PG and registry protection?

Discussion in 'ProcessGuard' started by Atomas31, Sep 14, 2004.

Thread Status:
Not open for further replies.
  1. Atomas31

    Atomas31 Registered Member

    Joined:
    Sep 7, 2004
    Posts:
    923
    Location:
    Montreal, Quebec
    Hi,

    I'd like to know if I should add something else, if I have PG, to protect my registry? If so, what are your recommandations and why? I have read a few post on the subject but no real answer on what registry protection will be best with PG? I have read that regprot is not great and for having try it, I must admit that I don't feel secur with it and that like a lot of other people having Windowx XP, it causes some freeze on my system.

    So, do I really need something else to protect my registry, if so what and why?

    Thank you all,
     
  2. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
  3. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Hi Atomas31,

    While not as important as a firewall, backup, process protection, and an alternate browser, I would probably put either Registry Protection or buffer overflow protection next on the priority list.
    It is important because it is the registry that is a primary target for malware. One of their first goals after launching is to alter the registry to guarantee that they will execute on next reboot. While process guard can block malware from executing and reduce the impact if you allow them to run, it doesn't protect the registry(except one entry).

    RegProt from DCS is too old and prone to cause problems.
    Adaware TeaTimer is better, but still limited to select registry entries.
    SSM (System Safety Monitor) is free also and allows custom registry keys to be protected. You can disable just the application protection in SSM and leave the Registry Protection active. This way you will not have PG and SSM overlap Process Protection.

    It's not free, but RegRun Gold looks great. It also allows custom Registry keys to be protected.

    Look at this thread: Registry Monitor Comparison

    Hope this helps.
     
  4. Atomas31

    Atomas31 Registered Member

    Joined:
    Sep 7, 2004
    Posts:
    923
    Location:
    Montreal, Quebec
    Hi Devinco,

    Thanks for all your info,

    Also thanks for the thread, I have already look at it but it is kind of confusing for someone who is not an expert in that departure. And, this thread seems to have more questions than clear answer of wich are the best registry protection and the more compatible with other security softwares like PG ;-)

    As for your comments :

    RegProt from DCS is too old and prone to cause problems.
    Does that mean that this product never have any upgrades or updates? If so, it explain a lot of thing :)

    Adaware TeaTimer is better, but still limited to select registry entries.
    Are you talking about AdWatch from Adaware or TeaTimer from Spybot? If you are talking about TeaTimer, I personnally don't like it and certainly don't feel very well protected with it.

    SSM (System Safety Monitor) is free also and allows custom registry keys to be protected. You can disable just the application protection in SSM and leave the Registry Protection active. This way you will not have PG and SSM overlap Process Protection.
    Do you mean, that I could put a hook in every box of SSM except in the one "Watch App activity", is that right? If so, would I be well protected with that?

    It's not free, but RegRun Gold looks great. It also allows custom Registry keys to be protected.
    This software seems to be able to do a lot of things, that's for sure! But how to you configurated it to have the maximum security on your computer, who already have PG and PrevX? There seems to have a lot of thing that I won't use in that software (RegRun Gold) or that I don't know how to use!?! Does RegRun Gold compatible with other security software like PG and PrevXo_O


    Thanks for your answers Devinco and Infinity,
    Atomas31
     
  5. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    No, it doesn't mean there will never be an update. DCS has much bigger fish to fry right now. RegProt does work fine for some people. I found it causes too many problems for me. DCS will probably update the free version when they come out with something like Registry Guard.

    Thanks for pointing that out. I meant Spybot TeaTimer. :)
    It is simple, and it works, but has its limits.

    Yes I think that is the one. You set it up so SSM just monitors the registry and PG handles the process protection. Then in SSM add the custom registry keys to monitor from the thread about Registry Monitor Comparison.

    Good question. I don't know enough about PrevX to answer that. Perhaps PrevX already monitors the registry. Perhaps PrevX can have custom registry keys added. You could ask in a separate thread specifically about PrevX.
    Who knows all the features of all the programs that we own? As long as you know the important features you can get by. Perhaps ask in a thread how to best configure SSM (or PrevX, or PG). Whether PG and PrevX are compatible or complimentary would be better in another thread. From what I read so far, they seem to work together. The big deal with PrevX is the Buffer Overflow protection, which seems worthwile.
     
  6. Atomas31

    Atomas31 Registered Member

    Joined:
    Sep 7, 2004
    Posts:
    923
    Location:
    Montreal, Quebec
    Hi Devinco,

    Thanks for your answers,

    As for I found it causes too many problems for me. DCS will probably update the free version when they come out with something like Registry Guard.

    Don't wait for Diamonds to make a Registry Guard cause I already ask them about that. They told me that wasn't in their plan since they already have their hands full :)

    As for the compatibility between PrevX and PG, I believe they are perfectly compatible (As far as I know!). The question was more about RegRun Gold compatibility with others security software?
     
  7. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    I remember reading a comment by Jason of DiamondCS that PG and RegRun work well together.
     
  8. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Yes the two work together except with app_init dll setting. I have to set the one for regrun first or it will not except it. when I temporary disable it of pg, then enable it , it is no problem.

    yes regrun is one of my favourite programs, great upgrade policy too. the beta looks promising , no probs with my setup.
     
  9. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    No compatibility problems here with RegRun Gold and other security apps (including PG and other DCS products).

    Nick
     
  10. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    try this:

    disable the app_init dllone of regrun (custom registry tracing) - disable the one of pg too and immediately enable it again (so pg's app_init dll is first enabled) then try to enable the one of regrun again and reboot.

    I am getting an error at that time and if I disable pg's one then then enable it again of my regrun, at that point I can enable the two of them without any probs.
    (damn hard to explain :D )

    but just like you the both of them work.
     
  11. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    Tried it out and got the same error. Never noticed it before because I didn't have AppInit_DLLs included in Registry Tracer.

    Nick
     
  12. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    no prob, the other ones of reg tracer you do useo_O this is great protection and you can choose whatever you want. ;)
     
  13. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    I use the other suggested keys and sometimes I add custom keys. I probably removed AppInit_DLLs a long time ago when I saw that PG protected it.

    Nick
     
  14. Atomas31

    Atomas31 Registered Member

    Joined:
    Sep 7, 2004
    Posts:
    923
    Location:
    Montreal, Quebec
    Is it possible that Runguard (from RegRun Gold) came in conflict with ScriptDefender (provocating a lot of pop up box call registry compare results, from RegRun)? If so, wich one should I disable?

    Thanks,
     
  15. Atomas31

    Atomas31 Registered Member

    Joined:
    Sep 7, 2004
    Posts:
    923
    Location:
    Montreal, Quebec
    OK, it's been a few hours that I'm trying RegRun Gold and I must admit that this software has a lot of fonctions. But, it seems that you almost have to be an expert to configure it correctly and understand all the possibility that this software is able too. For example, I don't know why but there is always a box poping up called "Registry compare results". That box is making me crazy and I don't know what to do no to see it againo_O

    So, I don't think I will keep this software for very long on my system. In fact, I would prefer a more user-friendly software to protect my registy. One that won't give me headache trying to understang him and that could give me a good registry protection.

    By consequence, if anyone have suggestion about a good user friendly software to protect my registry... I am listening :)

    Thank you for your recommandations,
    Atomas31
     
  16. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    As Devinco mentioned above, several are mentioned here Registry Monitor comparison. You probably have Registry Tracing enabled, which will give you many alerts if you set it to monitor large areas of the registry. You can disable registry tracing, or you can customize what is being traced. That should reduce the number of alerts.

    Nick
     

    Attached Files:

  17. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
    I've been using MJ Registry Watcher for a month or so now. I really like it. You can select whichever keys you want to monitor, and it appears to work really well. :)
     
  18. Starrob

    Starrob Registered Member

    Joined:
    Apr 14, 2004
    Posts:
    493
    Also, It appears the new version of SSM is out BUT like I thought they have plans to become shareware at the end of the year with a free version that has reduced capabilities. Also, right now the new product is more like a beta product that might possibly cause conflicts then it is a finished product.

    People complain about DCS taking a long time to complete products but one thing they can never be accused of is rushing out half complete products that might potentially cause "blue screen crashes"

    Right now, I like the combination of PG and PREVX. Both PG and PREVX are simple to configure. As for Registry protection, PREVX has Registry Run key protection. I also use MJ regwatcher which will let a person add any additional keys that is desired.


    Starrob
     
  19. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Hi Starrob,

    So PrevX does not allow custom registry key entries?
     
  20. Starrob

    Starrob Registered Member

    Joined:
    Apr 14, 2004
    Posts:
    493
    No custom keys for registry in the free version of prevx. It does work well with PG and some areas overlap. Like I was testing a Firewall leaktester today and Prevx blocked the DLL injection while PG blocked the global hooks. If Prevx did not catch the DLL injection, though, PG most likely would have blocked it.



    Starrob
     
  21. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Thank you Starrob.
     
Thread Status:
Not open for further replies.