Windows registry guard programs

Discussion in 'other anti-malware software' started by EASTER, Jun 4, 2015.

  1. Kyle_Katarn

    Kyle_Katarn Developer

    Joined:
    Dec 20, 2007
    Posts:
    3,331
    Sure that almost what SuS allows to do in a "customized" and flexible way.
     
  2. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    I like startup SuS, but the tray icon is ugly! I hate to be so picky :eek:
     
  3. Kyle_Katarn

    Kyle_Katarn Developer

    Joined:
    Dec 20, 2007
    Posts:
    3,331
    Do you have something nicer to propose ? :)
     
  4. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,343
    Location:
    USA
    Not off the top of my head. I am not in any way being disrespectful, you have alot of great software.
     
  5. Kyle_Katarn

    Kyle_Katarn Developer

    Joined:
    Dec 20, 2007
    Posts:
    3,331
    No problem, i know that the visual side is not a top aspect of my products: )

    Glad to see that you like them !!
     
  6. Yes, but only for power users. Not for every day usage, you have to know what your doing ;)
     
  7. Kyle_Katarn

    Kyle_Katarn Developer

    Joined:
    Dec 20, 2007
    Posts:
    3,331
    And then, my small and simple software comes into play :)

    I'll also add international translation support in the next build
     
  8. Impressive feature, any plans in regard to protection against Remote Registry Access for HKCU (when SUS will become so advance, I might as well ask for a world record in registry protection ;))
     
  9. Kyle_Katarn

    Kyle_Katarn Developer

    Joined:
    Dec 20, 2007
    Posts:
    3,331
    Would you please tell me more about what you call "Remote Registry Access for HKCU"
     
  10. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    With Windows 8 this service is disabled by default. On older systems it was first service that got disabled on my systems.
     
  11. Paul R

    Paul R Registered Member

    Joined:
    Aug 5, 2014
    Posts:
    59
    Location:
    Bury, Lancashire
    I got the below when i ran SUS, so aborted the install.

    Is rkinstaller needed to run part of this software?

    upload_2015-8-10_11-26-47.png

    upload_2015-8-10_11-27-59.png
     
  12. Kyle_Katarn

    Kyle_Katarn Developer

    Joined:
    Dec 20, 2007
    Posts:
    3,331
    Anyway a program is added to the HKCU, HKLM Run entries, SuS will detect and protect according to the Black/White list set by the user.

    SuS v2.0 will introduced "locked" mode, which will automatically delete any new entry, in order to allow SuS to protect machines when users are not in the loop (remote servers, NAS....). I'll let you know when it is available for test !!
     
  13. Kyle_Katarn

    Kyle_Katarn Developer

    Joined:
    Dec 20, 2007
    Posts:
    3,331
    Hi Paul,

    Thanks for letting me know. This is not due to SuS but to Relevant Knowledge optionnal sponsor.
    In your case, i'd suggest to use the "Lite" installer for SuS : http://www.kcsoftwares.com/files/sus_lite.exe
    Refer to my download page for details : http://www.kcsoftwares.com/?download

    Please confirm that this solves your issue !
     
  14. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Been busy with some other security app tests and such but for Kyle with KC Softwares, I dunno if this falls close into what @Windows_Security is suggesting but you've no doubt read my own interest about a setting where just like in the ARK PC Hunter v. 1.04 under properties details or 1.35 I think. I found 2 fantastic registry lockdowns that allow the system to run normally and safe but REJECT writing to the registry PERIOD! It's a great On-Demand prevention and they use "forbid creating key (value)" AND "forbid setting key value" with a simple click of a checkmark in those boxes. I been looking and hoping to find a similar app ever since. No doubt it's a formula set in PC Hunter's Driver that accomplish this.

    Thoughts? Ideas? Possibilities?
     
    Last edited: Aug 10, 2015
  15. @EASTER

    It was @Minimalist who suggested this, butyou are right. It is probably done through permissions, but you have to do it manually autorun key by autorun key with a chance of messing up, see pic (sus is easier to use IMO)

    upload_2015-8-10_19-51-54.png
     
  16. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Yeah what I like best about PC Hunter is that "writing to create ANY KEYS/VALUES in the registry are Instantly! paralyzed the second you set it to forbid. Like I mentioned it's probably formulated in the ARK's driver as a method to yank out a bad live malware or just as a prevention period! while On-Demand.

    SUS is very good for those CHOICE keys as in your pics for RUN keys but a Total Lockdown Mode of sorts is what i'm looking to implement in order to completely compliment the other security process/driver/userspace protections apps like ERP/SOB have already addressed. And as another free alternative it would be the icing on the cake so to speak. ;)
     
  17. Paul R

    Paul R Registered Member

    Joined:
    Aug 5, 2014
    Posts:
    59
    Location:
    Bury, Lancashire
    Brilliant that solved it, didn't see the lite option :)

    Thanks a lot,
     
    Last edited: Aug 10, 2015
  18. Kyle_Katarn

    Kyle_Katarn Developer

    Joined:
    Dec 20, 2007
    Posts:
    3,331
    Glad to read that !
    Please come by after and share your feedback :)
     
  19. Kyle_Katarn

    Kyle_Katarn Developer

    Joined:
    Dec 20, 2007
    Posts:
    3,331
    "Total lockdown mode" is planned to be implemented in SuS v2.0
     
  20. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    You must be kidding me o_O

    That will be EPIC!!!! I don't understand why more peeps don't make as big a deal of this as I been doing for many months. It only takes a single supposed safe program install to lay a timer (clock/date) initiated badware to slip it's way into the registry (not always RUN keys) and hide in there. A REGISTRY WRITE-DELETE LOCKDOWN mode is VERY HUGE SECURITY!

    Thanks Kyle. Will definitely be looking forward to THAT!
     
  21. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Replacing WinPatrol Free right now, especially after that HKLM deletion debacle.
     
  22. Kyle_Katarn

    Kyle_Katarn Developer

    Joined:
    Dec 20, 2007
    Posts:
    3,331
    It will not be a "full registry write delete lockdown" but "write lockdown for startup entries"
     
  23. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    OK, darn, guess i'll just have to wait a little while longer until something other than PC Hunter shows up with that type of security. The RUN sections are easy to protect.
     
  24. Kyle_Katarn

    Kyle_Katarn Developer

    Joined:
    Dec 20, 2007
    Posts:
    3,331
    OK, sorry ;-(
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.