Many programs and processes like making themselves automatically start at Windows boot. Malware do it as do legitimate programs, and it is just as annoying for both. One of the ways programs and processes add themselves to startup is via the registry. Registry Alert is a program that helps you prevent such undesired behavior.
What is it and what does it do
Registry Alert is a program that actively monitors your registry and notifies you when a program or process added itself to automatically start at Windows boot. It also has the ability to monitor registry for other changes.
Take note Registry Alert is an “always-on” program, since it does active monitoring, and Registry Alert has no main program interface — it works out of its system tray icon.
- Actively monitors registry and informs you when a new program or process has added itself to the registry to automatically start at Windows boot
- When a new startup registry entry is detected, Register Monitor tells you what process added it, where in the registry the key was entered, and gives you the ability to delete the registry entry (or not delete it)
- You have the ability to set it so Registry Alert always automatically removes a detected registry entry, which is useful for those programs that continually add themselves to startup even after you remove them
- You can set Registry Alert to automatically always end/kill the process associated with a new registry entry
- By default Registry Alert is set to monitor only for startup items but you can set custom alerts for other parts of the registry, if you want; you can potentially have Registry Alert monitor your whole registry, if desired
- You can view a list of all allowed, removed, and set to always remove registry entries (right-click system tray icon -> ‘All Registry Keys’)
- You can set Registry Alert to automatically start at Windows boot (which is ironic but necessary since it needs to be always on to properly monitor your registry). The good thing is by default Registry Alert does not add itself to boot — you have to manually enable the feature, if you want it
- Doesn’t provide any guidance as to if a detected registry entry is legitimate or not; you have to make the decision on your own, meaning this program isn’t for non-tech savvy people
- Uses roughly 28 MB RAM while staying on in the background. 28 MB RAM itself isn’t that much but it is a bit high for a program that just monitors the registry.
- Vista/Win7/Win8 users need to make sure to run as administrator (which isn’t an issue with the program itself — UAC does not allow normal users to modify the registry)
Registry Alert is a relatively simple program that does one thing and one thing only: monitor your registry for changes. By default the program is set to monitor for new startup registry entries (i.e. registry entries that allow programs/processes to automatically run at Windows boot). However, if you want Registry Alert to monitor other portions of your registry, you can add custom alerts by right-click the system tray icon -> ‘Add New Alerts’. From there simply add the registry hives or keys you want to monitor.
Registry Alert stays on in the background and actively monitors your registry for changes. (Take note: When you first install Registry Alert, it will bring up prompts for all existing startup registry entries. After that, it will only be for new registry entries.) When a new registry key is found, Registry Alert prompts you with a message, telling you what program/process added the entry, where in the registry the entry was added, and asks you if you want to delete the registry or not. You also have the option to set it so Registry Alert always deletes the registry entry (if it is re-added), stop the process that added the registry entry, and to always stop that process.
Aside from that, there really isn’t much else to Registry Alert. It is a program intended for one purpose, monitoring your registry, and that is exactly what it does.
While Registry Alert works exactly as advertised, after using it I’m not a big fan of it. Why? Two reasons.
Firstly, Registry Alert provides absolute no guidance as to the legitimacy of a registry entry that has been detected. After all, some programs/processes legitimately add themselves to startup and/or other parts of the registry. All Registry Alert does is tell you a new registry entry has been detected — it doesn’t help you decide if you should delete the entry or not. This means you need some level of technical understanding to be able to recognize if you should remove a registry entry or not. In other words, this program is not for the average Joe.
Secondly, Registry Alert is too heavy for what it does. As per my tests, Registry Alert uses roughly 28 MB RAM while on in the background. By itself, 28 MB RAM on Windows isn’t that high at all. However, when you consider that all Registry Alert does is monitor the registry, 28 MB RAM is a bit high. In fact, WinPatrol — a program that comes in freeware and shareware flavors — does what Registry Alert does and more but uses roughly half the amount of RAM. Of course, it should be mentioned the freeware version of WinPatrol does not have the ability to monitor registry for changes (you need to upgrade to WinPatrol PLUS to monitor registry, which costs $29.95) but WinPatrol’s free version does monitor for new startup items plus monitors a lot of other changes made to your computer and still uses less RAM than Registry Alert.
Conclusion and download link
Overall, Registry Alert does exactly what it advertises. But my biggest problem is that it uses a bit more RAM than I would like. As such, my recommendation is the following. If you want to actively monitor for new startup items, then skip RegistryAlert and get WinPatrol instead. However, if you want to monitor registry for other types of changes, then give Registry Alert a try. Just remember: you need some level of technical knowledge to properly use Registry Alert
Version reviewed: 184.108.40.206
Supported OS: Website does not specify; I assume Windows XP/Vista/Win7/Win8
Download size: 1.03MB
VirusTotal malware scan results: 0/46 
Is it portable? No
[via Ghacks ]