A new version of MJ Registry Watcher has been released at https://www.jacobsm.com/mjsoft.htm#rgwtchr --------------------------------------------- Changes 1.2.8.5 to 1.2.8.6 1) Further updated SSL libraries and strengthened ciphers. 2) Hot Key Enable/Disable toggle implemented. ---------------------------------------------
2 unrelated questions: MJRW polls, correct? Can MJRW be configured to only watch certain specific hives or keys?
Hi Bellgamin! Hope you're keeping well in sunny Hawaii! It can poll or be triggered. This setting is controlled by the hook throttle setting under Engine Tuning. When hooking is on, any change to the registry or protected file specs, will cause an instant fast sweep. When hooking is turned off (time set to zero), sweeps are done on a timed basis, with the time between sweeps set by the spinner in the top centre of the main window. You can configure your own set of keys and store that in the Custom set. The .def (Default) set is the original Custom set. HTH, regards, MJ
Hmmm, sorry but there is not enough information about the program for me to even be willing to try it, let alone recommend it to any of my clients, friends, family or colleagues. First, it is listed under "32-bit Windows Software". That alone is not bad but no where in the description does it say what version of Windows it supports. A brief mention of how to run it under "Vista and later" is not good enough. Vista is obsolete. Windows 7 is getting there. And most new computer users today are using "64-bit" Windows 10. Could a casual user tell if 64-bit Windows 10 is supported? No. Is that important? When dinking with the Registry, of course it is. You reference a Softoxi video but when you follow either of the two links you provide to Softoxi, your program (or that video) is no where to be found! I also followed the links to the review sites you listed. Some go nowhere or your program is not there, or version listed is way too old to be considered still valid. If you want to get new users to your programs, you might want to spend some time back pedaling to get your supporting documentation up to date and accurate.
Bill, I have tried to improve the website to address some of your objections above. MJRW works on all versions of Windows going right back to Windows 95.
Hi @Graphic Equaliser. Thanks Are there any future plans in the future for a version with a driver? Just curious. Plus it's awesome after all these many years how you have kept up this Registry Program all this time. And it's been around a good many years.
Hi Bellgamin! This list is based on some invaluable work done by Hojtsy documented in Hojtsy's compiled list of the security hotspots in the registry. It also has stuff from the Gladiator AV Forum and Silent Runners' Launch Points List. HTH, MJ
Hi Bellgamin! I found the Kees list and its enhanced sibling, the Creer list at https://www.wilderssecurity.com/thr...y-protection-list-for-windows-vista-7.293958/ I have added keys to all lists in MJRW to completely cover the Creer list. Re-download and extract the key lists to get the additional security.
Excellent!!! By the way, have you considered developing an installer that gives the user options & does the required list extractions etc automatically?
Hi Bellgamin! Under Options, Settings, Automatic Startup Options is a dialog to enable installation with any of the sets provided and whether for all users or just the current one. HTH, MJ.
Hi, I recently found your program. It says it has hooking, but it does not seem to work(?). For example I only set Code: hkey_local_machine\system\???\services\???\ in the list and let it run on the otherwise default settings. Now I go into hkey_local_machine\system\controlset001\services\tcpip\" and change a key. With hooking I expect it to immediately detect this write access and tell me. Yet it will do nothing and I have to wait for the next sweep to get this information. And this sweep takes ~3% CPU regularly which I don't quite like. I'd like to have hooking, have it check the key upon change but never do any sweeps that cost me CPU. W7x64.
Well, yes in the default setting I use, the hook throttle time is 7ms. But the scan does not trigger once I change the key, so my conclusion is, that hooking does not work correctly, because otherwise it would immediately do a scan. And if it does use hooking why would the hook trigger a full scan that costs lots of CPU time instead of just telling me what key changed like for example Comodo Defense+ does?
Kuffi, set your Hook Release Time to a lower value than the default 20 seconds. This option (under Engine Tuning) sets the time to wait after a fast sweep, before another fast sweep occurs. It is set to 20 seconds by default, which means that if a fast sweep is triggered (and many registry activities are going on that may trigger a fast sweep, especially if you're running Opera browser!), another cannot be triggered until 20 seconds has elapsed. If you don't mind fast sweeps occurring frequently, reduce this to 1 second, and you should see your changes being instantly alerted. A fast sweep helps identify exactly what changed, rather than give you the branch of the registry that caused the trigger. If you right-click the up/down arrows on the polling timer, it toggles debug mode (the time setting goes bold), where the alert window will report what branch or file pattern has caused a trigger. HTH, MJ.
@Graphic Equaliser Nice. Question though. Are some other more improvements coming soon as well? And thanks for the program where special attention is given to the windows registry section.
