Avast WEBforum
Other => General Topics => Topic started by: bob3160 on August 19, 2004, 05:56:40 PM
-
RegistryProt is a 100% free, standalone, compact, low-level realtime registry monitor and protector, that adds another dimension to Windows security and intrusion detection. By monitoring important locations and keys in the Windows system registry, RegistryProt will alert whenever a key is added or changed, and then give the option of accepting the key change, reverting back to the original key setting, or deleting the key.
For more information and to download the program, go HERE (http://www.diamondcs.com.au/index.php?page=regprot)
Another tool to help you stay safe.
-
Bob: The program again looks like a good one, but I don't think I would know a subseven if it hit me over the head. How do you know which ones to allow and which ones not to? Until I have a lot more knowledge, I think I should stay away from this one. Is there one that says "subseven trojan is attempting to enter your registry"? That one I could use. Thanks for the suggestion, however.
-
Hi Gene
Is there one that says "subseven trojan is attempting to enter your registry"? That one I could use.
If there was, I would already own it. What this Program does is warn you when there is a change in the registry.
-
How do you know which ones to allow and which ones not to?
Generally speaking you won't have a pop up window in normal use of the computer.
The keys monitored are the startup ones, browser settings, tracing cookies, etc.
If you are not installing right now any software, you won't see the alert window.
If you are, in fact, installing an application, you will see its path on the alert window and, easy, could 'allow' the update.
After that, you can run Ad-aware and SpyBot to comprove that the key added are a valid one (not spyware) ;)
If you install software very frequently, do only the second part. It will be annoying answering the alert window so frequently 8)
-
Doesn't Spybots TeaTimer alert you to registry changes?
-
Doesn't Spybots TeaTimer alert you to registry changes?
Yes it does...
I only can't compare the two applications (I do not test RegistryProt...)
For me, TeaTimer was simpler and better than Ad-watch of Ad-aware Professional that I saw running in a computer of a friend of mine.
-
Technical
This program just has one function "MONITOR"
It can't tell you what's good bad or indifferent. If your system is clean, it's a good and very small resident program to monitor any changes.
Most changes you are aware of because you're making them. This is good for the ones you don't know.
If something pops up, investigate before you allow the change to contine.
If you have the resouces, then by all means use S&D and and engage TeaTimer.
-
i use this one for 1.5 or 2 years (since first release) it was always good micro util :)
very usefull to deploy ...
-
I can personally vouch for the effectiveness of RegistryProt.
I use it on all my PCs and have for it seems forever now, such a tiny seemingly insignificant invention yet it is VERY STRONG! in its purpose and will ALERT! at the exact moment! of any change, allowing you the option of refusing the change if hostile.
The keys monitored are the startup ones, browser settings, tracing cookies, etc
Yes, and i found it of great value over the period since i first installed it.
What a timely reminder bob3160 to bring attention to this old faithful, tried & true safety application.
Thanks
-
SKYCOMP
Your welcome. I used to use SpySweeper cause it also alerted you of any changes but, for some strange reason, SpySweeper was raising havock on my computer and I had to remove it. Never could figue out why. I liked the fact that this is so nice and small and has a very tiny foot print.
-
is there a registry monitor that tells you if your about to deleat something immportant/vitall to the system/registry? , this way i cause less damage ;D
--lee
-
is there a registry monitor that tells you if your about to deleat something immportant/vitall to the system/registry? , this way i cause less damage ;D
--lee
Yes, the mark one human brain. If you aren't sure that it shouldn't be deleted then you shouldn't be messing with the registry unless you have a backup strategy.
But best of all use some form of registry cleaner (regcleaner or regseeker for example) that can restore deletions. This is however, is not infallible as a deletion could stop your computer from booting and you wouldn't be able to run the registry cleaner and restore the deletion. You really have to have a backup strategy or don't mess with registry unless you are happy to deal with the potentialconsequences.
-
DavidR, it was a while ago that i did it, and i managed to deleat somepart of explorer from the registry, so i couldn't start the computer up (pestpatrol said it was IWon cookie spyware >:( ) .
But i just started my win98 up in command promt and typed scanreg /restore and put it back to about 2 hours before.
So that is my back up stratigy
--lee
-
Which was my point, if you delete some part of the registry and can't get back into windows, your stuffed.
You can delete elements in the registry and nothing appears to be a problem because the changes you make to registry don't take effect until you reboot, then the s*1t hits the fan when you can't get in to "put it back to about 2 hours before."
-
Hey Guys
Can I ask a dumb beginners question.
Ran Spyboy and got something with "registry value"...does that mean the same caution should be shown when deleting as with registry key??
-
Ran Spyboy and got something with "registry value"...does that mean the same caution should be shown when deleting as with registry key??
1. I don't know anthing about Spyboy.
2. Without more information on your "got something with registry value", I couldn't hazard a guess.
I believe Caution should always be exercised when working with the registry (manually or otherwise) and as others more knowledgable than me recommend that you backup registry before messing with it.
However registry checking/editing tools tend to be better than a manual change as they have a restore function (provided of course, you can get back in to restore) and for the most part will have undergone much testing to ensure they don't do harm.
Not all registry tools are created equal (poor checks or lousy interface) so do your research.
-
This thread is getting longer and longer, but sofar I haven't seen the easiest solution to protect the registry. Make the files from the registry read only :D
-
DavidR
Which was my point, if you delete some part of the registry and can't get back into windows, your stuffed.
You can delete elements in the registry and nothing appears to be a problem because the changes you make to registry don't take effect until you reboot, then the s*1t hits the fan when you can't get in to "put it back to about 2 hours before."
I did say that i tryed to restart, but couldn't, but in win98SE there is a program at startup called scanreg (in msconfig) that scans your whole registry everytime you succsesfuly start your computer up and keeps backups, now because i couldn't start it up ivheld F8 (where safe mode ect are) and selected safemode command promt (C:\My Documents to get to my documents for example) and because i had restarted my computer about 2 hours before this i just typed scanreg /restore and selescted the time i wanted it to be restored to (2 hours before) , if it i hadn't of been restarted 2 hours before i would of had to back it up to the day before.
Eddy
Make the files from the registry read only
How do u do this on win98SE
What are the benifits
What if i want to change something while its read only.
Please be more specific, not all of us are compleat experts ;D :D
--lee
-
[1. I don't know anthing about Spyboy.
Sorry DavidR I'm a lousy typist meant to be Spybot
Eddy....may be easy for you but, sadly, not for all of us
-
1. I don't know anthing about Spyboy.
Sorry DavidR I'm a lousy typist meant to be Spybot
I would say that you are ok in fixing/deleting something in registry with Spybot S&D as it is looking for specific adware/spyware signatures and does backup any changes so they can be restored.
However, caution is the name of the game.
-
Thank you David
Any idea why my post looks so strange ???
-
Yes,
When I quoted your post (with the quotes inside it), there were a couple of errors (which I corrected, so you can see the correct effect in my post) where you had tried to create a quote.
A quote on its own without any content just draws a very thin box, which looks like a thick line. One of the quotes began with a double square bracket ( [ [ , I had to amend this (add a space) as only one [ was displayed, meaning it is looking for a closing ] after the first one) and this I believe caused the major problem with the formatting. It would appear that you tried to add a quote within a quote.
I have to exercise care with my browser (firefox), which has a serious flaw in its posting within forum boards. I have to install an extension to handle forum posts. I can't use the buttons above the text window as firefox doesn't place them at the cursor point but at the bottom/end of the text. So your browser could have an effect.
-
Yes I have just started using firefox.
Phil :)
-
Yes I have just started using firefox.
Phil :)
You might want to download the BBCode extension from the firefox extensions site - from your menu > Tools > Extensions and then click 'Get More Extensions' this will take you to the site. Download/Install the extension, restart firefox and you are done.
From now on when you are in the posts Message: window you can use the right click to access this extensions tool set.
You can play around with it, create a new message and practice with the BBCode extension, use the Preview button to see what the effect looks like but don't Post otherwise everyone will see your creative work.
-
BBCode extension from the firefox extensions site -
David ... thank you have downloaded the extension.
Now to try it out !
Phil :o
-
Yesssssssss 8) ;D
-
This should make posting and quoting a little easier now - it just takes a little time to get used to using the right click options rather than the forum tools.
-
Bob
Giving regprot a go, seems like a good alert tool. Was expecting to see an initial HISTORY.LOG but don't. I'm guessing this is normal and the first log will be produced after the first attempted registry change. Is that right?
It takes up a bit more resource than they claim. Normally around 252k mem usage on my XP machine, but I guess I can live with that if it works.
gf
-
Bob
Giving regprot a go, seems like a good alert tool. Was expecting to see an initial HISTORY.LOG but don't. I'm guessing this is normal and the first log will be produced after the first attempted registry change. Is that right?
It takes up a bit more resource than they claim. Normally around 252k mem usage on my XP machine, but I guess I can live with that if it works.
gf
The first program you should have run is called RPADMIN.EXE See JPG attached.
This is the controlpanel for the program. This is where you start and stop the program and also enable and disable the Run at Startup option.
Once you start the program, you'll be asked about programs already running at least I was. Hope this helps.