Online Armor -- registry protection?

Does OA include registry protection?

I would have researched this question at OA's forum but -- after several tries -- found it impossible to correctly enter the security image that had to be duplicated before it would allow me to do a search. That forum will not remember my login, either. It seems OA's forum is now closed to those with vision problems.

 

I Sympathize with your problem. I too have this type of issue sometimes.

 

Oh, I just tried to register and it was horrid. Sorry, Bellgamin - please have a look now if you don't mind - it should be easier, I hope.

I really hate captcha (and spam) - but we havent had time to even look at customisation of the forums yet...

 

Yes, it's a tad easier. Thanks, Mike.

As pertains to registry protection, the most recent post I could find at OA's forum was HERE whereat MaB69 (an OA Forum Admin) on March 25 last year said...

If anyone is aware of more recent information than MaB69's post, please share it with us.

Per THIS table, EQS has *full-scope* registry protection. So also do SSM, Prosec, Threatfire, Prevx, Safe'n'Secure, Winpooch, DriveSentry, & Comodo's Defence+.

Protecting the registry is a vital HIPS function in my opinion. If OA still lacks it, I hope they add it soon.

 

Bill,

In the release notes of the latest OA, it said that the autorun protection was increased while Tony Klein was given credit. When you Google around you can see that Tony was one of the first to document start up protection en supply filters for regdefend.

So I assumed that the basis (which I am using added with info from other sources like EQS, DriveSentry, HauteSecure, Comodo and the relase notes of the wonderfull program Runscanner) is covered.

To me guys like Tony Klein and TopperID have the same qaulity endorsement in registry issues like BigC, Stem and Blue have on for instance FW's.

Regards

 

That may be true, but one also needs to keep in mind what those endorsed celebrities are recommending. AFAIK Online Armor defends only against autostart reg entries. And even if the experts have given OA the best advice there is in autostart reg entry defense, there are many other parts of the registry that also warrant protecting, which I doubt OA accomplishes... does it?

 

Solcroft,

True, until OA provides open filters like EQSecure or WinPooch I really can not check. So point taken maybe I expect to much of their endorsement.

Registry protection is a real issue. When running LUA or using a policy sandbox you can protect the HKLM hive, but there are simply to many keys in the user hive. When you have more users on the same PC with different user ID's it becomes a dragon to manage. In this context wildcards like in Regdefend, EQSecurity and WinPooch are only a plaster to stop the bleeding. WIthout it (like TF haha just kidding Solcroft) it simply is munk's work to create rules against it.

Regards

 

I would like registry protection too. I do have the old RegMon program I downloaded ages ago when Diamond Cs was still around & that would work I presume but I haven't used it for a while. Also is it possible torun Threatfire & Online Armor at the same time or is it redundant & risky. Has anyone actually done this with sucess?

 

I have run TF & OA together with zero problems.

Another good choice is to run OA + Registry Watcher, which is now free. Or else (in lieu of OA), run a HIPS with registry protection built-in -- in the interim until OA covers this vital area.

For a superb comparison of several registry monitors, see THIS Wilder's thread.

 

Yep,

I ran OA free + WinPooch together, OA free + RegistryWatcher is a better choice because RW is still a program which is actively maintained.

The polling of RW for deleted keys is not really an issue, most important feature is that the set reg value hook is covered in real time.

Use the hoijtsky post (thx Bellgamin) and get acquinted with the wild cards.

OA free + RW free should cover for decent protection.

EQS with Alycon's registry set will supply also very good protection (everything in realtime), see https://www.wilderssecurity.com/showthread.php?t=193905&page=5.

I am on CFP now with DW (D+ is also good I must say as a Comodo sceptic)

 

Fortunately, with TF, that's not necessary at all.

 

I was using Threatfire & I was really happy with it then all of a sudden on Reboot FDISR is missing files & hardly working. I spent all afternoon fixing this mess so I decided I really can do without Threatfire in spite of the fact I think its a really great application.

 

Hello Woody777, i have been running then together for months now and i havent had any problems at all. I my opinion they compliment each other very well.

 

I'll pass this one