MJ Registry Watcher

1. Since this issue will probably be moot after the next release, it's probably a lower priority now, considering it'll most likely be integrated into a more automated "Load MJRW when windows starts with x,y,z options list", but for the sake of a proper understanding, how would you accomplish what you suggest when the program is being started automatically via the registry entry, and not manually at the command prompt?

2. Kewl!

3. When in doubt....provide both options? It depends how the system is set up and how it's being used. I am the only one on my system, so there are no networking considerations or multiple users. But since there are so many variables amongst different users, if possible, it would be the most flexible route if you could provide both startup options, like some software install programs ask if it's just for the current user or all users.

4. Sounds great!

 

One item for the "Wish List" if it's not already too late - I'd like to see a "right click/context option" on the sys tray icon to be able to switch between "prompt/accept/reject". It would basically just save the step(s) of having to click on the icon, open up the program, and then choose "prompt/accept/reject". Since a lot of other proggies offer right click/context opitons, I thought it would be worth suggesting, since you opened up the floor for user input/feedback.

 

Noted. There is a delay. I ran my WinTV card to show the kids "The Simpsons" (my wife wanted to watch something on our TV), and the image was bleeding a bit, so I ran "Primary" which is an app to change the screen overlay mode, and changed it while the WinTV was running (do not try this at home!). The PC instantly froze completely, and the no longer animated mouse wouldn't even move. "Oh well" and I reset the PC. There was now no longer any C drive in the PC according to the bootstrap. So I turned the PC off for 5 minutes, and went and had a cup of tea. I came back up bristling with mystical "hope", but at power on, the same report of no boot up device! Time for WinXP CD boot up. I booted into Recovery Console, and, yes, there was no C drive. "Oh my God!" I tried FIXMBR. It didn't complain, but there was still no C drive. Then came several failed attempts at FIXBOOT, all saying there was no drive to fix. Then came a realisation that I had really lost all 40GBytes in 122,500+ files, and that I was going to have to reformat the drive to get it back up and running at all. I sat down for an hour mulling over everything, and then took to task. It has taken about 3 days, but I've got all the salient apps back up and running. I might now be able to start to embellish MJRW as advertised. Regards,

 

Ok...one more item to the wish list: I wish you a speedy recovery from your recent HD woes. ;-) (I guess now's not the time to stress the importance of backin up, huh? lol) Thanks for the head up; hope things get back on track for ya.

 

A new version of MJ Registry Watcher is available for download at http://www.jacobsm.com/mjsoft.htm

Changes 1.2.4.1 to 1.2.4.2
1) Added wordwrap facility to file display windows.
2) Added Set picking options to the right-click context menu of the tray icon.
3) Added ability to choose the file you want to view, by looking at which one the cursor is on in the middle window.
4) Added Automatic Startup Options to the Settings menu, to facilitate easy auto-starting for MJ Registry Watcher.
5) The whole of %system%drivers\etc is monitored instead of just the hosts file (why not!?!)
6) hkey_lmus\software\microsoft\windows\currentversion\explorer\shell folders is now commented out because it got on my nerves. It would change paths from DOS format to Windows format and back again, every time you ran a DOS app.
7) hkey_lmus\software\microsoft\windows\currentversion\internet settings\zones\\currentlevel added.

The help file has been slightly improved too. Enjoy!

Being able to view files (even system garbage files) is a positive boon, because you can still search through the garbage for key strings.

Thanks again for your suggestions. Regards,

 

Fantastic, G.E. It's amazing to see how this program is evolving. Great job!! Hope everything is settling out post-reinstall.

sk

 

Graphic Equaliser,

What is the default polling interval secs/minutes for MJ Registry Watcher?

Is the polling interval increment user changeable? ... If so what is range than can be set for the polling interval?

 

The default setting is to run a sweep every 5 seconds. The sweep itself can take, say, 5 seconds, so that would mean a sweep being run every 10 seconds. Personally, I run with a time of 8 seconds delay between sweeps, and this is adjustable using the spinner in the toolbar at the top of the window (number with up/down arrows next to it). I also run with a throttle delay of 50 ms (under options settings, throttle timing). Everything else I leave set at the defaults, including the security set, which is set at Custom by default.

The polling interval (delay between sweeps) is adjustable from 0 seconds (constant sweeping) through to 600 seconds (a sweep every 10 minutes).

 

Graphic Equaliser,

What does throttle delay mean/do?

How much cpu intensive is MJ Registry Watcher?

Will I have a high cpu issue, if I use MJ Registry Watcher on old win 98 pc with a slower pentium processor?

 

1) The throttle timing is the delay introduced to checking between successive sets of lines (the size of these sets being determined by the "Lines per Throttle" setting). This is used to "govern" the speed at which the checking is done. If this is not done, the resultant checking will be a lot faster, but will produce a spike in CPU utilisation each time a sweep is done. For Windows 98, I would choose a setting of 50ms and keep the "Lines per Throttle" set at 3.

2) Windows 98 with a slower Pentium should take no more than a mild 5% (maximum) push on the CPU for each sweep, with the settings mentioned above. This is assuming you are using the Custom set. If this is too much (and it shouldn't be), you can switch to the Light set, which should be almost unnoticeable to your old system.

To give you some idea of how it performs on my PC, here are my specs :-

Skt 754 Athlon AMD 64 3400+ Newcastle Core @ 2520MHz (210Mhz FSB, 12X) PC Mark04=4110

ABIT KV8 Pro 3rd Eye

Maxpower 300W PL-300

Win XP Pro SP2

nVidia GeForce 3 64MB AGP 4X

512 MB (2X256MB Kingston Value 333Mhz DDR)

250GB Maxtor UDMA133 IDE 7200 rpm 16MB buffer 6B250R0

Teac CDRW 516EB, Pioneer 16X DVD ROM DVD-116

When running the Custom set with the above throttle settings, I rarely get more than 1 second of total CPU use every 1 hour of uptime!

To see your CPU usage under Win98, you have to use the Windows 98 System Monitor under Accessories, System Tools (if you had installed it normally, and not minimally).

HTH,

 

Has anyone got MJRegWatcher working properly with Objectbar?
When I try to open the config box it is in a constant unfocused state and I am unable to click on anything. Although there is text at the bottom suggesting it is scanning, I've tried a few reg tests and also tried manually adding and removing startup programmes and RegWatcher didn't alert me to anything.
I've tried adding it to OB's exclusion list but it didn't help.
RegWatcher works fine and I get alerts if Objectbar is disabled.

 

Graphic,
Would it be possible to have a report only mode so that MJRW doesn't try and undo any changes that it finds and just reports on them (either silently just to a log file and/or via alerts on the screen)

 

Gottadoit, MJRW running in Accept mode, is just what you're looking for. It never pops up, and it logs every change to the log file. You can switch the sound off and that should be it. MJRW would then run as a registry/file change logger and not alert you. All changes are allowed through in this mode, and I find it useful for tracking changes made by, say, an SP2 upgrade, or a hardware device installation.

HTH,

 

Been using MJRW for a while, but I must admit I've yet to understand how to correctly exclude specific warnings, and save the settings. For example, below are two that I see daily that I would like MJRW to NOT warn me about. How do I go about doing that? Thanks in advance.

c:\windows\tasks\Bkup TDS Database.job - Size=270 Date=Wed Jun 29 05:00:07 2005 Attributes=---A-
to
c:\windows\tasks\Bkup TDS Database.job - Size=270 Date=Thu Jun 30 05:00:06 2005 Attributes=---A-
** Thursday 6/30/2005 12:30:06 AM **
File Details Changed from
c:\windows\tasks\Update Databases.job - Size=244 Date=Wed Jun 29 06:06:49 2005 Attributes=---A-
to
c:\windows\tasks\Update Databases.job - Size=244 Date=Thu Jun 30 00:30:02 2005 Attributes=---A-

 

These are task scheduler tasks. To exempt any of these tasks, simply add the full filename to the "Exempt Keys and Filespecs List" under Options. In your case, you should add these files and save the changes :-

%windir%tasks\Bkup TDS Database.job
%windir%tasks\Update Databases.job

You should then get no further alerts when these jobs are run. HTH,

 

Thanks a bunch, GE.

 

Not sure why but whenever TDS-3 starts its first act is to terminate Regwatcher. I am using version 1.2.4.2. Has anybody else seen this behaviour.

TDS-4 isn't identifying it as a trojan it just seems to kill it on startup.

 

Yes. Happens to me every time I start TDS - Terminates RW.

PS. See this thread.

"TDS-4"?? Your getting me all excited. I've been waiting for that version for quite a while.

 

LMAO that would be something we don't know... j/k

 

Well after waiting a few years for its imminent release, I invented time travel and jumped a couple of decades into the future where I was able to download it on its release two days later

Looks like this may be a known issue from a reply I got in the TDS forum but nobody seems to know why.

Morpheus

 

LMAO!!!

Thanks for giving me the first big laugh I've had in a while for this place, Morpheus....that was classic!

 

Graphic,

Based on our last conversation, I thought I understood now how to use MJRW to exempt specific registry changes. Here is one that is not working for me.

I have Spybot SD running a scan weekly. Below is the value/key I added to the exempt list, and the warning I received. Can you tell me what I did wrong? Thanks!

 

Daisey, I think the problem is that the job file name is actually "spybot - search & destroy - scheduled task.job", rather than the exempt filespec you have, which reads "spybot - search & destroy.job".

As for TDS3 (4 or whatever!), I have no idea why it would want to terminate MJRW. AFAIK, MJRW does not
1) Keep any registry keys open
2) Introduce any "hooks" into the registry, or any other part of the system
3) Protect its own application space
4) Use any extra DLLs, apart from the standard Windows ones

Perhaps it's one of those "computing mysteries", like why you still, to this day, cannot drag a column in Excel and drop it at its new location!

Regards,

 

Thanks, Graphic. I'll give it a try!

 

First of all, MJRW BLOWS other SHAREWARE software off the map. I spent $30 for a program that came with 7 or so keys that are default monitored. When I got past 50 manual entries, my pentium 2 350mhz(hey, it came free ) got lagged out.
First Question, how can you make MJ run during windows startup in a minimized mode.
Second, is MJ capable of handling a registry blast. I would consider a blast to be 10+ keys changed at once. Would MJ catch all of them in a row or let some slip through?
Also, I don't quite understand the fromat of the keys such as:
hkey_lmus- Is this both LOCAL_MACHINE and CURRENT_USER?
What does the do in certain keys?

BTW 3 lines per block and 25 throttle boosted cpu usage by about 8%. I increased it to 50 however, because Firefox(Web Browser), which normally takes a lot of time to load on my machine (30 seconds) took around 60.
Also, where is a link to MJRW on your homepage?