New Version of MJ Registry Watcher 1.2.7.7

[TomAZ]

Thanks so much for the clarification.

One other question. . . when you're in Prompt Mode and receive an Alert Nofification, how do you either accept (whitelist) or reject (blacklist) that item?

[Graphic Equaliser]

Here is an alert screen :-



Going across the buttons at the bottom, you can Accept this change, Reject it, Prefix the key to always accept or reject any change to it, or Exempt certain values that caused this key to alert so that those particular values don't alert you in future and are accepted automatically. The buttons at the top can switch MJRW into Accept or Reject mode so you get no more prompts from a set of system changes happening to your PC at the time. Hope that's clear. Prefixes are covered in depth in the help file. HTH,

[TomAZ]

Great! So if an item is Accepted, does that mean there will be no future Alert notices for that particular item?

[Graphic Equaliser]

No, it means you have accepted that change for that one time only. If it's a specific value that keeps alerting you, you have to exempt it with the Exempt Certain Values button. If it's a specific key that keeps alerting you, then you have to prefix the key using the Prefix button. You then get to decide what to do with the current alert with an accept/reject yes/no prompt. Try it!

[TomAZ]

Quote:

Originally Posted by Graphic Equaliser

No, it means you have accepted that change for that one time only. If it's a specific value that keeps alerting you, you have to exempt it with the Exempt Certain Values button. If it's a specific key that keeps alerting you, then you have to prefix the key using the Prefix button. You then get to decide what to do with the current alert with an accept/reject yes/no prompt. Try it!

@Graphic Equaliser

So when you're in the Accept Mode, which of the above two is actually being used to "accept" it? Are these permanent?

Don't know if I'm totally understanding the difference between "Exempt" and "Prefix." How do you determine which to choose? And should one or the other be used to permanently accept an alert notification?

Better yet, let me approach this whole thing a little differently. I'm far from being any kind of registry expert - in fact, I'm a real neophyte. All I'm interested in is security - protecting my registry from malware and other illicit items. So, with that in mind, what's the the simplest way for me to use this application in order to accomplish that and not be annoyed over and over with the same Alerts?

[Graphic Equaliser]

Tom, if you're in Accept mode, you won't be troubled by alerts! If you are in Prompt mode and an alert keeps popping up because of some software running that you're happy with, then you can exempt the value that is being changed that is causing the alert. When you press Exempt, a list of possible values is presented to you and you just choose which ones you want to never be troubled by again. You only have to do this once. It's like teaching MJRW which alerts to ignore. HTH,

[TomAZ]

Sorry for being such a pest - just trying to understand how this all works. I guess I'll just play with it a bit and see what happens.

From the way it sounds, Accept Mode doesn't really offer any kind of "security protection" at all against any kind of registry tampering - it just accepts everything. This Mode is probably great for logging, but no protection. Right?

By the way, what does the arwwdwin.exe file do? Just curious.

[Graphic Equaliser]

Yes, Accept mode does not stop the changes, just logs them and optionally emails alert details somewhere. arwwdwin.exe checks the process heap twice a second to see if MJRW is still running, and launches it if it isn't.

In Prompt mode, after exempting whatever keeps popping up that you are happy with, MJRW hardly ever troubles you unless an automatic Windows update happens, or you install some software that has some autostart or update features (like Google Chrome or Adobe Flash). Just accept each change, or, if you're like me and don't want Google Updater or Adobe Updater running all the while on your PC, reject those autostart changes. You could also go into Accept mode after the first alert, to allow the update to happen, while MJRW just logs the changes.

After a bit of practice and experience with what goes on "behind your back" on your PC, MJRW can prove very useful indeed at stopping both trojans or viruses, and crapware from getting onto your PC. HTH,

[TomAZ]

How do you enable MJRW to start with Windows?

[Graphic Equaliser]

Please refer to the documentation on my website at http://jacobsm.com/mjsoft.htm#rgwtchr

There is even a video tutorial on installing MJRW there.

[TomAZ]

Quote:

Originally Posted by Graphic Equaliser

Please refer to the documentation on my website at http://jacobsm.com/mjsoft.htm#rgwtchr

There is even a video tutorial on installing MJRW there.

Just checked it out. Unless I missed it, I didn't really find the answer on how to launch MJRW at startup with Windows XP.

Also, is there a way to periodically purge the log file?

[Graphic Equaliser]

To purge the log file, right-click on the Log button, Select All (Ctrl+A) and press Delete, and then save it. Simple! For installation, did you try http://www.softoxi.com/mj-registry-w...reenshots.html ? It's under Options, Settings, Automatic Startup Options.

[TomAZ]

Sorry, but I'm not seeing anything about loading MJRW at Windows startup. The only thing I have in my Auto Starup Options is this (along with a checkbox which says "Only for Current User):

Custom Set
Light Set
Default Set
Medium Set
High Set
Highest Set
Uninstall MJRW

[Graphic Equaliser]

Perhaps that screen could have been clearer. Anyway, it prompts at the top to "Choose a startup option :-", so if you want it to start up with the Custom set (the default setting) then just click OK and it will make a run key to start MJRW when Windows starts. HTH,

[TomAZ]

Quote:

Originally Posted by Graphic Equaliser

Perhaps that screen could have been clearer. Anyway, it prompts at the top to "Choose a startup option :-", so if you want it to start up with the Custom set (the default setting) then just click OK and it will make a run key to start MJRW when Windows starts. HTH,

Thanks for clarifying this. I guess I was looking for a simple "Start with Windows" checkbox. With the way you've decided to do this, how do you turn it off if you no longer want it as a startup item?

[Graphic Equaliser]

Use the same screen but choose "Uninstall MJRW" before you click OK.

[EASTER]

Quote:

Originally Posted by Graphic Equaliser

Easter, I have Windows 8 64-bit pro on a PC next to me, and MJRW 1.2.7.8 works fine on it. OK, you need to configure it to "Run as Administrator" using the properties for the executable file RegWatcher.exe and OK a UAC prompt every time the PC starts up, but it works. Go to RegWatcher.exe and get its properties up. Select the Compatibility tab. Tick the "Run this program as an administrator" checkbox under the "Privilege level" heading. You could also do this for all users by clicking the "Change settings for all users" button at the bottom of this tab.

You can also bypass the UAC prompt by using the Task Scheduler to run MJRW at startup with administrator privilege rather than using a Run key.

P.S. Thankyou for your very kind comments. Warmest regards.

Thanks.

I am all over u r proggy MJ Reg Watcher because this app gets it done for us info data junkies especially when it comes to coded shadow lurkers making activity actions you ordinarily wouldnt even know are there at all.

[Graphic Equaliser]

Easter, thanks for your kind words! I am currently working on a service-based version of MJRW which has no UI, but can automatically accept or reject any attempted changes, and can also email someone when something happens, all running as a Windows service. This could be useful to admins with Internet cafes who don't want people stopping MJRW by using the tray icon to exit it, or for admins running servers where people only occasionally login, but you want a constant update of any changes to the PCs. More news later!

[HAN]

GE: I am trying to extract (with 7-Zip) the new 1.2.8.1 version from the download zip you supply but it won't work. When I test the archive with 7-Zip, it gets hung up. When I try it with Windows zip utility, it says unknown compression method. Help!