RegDefend vs KAV 2006 Proactive Registry...

Discussion in 'other anti-malware software' started by dja2k, Nov 2, 2005.

Thread Status:
Not open for further replies.
  1. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    How does the registry protection of KAV 2006 compare to the registry protection from Regdefend?

    dja2k
     
  2. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    I am not that good in comparing registry entries. Maybe someone can help. Here are the entries covered in both KIS and RegDefend, can anyone spot out the different ones?

    RegDefend 2.001


    HKEY_USERS\.default\Software\Microsoft\Windows\Currentversion\Internet settings | MinLevel |
    HKEY_USERS\.default\Software\Microsoft\Windows\Currentversion\Internet settings | Safety Warning Level |
    HKEY_USERS\.default\Software\Microsoft\Windows\Currentversion\Internet settings | Security_RunActiveXControls |
    HKEY_USERS\.default\Software\Microsoft\Windows\Currentversion\Internet settings | Security_RunScripts |
    HKEY_USERS\.default\Software\Microsoft\Windows\Currentversion\Internet settings | Trust Warning Level |
    HKEY_USERS\.default\Software\Microsoft\Internet explorer\Main | Search Page |
    HKEY_USERS\.default\Software\Microsoft\Internet explorer\Main | Search Bar |
    HKEY_LOCAL_MACHINE\System\*controlset*\Services\Winsock2** | * |
    HKEY_LOCAL_MACHINE\System\*controlset*\Services\Tcpip\Parameters\Interfaces** | * |
    HKEY_LOCAL_MACHINE\System\*controlset*\Services\Tcpip\Parameters | DataBasePath |
    HKEY_LOCAL_MACHINE\System\*controlset*\Services\* | |
    HKEY_LOCAL_MACHINE\System\*controlset*\Services\* | imagepath |
    HKEY_LOCAL_MACHINE\System\*controlset*\Control\Session manager | BootExecute |
    HKEY_LOCAL_MACHINE\System\*controlset*\Control\Session manager | *FileRenameOperations |
    HKEY_LOCAL_MACHINE\System\*controlset*\Control\Safeboot** | * |
    HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windowsfirewall** | * |
    HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Windowsupdate* | * |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Run** | * |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Policies\System | * |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Policies\Network | * |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Policies\Explorer\Run | * |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Internet settings\Zonemap\Ranges** | * |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Explorer\Browser helper objects** | * |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Control panel\Don't load | * |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows nt\Currentversion\Windows | AppInit_DLLs |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows nt\Currentversion\Image file execution options** | * |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Security center | * |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Toolbar | * |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Search | CustomizeSearch |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Search | SearchAssistant |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Search | Default_Search_URL |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Start Page |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Default_Page_URL |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Local Page |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Start Page_bak |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | HOMEOldSP |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Search Page |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Main | Default_Search_URL |
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet explorer\Extensions** | * |
    HKEY_CURRENT_USER\Software\Policies\Microsoft\Windowsfirewall** | * |
    HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Windowsupdate* | * |
    HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet explorer\Toolbars\Restrictions | * |
    HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet explorer\Infodelivery\Restrictions | * |
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Run** | * |
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Policies\System | * |
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Policies\Network | * |
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Policies\Explorer\Run | * |
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings\Zonemap\Ranges** | * |
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings | MinLevel |
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings | Safety Warning Level |
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings | Trust Warning Level |
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings | Security_RunActiveXControls |
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Internet settings | Security_RunScripts |
    HKEY_CURRENT_USER\Software\Microsoft\Windows nt\Currentversion\Winlogon | GinaDLL |
    HKEY_CURRENT_USER\Software\Microsoft\Windows nt\Currentversion\Windows | load |
    HKEY_CURRENT_USER\Software\Microsoft\Windows nt\Currentversion\Windows | run |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Urlsearchhooks** | * |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Styles | stylesheet |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Searchurl** | * |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Menuext | * |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Start Page |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Default_Page_URL |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Local Page |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Start Page_bak |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | HOMEOldSP |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Search Bar |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Use Custom Search URL |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Main | Search Page |
    HKEY_CURRENT_USER\Software\Microsoft\Internet explorer\Extensions** | * |
    HKEY_CURRENT_USER\Control panel\Don't load | * |
    HKEY_CURRENT_USER\Control panel\Desktop | scrnsave.exe |
    HKEY_CLASSES_ROOT\Txtfile\Shell\Open\Command | * |
    HKEY_CLASSES_ROOT\Protocols\Handler** | * |
    HKEY_CLASSES_ROOT\Protocols\Filter** | * |
    HKEY_CLASSES_ROOT\Piffile\Shell\Open\Command | * |
    HKEY_CLASSES_ROOT\Exefile\Shell\Open\Command | * |
    HKEY_CLASSES_ROOT\Comfile\Shell\Open\Command | * |
    HKEY_CLASSES_ROOT\Batfile\Shell\Open\Command | * |
    HKEY_CLASSES_ROOT\.txt | * |
    HKEY_CLASSES_ROOT\.pif | * |
    HKEY_CLASSES_ROOT\.exe | * |
    HKEY_CLASSES_ROOT\.cmd | * |
    HKEY_CLASSES_ROOT\.bat | * |

    KIS 2006 6.0.15.225

    HKEY_CLASSES_ROOT\*file\shell\open\command *
    HKEY_CLASSES_ROOT\*file\shell\runas\command *
    HKCU\Software\Microsoft\Internet Explorer\Desktop\General Wallpaper
    HKCU\Software\Microsoft\Internet Explorer\Desktop\SafeMode\General Wallpaper
    HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks *
    HKCU\Software\Microsoft\Internet Explorer\SearchURL *
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows load
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows run
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon GinaDLL
    HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved *
    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe *
    HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved *
    HKCU\Software\Mirabilis\ICQ\Agent\Apps *
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\ICQ* Path
    HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies\* *
    HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\* *
    HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\* *
    HKLM\SOFTWARE\Microsoft\VBA\Monitors\* CLSID
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\* *
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders Common Startup
    HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SafeSites *
    HKLM\System\ControlSeto_O\Services\* ImagePath
    HKLM\System\ControlSeto_O\Services\*\Parameters ServiceDll
    HKLM\System\ControlSeto_O\Services\VXD\* StaticVxD
    HKLM\system\currentcontrolset\control\Session Manager BootExecute
    HKLM\System\CurrentControlSet\Control\MPRServices\* DLLName
    HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries *
    HKLM\Software\Microsoft\Active Setup\Installed Components\* StubPath
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\WOW\BOOT *
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\WOW\NonWindowsApp *
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\WOW\Standard *
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers *
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 *
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs
    HKLM\SYSTEM\ControlSeto_O\Services\Tcpip\Parameters DatabasePath
    HKLM\SYSTEM\ControlSeto_O\Control\SafeBoot\Network\*\Parameters ServiceDll
    HKLM\SYSTEM\ControlSeto_O\Services\SharedAccess\Parameters\FirewallPolicy\* *
    HKLM\SYSTEM\ControlSeto_O\Control\Session Manager\Memory Management EnforceWriteProtection
    HKLM\SYSTEM\ControlSeto_O\Control\Session Manager\Environment ComSpec
    HKLM\SYSTEM\ControlSeto_O\Control\BootVerificationProgram ImagePath
    HKLM\SYSTEM\ControlSeto_O\Control\VirtualDeviceDrivers VDD
    HKLM\SYSTEM\ControlSeto_O\Control\SafeBoot AlternateShell
    HKLM\SYSTEM\ControlSeto_O\Control\SafeBoot\Minimal\* ImagePath
    HKLM\SYSTEM\ControlSeto_O\Control\SafeBoot\Network\* ImagePath
    HKLM\SYSTEM\ControlSeto_O\Control\SafeBoot\Minimal\*\Parameters ServiceDll
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon SFCDisable
    *\Software\Microsoft\Internet Explorer\Styles Use My Stylesheet
    *\Software\Microsoft\Internet Explorer\Styles User Stylesheet
    *\Software\Microsoft\Windows\CurrentVersion\Policies\System *
    *\Software\Microsoft\Driver Signing Policy
    *\Software\Microsoft\Windows NT\CurrentVersion\AEDebug Debugger
    *\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Shell
    *\Software\Microsoft\Windows*\CurrentVersion\Run* *
    *\Software\Microsoft\Windows NT\CurrentVersion\Winlogon UserInit
    *\Software\Policies\Microsoft\Windows\System\Scripts\* *
    *\Software\Microsoft\Command Processor AutoRun
    *\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *
    *\Software\Microsoft\Windows\CurrentVersion\Policies\System Shell
    *\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\* DllName
    *\SOFTWARE\Microsoft\Internet Explorer\Toolbar\* *
    *\SOFTWARE\Microsoft\Internet Explorer\MenuExt\* *
    *\SOFTWARE\Microsoft\Internet Explorer\AboutURLs *
    *\SOFTWARE\Microsoft\Internet Explorer\Search SearchAssistant
    *\SOFTWARE\Microsoft\Internet Explorer\Search CustomizeSearch
    *\SOFTWARE\Microsoft\Internet Explorer\Main Default_Page_URL
    *\SOFTWARE\Microsoft\Internet Explorer\Main Default_Search_URL
    *\SOFTWARE\Microsoft\Internet Explorer\Main Search Page
    *\SOFTWARE\Microsoft\Internet Explorer\Main Start Page
    *\SOFTWARE\Microsoft\Internet Explorer\Main Search Bar
    *\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies\* *
    *\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\* *
    *\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\* *
    *\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler *
    *\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks *
    *\SOFTWARE\Microsoft\Windows\Currentversion\Policies\Explorer *
    *\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix *
    *\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes *
    *\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\* *
    *\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad *
    HKEY_USERS\*\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders Startup
    *\Control Panel\Desktop SCRNSAVE.EXE
     
    Last edited: Nov 12, 2005
Loading...
Thread Status:
Not open for further replies.