WinPatrol Registry Protection list for Windows Vista/7

[Creer]

Hello,

In refference to Kees registry list for WP from this thread - I decided to create and publish more extended registry protection list for WinPatrol for OS's: Windows Vista/7. (special thanks goes to Kees)

In attachment I uploaded list of registry keys for WinPatrol Registry Monitor for Windows Vista and 7.
You will find there two lists - one is valid for computers with UAC enabled or run as limited user (LUA), the second one for computers with UAC disabled.
These lists offer more complex protection which will give you Scotty by implemented Registry Monitoring feature in PLUS version and are inspired on Silentrunner list.

Change extention from .txt to .reg and double click on it to load proper list.

[Boyfriend]

Thanks Creer I have added UAC enabled list to my second computer.

[ExtremeGamerBR]

Thanks!

[blasev]

Thx a lot
Its just what I need

since I'm using admin account with no uac at all
I'm using winpatrol as UAC replacement

[PJC]

Thanks for Sharing!

[Kees1958]

Creer

A few years ago Tony Klein en TopperID, etcetera were members who participated a lot in discussion and threads on this forum and had extensive knowledge of registry vulnabilities and how to protect yourself with (old security aps like regdefend and SSM). To be honest I learned a lot of them. Helas they are not visiting Wilders a lot these days.

I have to congatulate Creer on the effort he put into this list. For any one owning a Winpatrol plus lisence it is a great extention of the security covered by WP.




Wel done

[Konata Izumi]

this can't be used on WP FREE?

[justenough]

This looks like something I should use since I'm not using much real-time software, and have UAC turned off. But I can't figure out how to change the file from txt to reg. Usually .txt is after the name of the file underneath the icon of the file, but not on this one. How do I change the file type and load it into WinPatrol+?

Is there somewhere I can read about registry keys and what this file will change in WinPatrol to give better security?

Edit: When downloading the file, I put .reg after the file name, then when downloaded double-clicked on the file, and let it change the computer reg files. When loading the reg files, there was no mention of them going into WinPatrol, but now they are in WP's reg monitoring list. This seems to have been a change to the operating system (7x64) instead of just WP. Have I installed the file correctly?

[ruinebabine]

Thanks much for publishing this registry protection list, Creer. It will be very handy!

Could someone tell me if this list would be as effective as is on 64-bit systems?

[blasev]

@justenough, you've done correctly.

[justenough]

Thank you blasev, that's a relief, and thank you Creer for creating the file.

[Creer]

Thank you all.
I've recently installed WP to check what's new in the latest release - after that I though that will be good idea to make WP stronger by use extended Registry Monitor list I created.
I hope that these lists will be useful for all WinPatrol users.

@Konata Izumi - Registry Monitoring is only available in PLUS version of WinPatrol.

@ruinebabine, these lists offer extended protection no matter whether you have 32-bit or 64-bit OS.

[jmonge]

thanks creer buddy i may tri it

[Francis93]

Thanks. What's the difference between Locked and Unlocked on WP? Locked says that it will be automatically protected and will notify you if there are any changes while Unlocked says that it will notify you if there are any changes. I only have 3 keys locked on the Registry Monitoring list. Should I lock all unlocked keys or should I just leave them unlocked?

[littlebits]

I just added UAC disabled list to WinPatrol.

Thank you very much for the share.
Good day.

[ruinebabine]

Quote:

Originally Posted by Creer

these lists offer extended protection no matter whether you have 32-bit or 64-bit OS.

Thanks for answering Creer.

[blasev]

Quote:

Originally Posted by Francis93

Thanks. What's the difference between Locked and Unlocked on WP? Locked says that it will be automatically protected and will notify you if there are any changes while Unlocked says that it will notify you if there are any changes. I only have 3 keys locked on the Registry Monitoring list. Should I lock all unlocked keys or should I just leave them unlocked?

U've answered the question
I choice to lock all, for I'm not a fans of pop up

[Creer]

Quote:

Originally Posted by blasev

U've answered the question
I choice to lock all, for I'm not a fans of pop up

Please note: that after locked all keys from my lists you won't be able for instance change your screensaver or System Restore settings (default settings will be restored by WinPatrol silently) until you unlock proper key.
From that reasons I would recommend do not lock all keys if you don't know what you are doing.
You also shouldn't be worry that you will get tons of popups from WP since registry keys I added to my lists are popular for malware infections.
There is also another bonus - Any changes in these keys without your knowledge/action should give you a reason to start thinking that probably something is wrong and it's time to more carefully check your computer against malware infections. With enabled locked feature for all registry keys in WP, Scotty doesn't bark, only restore keys to default settings.
So locked/unlocked function in WinPatrol should be used carefully.

[blasev]

Quote:

Originally Posted by Creer

Please note: that after locked all keys from my lists you won't be able for instance change your screensaver or System Restore settings (default settings will be restored by WinPatrol silently) until you unlock proper key.
From that reasons I would recommend do not lock all keys if you don't know what you are doing.
You also shouldn't be worry that you will get tons of popups from WP since registry keys I added to my lists are popular for malware infections.
There is also another bonus - Any changes in these keys without your knowledge/action should give you a reason to start thinking that probably something is wrong and it's time to more carefully check your computer against malware infections. With enabled locked feature for all registry keys in WP, Scotty doesn't bark, only restore keys to default settings.
So locked/unlocked function in WinPatrol should be used carefully.

yes as far as I remember, scotty only bark when i open the main windows
I dont mind a locked registry since I don't change system setting that much
but thx for the warning

[justenough]

What does the UAC disabled reg list do that is useful for those of us who don't use the UAC?

[Creer]

Quote:

Originally Posted by justenough

What does the UAC disabled reg list do that is useful for those of us who don't use the UAC?

When you work on system with UAC enabled and if you have eg. malware infection that want to write to HKLM registry key, then it need to have permissions to that key or ask the user to elevate. Otherwise, write to HKCU.
In the same case scenario if you run system with UAC disabled HKLM registry hive is not protected from changes - nothing will allert you or ask for permission which should gives you reason to think that something may be wrong or behaviour like this is not normal.
So list for UAC disabled additionaly including all important (from security point of view) registry keys also in HKLM hive.

That's why I've created two separate registry lists for those who have UAC enabled and those who have UAC disabled.

[justenough]

Thank you for the explanation.

[Doraemon]

Kudos to Creer!

[safeguy]

Thanks. Sometimes I wonder why Bill doesn't provide such extended lists for his customers...as in perhaps he could consider implementing a set of "modes" or "levels" for users to choose from in WP Registry Monitor...having the default set to the lowest 'level' (the registry entries being as it is right now). I think that would be a good addition to future WP builds...

[Bambo]

I have wondered that since he added this monitor feature. Can almost ask what is the point? I doubt he expect his core users to add much them self. Could be wrong but seems to me WinPatrol people are average, more worried about security than actually knowledgeable about registry and what not - with some exceptions like those doing these lists, and thanks for that. If he has doubts on how foolproof it is for users to throw stuff in there that could be an answer. XP vs. Vista vs. 7 might be enough to cause those doubts. But then why add the feature in the first place? If someone is hooked on this, like Creer?, then may be an idea to contact him. I think he says on his site he will add more stuff to monitor later on http://www.winpatrol.com/regoptions.html does that mean links to this forum or what?