PDA

View Full Version : RegDefend vs KAV 2006 Proactive Registry...

dja2k
November 2nd, 2005, 03:03 PM
How does the registry protection of KAV 2006 compare to the registry protection from Regdefend?

dja2k
dja2k
November 9th, 2005, 01:08 AM
I am not that good in comparing registry entries. Maybe someone can help. Here are the entries covered in both KIS and RegDefend, can anyone spot out the different ones?

RegDefend 2.001

HKEY_USERS\.default\Software\Microsoft\Windows\Currentversion\Internet settings | MinLevel |
HKEY_USERS\.default\Software\Microsoft\Windows\Currentversion\Internet settings | Safety Warning Level |
HKEY_USERS\.default\Software\Microsoft\Windows\Currentversion\Internet settings | Security_RunActiveXControls |
HKEY_USERS\.default\Software\Microsoft\Windows\Currentversion\Internet settings | Security_RunScripts |
HKEY_USERS\.default\Software\Microsoft\Windows\Currentversion\Internet settings | Trust Warning Level |
HKEY_USERS\.default\Software\Microsoft\Internet explorer\Main | Search Page |
HKEY_USERS\.default\Software\Microsoft\Internet explorer\Main | Search Bar |
HKEY_LOCAL_MACHINE\System\*controlset*\Services\Winsock2** | * |
HKEY_LOCAL_MACHINE\System\*controlset*\Services\Tcpip\Parameters\Interfaces** | * |
HKEY_LOCAL_MACHINE\System\*controlset*\Services\Tcpip\Parameters | DataBasePath |
HKEY_LOCAL_MACHINE\System\*controlset*\Services\* | |
HKEY_LOCAL_MACHINE\System\*controlset*\Services\* | imagepath |
HKEY_LOCAL_MACHINE\System\*controlset*\Control\Session manager | BootExecute |
HKEY_LOCAL_MACHINE\System\*controlset*\Control\Session manager | *FileRenameOperations |
HKEY_LOCAL_MACHINE\System\*controlset*\Control\Safeboot** | * |
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windowsfirewall** | * |
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Windowsupdate* | * |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Run** | * |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Policies\System | * |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Policies\Network | * |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Policies\Explorer\Run | * |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Internet settings\Zonemap\Ranges** | * |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Explorer\Browser helper objects** | * |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Control panel\Don't load | * |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows nt\Currentversion\Windows | AppInit_DLLs |
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows nt\Currentversion\Image file execution options** | * |
HKEY_LOCAL_MACHINE\Software\Microsoft\Security center | * |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Toolbar | * |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Search | CustomizeSearch |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Search | SearchAssistant |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Search | Default_Search_URL |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Start Page |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Default_Page_URL |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Local Page |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Start Page_bak |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | HOMEOldSP |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Search Page |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Default_Search_URL |
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Extensions** | * |
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windowsfirewall** | * |
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Windowsupdate* | * |
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet explorer\Toolbars\Restrictions | * |
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet explorer\Infodelivery\Restrictions | * |
HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Run** | * |
HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Policies\System | * |
HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Policies\Network | * |
HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Policies\Explorer\Run | * |
HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings\Zonemap\Ranges** | * |
HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings | MinLevel |
HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings | Safety Warning Level |
HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings | Trust Warning Level |
HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings | Security_RunActiveXControls |
HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings | Security_RunScripts |
HKEY_CURRENT_USER\Software\Microsoft\Windows nt\Currentversion\Winlogon | GinaDLL |
HKEY_CURRENT_USER\Software\Microsoft\Windows nt\Currentversion\Windows | load |
HKEY_CURRENT_USER\Software\Microsoft\Windows nt\Currentversion\Windows | run |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Urlsearchhooks** | * |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Styles | stylesheet |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Searchurl** | * |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Menuext | * |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Start Page |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Default_Page_URL |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Local Page |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Start Page_bak |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | HOMEOldSP |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Search Bar |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Use Custom Search URL |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Search Page |
HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Extensions** | * |
HKEY_CURRENT_USER\Control panel\Don't load | * |
HKEY_CURRENT_USER\Control panel\Desktop | scrnsave.exe |
HKEY_CLASSES_ROOT\Txtfile\Shell\Open\Command | * |
HKEY_CLASSES_ROOT\Protocols\Handler** | * |
HKEY_CLASSES_ROOT\Protocols\Filter** | * |
HKEY_CLASSES_ROOT\Piffile\Shell\Open\Command | * |
HKEY_CLASSES_ROOT\Exefile\Shell\Open\Command | * |
HKEY_CLASSES_ROOT\Comfile\Shell\Open\Command | * |
HKEY_CLASSES_ROOT\Batfile\Shell\Open\Command | * |
HKEY_CLASSES_ROOT\.txt | * |
HKEY_CLASSES_ROOT\.pif | * |
HKEY_CLASSES_ROOT\.exe | * |
HKEY_CLASSES_ROOT\.cmd | * |
HKEY_CLASSES_ROOT\.bat | * |

KIS 2006 6.0.15.225

HKEY_CLASSES_ROOT\*file\shell\open\command *
HKEY_CLASSES_ROOT\*file\shell\runas\command *
HKCU\Software\Microsoft\Internet Explorer\Desktop\General Wallpaper
HKCU\Software\Microsoft\Internet Explorer\Desktop\SafeMode\General Wallpaper
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks *
HKCU\Software\Microsoft\Internet Explorer\SearchURL *
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows load
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows run
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon GinaDLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved *
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe *
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved *
HKCU\Software\Mirabilis\ICQ\Agent\Apps *
HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\ICQ* Path
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies\* *
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\* *
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\* *
HKLM\SOFTWARE\Microsoft\VBA\Monitors\* CLSID
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\* *
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders Common Startup
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SafeSites *
HKLM\System\ControlSet???\Services\* ImagePath
HKLM\System\ControlSet???\Services\*\Parameters ServiceDll
HKLM\System\ControlSet???\Services\VXD\* StaticVxD
HKLM\system\currentcontrolset\control\Session Manager BootExecute
HKLM\System\CurrentControlSet\Control\MPRServices\* DLLName
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries *
HKLM\Software\Microsoft\Active Setup\Installed Components\* StubPath
HKLM\Software\Microsoft\Windows NT\CurrentVersion\WOW\BOOT *
HKLM\Software\Microsoft\Windows NT\CurrentVersion\WOW\NonWindowsApp *
HKLM\Software\Microsoft\Windows NT\CurrentVersion\WOW\Standard *
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers *
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 *
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs
HKLM\SYSTEM\ControlSet???\Services\Tcpip\Parameters DatabasePath
HKLM\SYSTEM\ControlSet???\Control\SafeBoot\Network\*\Parameters ServiceDll
HKLM\SYSTEM\ControlSet???\Services\SharedAccess\Parameters\FirewallPolicy\* *
HKLM\SYSTEM\ControlSet???\Control\Session Manager\Memory Management EnforceWriteProtection
HKLM\SYSTEM\ControlSet???\Control\Session Manager\Environment ComSpec
HKLM\SYSTEM\ControlSet???\Control\BootVerificationProgram ImagePath
HKLM\SYSTEM\ControlSet???\Control\VirtualDeviceDrivers VDD
HKLM\SYSTEM\ControlSet???\Control\SafeBoot AlternateShell
HKLM\SYSTEM\ControlSet???\Control\SafeBoot\Minimal\* ImagePath
HKLM\SYSTEM\ControlSet???\Control\SafeBoot\Network\* ImagePath
HKLM\SYSTEM\ControlSet???\Control\SafeBoot\Minimal\*\Parameters ServiceDll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon SFCDisable
*\Software\Microsoft\Internet Explorer\Styles Use My Stylesheet
*\Software\Microsoft\Internet Explorer\Styles User Stylesheet
*\Software\Microsoft\Windows\CurrentVersion\Policies\System *
*\Software\Microsoft\Driver Signing Policy
*\Software\Microsoft\Windows NT\CurrentVersion\AEDebug Debugger
*\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Shell
*\Software\Microsoft\Windows*\CurrentVersion\Run* *
*\Software\Microsoft\Windows NT\CurrentVersion\Winlogon UserInit
*\Software\Policies\Microsoft\Windows\System\Scripts\* *
*\Software\Microsoft\Command Processor AutoRun
*\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *
*\Software\Microsoft\Windows\CurrentVersion\Policies\System Shell
*\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\* DllName
*\SOFTWARE\Microsoft\Internet Explorer\Toolbar\* *
*\SOFTWARE\Microsoft\Internet Explorer\MenuExt\* *
*\SOFTWARE\Microsoft\Internet Explorer\AboutURLs *
*\SOFTWARE\Microsoft\Internet Explorer\Search SearchAssistant
*\SOFTWARE\Microsoft\Internet Explorer\Search CustomizeSearch
*\SOFTWARE\Microsoft\Internet Explorer\Main Default_Page_URL
*\SOFTWARE\Microsoft\Internet Explorer\Main Default_Search_URL
*\SOFTWARE\Microsoft\Internet Explorer\Main Search Page
*\SOFTWARE\Microsoft\Internet Explorer\Main Start Page
*\SOFTWARE\Microsoft\Internet Explorer\Main Search Bar
*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies\* *
*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\* *
*\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\* *
*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler *
*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks *
*\SOFTWARE\Microsoft\Windows\Currentversion\Policies\Explorer *
*\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix *
*\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes *
*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\* *
*\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad *
HKEY_USERS\*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders Startup
*\Control Panel\Desktop SCRNSAVE.EXE