- dotTech - http://dottech.org -
[Windows] Monitor the registry for changes, including new startup items, and block them with Registry Alert
Posted By Ashraf On May 6, 2013 @ 3:00 AM In Windows | 3 Comments
Many programs and processes like making themselves automatically start at Windows boot. Malware do it as do legitimate programs, and it is just as annoying for both. One of the ways programs and processes add themselves to startup is via the registry. Registry Alert is a program that helps you prevent such undesired behavior.
Registry Alert is a program that actively monitors your registry and notifies you when a program or process added itself to automatically start at Windows boot. It also has the ability to monitor registry for other changes.
Take note Registry Alert is an “always-on” program, since it does active monitoring, and Registry Alert has no main program interface — it works out of its system tray icon.
Registry Alert is a relatively simple program that does one thing and one thing only: monitor your registry for changes. By default the program is set to monitor for new startup registry entries (i.e. registry entries that allow programs/processes to automatically run at Windows boot). However, if you want Registry Alert to monitor other portions of your registry, you can add custom alerts by right-click the system tray icon -> ‘Add New Alerts’. From there simply add the registry hives or keys you want to monitor.
Registry Alert stays on in the background and actively monitors your registry for changes. (Take note: When you first install Registry Alert, it will bring up prompts for all existing startup registry entries. After that, it will only be for new registry entries.) When a new registry key is found, Registry Alert prompts you with a message, telling you what program/process added the entry, where in the registry the entry was added, and asks you if you want to delete the registry or not. You also have the option to set it so Registry Alert always deletes the registry entry (if it is re-added), stop the process that added the registry entry, and to always stop that process.
Aside from that, there really isn’t much else to Registry Alert. It is a program intended for one purpose, monitoring your registry, and that is exactly what it does.
While Registry Alert works exactly as advertised, after using it I’m not a big fan of it. Why? Two reasons.
Firstly, Registry Alert provides absolute no guidance as to the legitimacy of a registry entry that has been detected. After all, some programs/processes legitimately add themselves to startup and/or other parts of the registry. All Registry Alert does is tell you a new registry entry has been detected — it doesn’t help you decide if you should delete the entry or not. This means you need some level of technical understanding to be able to recognize if you should remove a registry entry or not. In other words, this program is not for the average Joe.
Secondly, Registry Alert is too heavy for what it does. As per my tests, Registry Alert uses roughly 28 MB RAM while on in the background. By itself, 28 MB RAM on Windows isn’t that high at all. However, when you consider that all Registry Alert does is monitor the registry, 28 MB RAM is a bit high. In fact, WinPatrol — a program that comes in freeware and shareware flavors — does what Registry Alert does and more but uses roughly half the amount of RAM. Of course, it should be mentioned the freeware version of WinPatrol does not have the ability to monitor registry for changes (you need to upgrade to WinPatrol PLUS to monitor registry, which costs $29.95) but WinPatrol’s free version does monitor for new startup items plus monitors a lot of other changes made to your computer and still uses less RAM than Registry Alert.
Overall, Registry Alert does exactly what it advertises. But my biggest problem is that it uses a bit more RAM than I would like. As such, my recommendation is the following. If you want to actively monitor for new startup items, then skip RegistryAlert and get WinPatrol instead. However, if you want to monitor registry for other types of changes, then give Registry Alert a try. Just remember: you need some level of technical knowledge to properly use Registry Alert
Version reviewed: 22.214.171.124
Supported OS: Website does not specify; I assume Windows XP/Vista/Win7/Win8
Download size: 1.03MB
VirusTotal malware scan results: 0/46 
Is it portable? No
[via Ghacks ]
Article printed from dotTech: http://dottech.org
URL to article: http://dottech.org/108097/windows-review-registry-alert/
URLs in this post:
 Image: http://dottech.org/wp-content/uploads/2013/05/2013-05-05_215814.png
 Image: http://dottech.org/wp-content/uploads/2013/05/2013-05-05_223030.png
 Image: http://dottech.org/wp-content/uploads/2013/05/2013-05-05_222950.png
 0/46: https://www.virustotal.com/en/file/498dd11f44ed6a5ea3dcd72216d2d61d862a367a14f90a8fd8447cfbc12e50ed/analysis/1367820077/
 Registry Alert homepage: http://www.probsol.co.nf/RegistryAlert.php
 Ghacks: http://www.ghacks.net/2013/05/05/registry-alert-monitors-the-windows-registry-for-unwanted-modifications/
© 2008-2012 dotTech.org | All content is the property of its rightful owner.