D
Deleted member 178
Thread author
NoVirusThanks Registry Guard is a powerful utility which uses a kernel-mode driver to prevent any process or only specific processes from writing\reading\deleting custom registry keys\values. You can prevent, for example, any process from writing to registry autostart locations, or prevent processes from hijacking your Internet Explorer registry settings, and much more. With NoVirusThanks Registry Guard you can protect custom Windows registry keys and values from unauthorized modifications, a swiss army knife against nasty malware. Recommended for experienced Windows users only.
Key features and characteristics
By default, NoVirusThanks Registry Guard prevents any process from writing to common registry startup locations. To edit the default rules or to create your custom rules, click the button “Rules” (it may ask you Admin credentials) to edit the Rules.DB file. After you have modified and saved the rules file, you should restart the program. Writing rules is very easy, you can use wildcards characters and aliases, example:
Registry Guard actually does block in real-time specific processes from writing\reading\deleting to\from the Windows registry if the rules match the event, and when an action is blocked, it is then logged in the textarea. It is like a HIPS\real-time protection for custom registry keys and values so they can't be created\changed\deleted\read
Homepage
Key features and characteristics
- Prevent the modification of specific registry keys and values
- Useful to protect all registry autostart locations
- Write your own rules to block custom registry keys and values
- Specify to monitor any process or only specific processes
- Easy-to-write rules thanks to wildcarding and aliases
- Monitor the creation of registry keys
- Monitor the writing\modification of registry values
- Monitor the deletion of registry keys and values
- Monitor the reading of registry values
- Show useful information when an action is blocked
- Powerful protection thanks to the kernel-mode driver
- Supports all Microsoft Windows Vista+ OSs
- Very lightweight in memory and CPU usage
By default, NoVirusThanks Registry Guard prevents any process from writing to common registry startup locations. To edit the default rules or to create your custom rules, click the button “Rules” (it may ask you Admin credentials) to edit the Rules.DB file. After you have modified and saved the rules file, you should restart the program. Writing rules is very easy, you can use wildcards characters and aliases, example:
Code:
Writing rules is very easy, you can use wildcards characters and aliases, example:
[%OPR%: DELETE_KEY] [%EXE%: *regedit.exe] [%KEY%: *DeleteKey*]
[%OPR%: DELETE_VALUE] [%EXE%: *regedit.exe] [%KEY%: *\Software*] [%VAL%: *DeleteValue*]
[%OPR%: READ_VALUE] [%EXE%: *regedit.exe] [%KEY%: *\Software*] [%VAL%: *ReadValue*]
[%OPR%: WRITE_VALUE] [%EXE%: *regedit.exe] [%KEY%: *\Software*] [%VAL%: *WriteValue*]
[%OPR%: CREATE_KEY] [%EXE%: *regedit.exe] [%KEY%: *\Software*] [%VAL%: *New Key #1*]
Registry Guard actually does block in real-time specific processes from writing\reading\deleting to\from the Windows registry if the rules match the event, and when an action is blocked, it is then logged in the textarea. It is like a HIPS\real-time protection for custom registry keys and values so they can't be created\changed\deleted\read
Homepage
Last edited by a moderator: