not want to allow to run , simply enter them into the blacklist and then make sure it has been properly activated , simply right click your RegRun systray icon and in the security tab , and choose between blacklist on , blacklist off and blacklist block all..
Moore
Mar 14 2004, 10:37 AM
RegRun Black List feature works only with the Pro and Gold version.

Black List allows automatically filtering newest detected startup tasks.
Tasks listed in Black List will be automatically blocked.

This feature is very useful to get rid of unwanted WatchDog popups and to improve your security.
You may automatically block all new startup tasks or create your Black List.
Open RegRun Start Control->Features->Black List.
Select operation mode:

Ø Not Active

Ø Active (uses your list)

Ø Block All New Founded (blocks all new found startup tasks and services).

QUOTE
We suggest to you "Block All" option if you do have a stable version and don't want to install new software,
[also to stop the spyware installed in the background]
Also this mode will be useful for newbies who have problems with using WatchDog main window.
RegRun will automatically set all new founded startup items to the disabled (paused) state.
Later you may quickly restore auto starting of these items.
Moore
Mar 14 2004, 11:12 AM
Manual Testing

You can manually check any file.
Open RunGuard, click on the "Check File" button and locate for a file.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2012 Invision Power Services, Inc.