I was considering how good would it be to have a software which by default blocks any modification attempt of several registry keys: HKCU\..\Run, HKLM\..\Run, RunServices, RunOnce, Explorer start and search pages, trusted sites, UserInit, User stylesheet. The list is long and still expanding: it should be possible to be configured by the user. For example you should also protect APPINIT_DLLS.

But hey, APPINIT_DLLS is already protected by PG! Still it is just a simple registry key. Hmmm. I belive PG intercepts and blocks modification attempts to this registry key, and in the same way it could possibly intercept modification attempts to several other registry keys!

My perception is that only the GUI is missing for this feature. It would be a very very useful one in the combat against new trojans and CoolWebSearch.

Dear DiamondCS! Please consider providing this new weapon for our arsenal.

best regards,
-hojtsy-

I have been waiting for a response to the question. Was it a valid request?

Yes, PG does have some registry protection built-in already (for example, to protect its own registry settings, as well as AppInit_DLLs, etc), but full registry protection isn't on the cards at the moment, sorry.

Who knows, maybe in the future we'll develop a Registry Guard - we've already developed the kernel-level driver technology to make this possible (which is currently already used by Process Guard), but due to TDS4/WG4 development we don't currently have time to develop a working interface around it for a Registry Guard ... at least not at the moment :)

If you were going to create a "Registry Guard" would it be incorperated into any other product (seems up TDS's alley) or would it be a stand alone product ?

I can't actually comment on that at this stage, sorry :)
(All will become clear when our first TDS4 program is released)