Online Armor -- registry protection?

Discussion in 'other anti-malware software' started by bellgamin, Mar 18, 2008.

Thread Status:
Not open for further replies.
  1. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Does OA include registry protection?

    I would have researched this question at OA's forum but -- after several tries -- found it impossible to correctly enter the security image that had to be duplicated before it would allow me to do a search. That forum will not remember my login, either. It seems OA's forum is now closed to those with vision problems.
     
    Last edited: Mar 18, 2008
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    Give it time. Forum just switched.
     
  3. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    I Sympathize with your problem. I too have this type of issue sometimes.
     
  4. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Oh, I just tried to register and it was horrid. Sorry, Bellgamin - please have a look now if you don't mind - it should be easier, I hope.

    I really hate captcha (and spam) - but we havent had time to even look at customisation of the forums yet...
     
  5. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Yes, it's a tad easier. Thanks, Mike.

    As pertains to registry protection, the most recent post I could find at OA's forum was HERE whereat MaB69 (an OA Forum Admin) on March 25 last year said...

    If anyone is aware of more recent information than MaB69's post, please share it with us.

    Per THIS table, EQS has *full-scope* registry protection. So also do SSM, Prosec, Threatfire, Prevx, Safe'n'Secure, Winpooch, DriveSentry, & Comodo's Defence+.

    Protecting the registry is a vital HIPS function in my opinion. If OA still lacks it, I hope they add it soon.
     
  6. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Bill,

    In the release notes of the latest OA, it said that the autorun protection was increased while Tony Klein was given credit. When you Google around you can see that Tony was one of the first to document start up protection en supply filters for regdefend.

    So I assumed that the basis (which I am using added with info from other sources like EQS, DriveSentry, HauteSecure, Comodo and the relase notes of the wonderfull program Runscanner) is covered.

    To me guys like Tony Klein and TopperID have the same qaulity endorsement in registry issues like BigC, Stem and Blue have on for instance FW's.

    Regards
     
  7. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    That may be true, but one also needs to keep in mind what those endorsed celebrities are recommending. AFAIK Online Armor defends only against autostart reg entries. And even if the experts have given OA the best advice there is in autostart reg entry defense, there are many other parts of the registry that also warrant protecting, which I doubt OA accomplishes... does it?
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Solcroft,

    True, until OA provides open filters like EQSecure or WinPooch I really can not check. So point taken maybe I expect to much of their endorsement.

    Registry protection is a real issue. When running LUA or using a policy sandbox you can protect the HKLM hive, but there are simply to many keys in the user hive. When you have more users on the same PC with different user ID's it becomes a dragon to manage. In this context wildcards like in Regdefend, EQSecurity and WinPooch are only a plaster to stop the bleeding. WIthout it (like TF haha just kidding Solcroft) it simply is munk's work to create rules against it.

    Regards
     
  9. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    I would like registry protection too. I do have the old RegMon program I downloaded ages ago when Diamond Cs was still around & that would work I presume but I haven't used it for a while. Also is it possible torun Threatfire & Online Armor at the same time or is it redundant & risky. Has anyone actually done this with sucess?
     
  10. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I have run TF & OA together with zero problems.

    Another good choice is to run OA + Registry Watcher, which is now free. Or else (in lieu of OA), run a HIPS with registry protection built-in -- in the interim until OA covers this vital area.

    For a superb comparison of several registry monitors, see THIS Wilder's thread.
     
    Last edited: Mar 19, 2008
  11. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Yep,

    I ran OA free + WinPooch together, OA free + RegistryWatcher is a better choice because RW is still a program which is actively maintained.

    The polling of RW for deleted keys is not really an issue, most important feature is that the set reg value hook is covered in real time.

    Use the hoijtsky post (thx Bellgamin) and get acquinted with the wild cards.

    OA free + RW free should cover for decent protection.

    EQS with Alycon's registry set will supply also very good protection (everything in realtime), see https://www.wilderssecurity.com/showthread.php?t=193905&page=5.

    I am on CFP now with DW (D+ is also good I must say as a Comodo sceptic)
     
  12. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Fortunately, with TF, that's not necessary at all. :thumb:
     
  13. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    I was using Threatfire & I was really happy with it then all of a sudden on Reboot FDISR is missing files & hardly working. I spent all afternoon fixing this mess so I decided I really can do without Threatfire in spite of the fact I think its a really great application.
     
  14. Bio-Hazard

    Bio-Hazard Registered Member

    Joined:
    Jan 10, 2007
    Posts:
    529
    Location:
    Cornwall, UK
    Hello Woody777, i have been running then together for months now and i havent had any problems at all. I my opinion they compliment each other very well.
     
  15. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    I'll pass this one ;)
     
Loading...
Thread Status:
Not open for further replies.