Registry Monitoring

Discussion in 'malware problems & news' started by TomAZ, Nov 8, 2013.

Thread Status:
Not open for further replies.
  1. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,003
    Location:
    USA
    I am looking for a good and simple way to monitor and prohibit illicit registry entries/changes. Any suggestions?
     
  2. guest

    guest Guest

    Registry protection feature commonly found in CHIPS. A bit warning though, it's scary. :D :argh:

    I'm not too sure, but I think WinPatrol has some kind of registry modifications alert. I have no idea how effective it is. :doubt:

    EDIT: Or use LUA.
     
    Last edited by a moderator: Nov 8, 2013
  3. aztony

    aztony Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    547
    Location:
    USA Southwest
    WinPatrol does monitor the registry and will alert to changes made.
     
  4. guest

    guest Guest

    Registry Alert
    hxxp://sourceforge.net/projects/registryalert/
    hxxp://www.softpedia.com/get/Tweak/Registry-Tweak/Registry-Alert.shtml
     
  5. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)

    :thumb: :thumb:

    Keeping a close eye on this one. It's new and i included it after the latest upgrade. It's better but still needs some fine tuning and changes to the pop up alert. It's gui is large and attractive and so far is working compared to before. I hope the developer finds a way to make it alert a lot faster and add some useful settings to make it a keeper.

    EASTER
     
  6. guest

    guest Guest

    @EASTER
    Thanks for the review. But when you said this:

    Does that mean it alerts after the changes were made? Not preventing the changes? o_O
     
  7. guest

    guest Guest

    PtBFSLitW ~ 7.6. Registry protection:
    hxxp://www.techsupportalert.com/content/probably-best-free-security-list-world.htm?page=0,6

    PtBFSLitW ~ 15.12. Monitor registry and file changes:
    hxxp://www.techsupportalert.com/content/probably-best-free-security-list-world.htm?page=0,14

    Might want to try LoL as well:
    hxxp://www.wilderssecurity.com/showthread.php?t=318550
     
    Last edited by a moderator: Nov 8, 2013
  8. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
  9. Jryder54

    Jryder54 Registered Member

    Joined:
    Sep 3, 2013
    Posts:
    214
    Does it work in 64 bit? I thought this wasn't updated recently but the website shows it has been.
     
  10. ha14

    ha14 Registered Member

    Joined:
    Sep 6, 2009
    Posts:
    53
  11. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Yes!! If you test it you can see the change made is sitting there nicely, what registry alert then does is.pop up a question alert if you wish what's already there to remain or delete it.

    Another issue that's weak. Manually add any string, NO ALERT AT ALL. Not until you also create a value will Registry Alert even prompt. This one needs some serious improvement before it's acceptable. I have it on my windows 8 right now just to measure it's errors right now.

    Not sure which coding method is used but it definitely needs to alert "in advance" while something is reading the registry branch keys first so the invader can be "mid-transfer interrupted" as HIPS imployz.

    So in my opinion AS IS, it's not well equipped just yet to be of some serious use.

    EASTER
     
  12. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,003
    Location:
    USA
    Gave "Registry Alert" a brief try on a virtualized system. Quite honestly, I didn't care that much for it. For now, I'm sticking with WinPatrol. I'm not sure it's as thorough, but at least it helps a little.
     
  13. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,101
    I'm sorry, but the best advice I can give you about "The Registry" in Windows OSes is that it is the worst all-time construct for a user's security in any OS ever! For every software program that innocent Wiindows users (i.e. don't have a clue) download and install on their Windows system "The Regsitry" is an exposed OS resource carried over from the days when M$ did not know anything about designing their OSes from a security point-of-view from the ground up. They may know a bit more now, if their research OSes do not even have a "Resigstry" - if they are lucky and they have begun to care about their user's security. But alas, it seems every other week there is a new Zero-Day exploit going wild on the Internet compromising Windows systems.

    Your best bet is to hightail it to a Windows-like Linux system like KUbuntu or similar OS that shields your from the senseless onslaught of Windows weaknesses designed into M$ OSes certainly not for the benefit of its users.

    Good luck with it though,

    -- Tom

    (a former WinXP Pro SP2, Win98 SE, and Windows for Workgroups 3.11 user - since converting to a Live/USB Linux system which does not have its hard drives mounted. Oh, and did I not mention, I have paid $0.00 in security and OS software since 2006)
     
  14. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    It runs fine on my Win 7 64-bit. That said, I don't think it's a 64-bit application. Also worth mentioning, it's a polling app. So it discovers changes after they have occurre. As I said, not a perfect answer. Still, quite an interesting program.

    The developer posts here at Wilders as Graphic Equalizer. You can search for his many posts.
     
Loading...
Thread Status:
Not open for further replies.