RegGuard protects Windows startup registry keys from changing

Purpose

RegGuard disable write/delete access to the Windows startup registry keys for all applications excluding RegRun Start Control and Control Center.

RegGuard allows you to easily remove dangerous programs using "Scan for Viruses" feature.

Often dangerous programs control their autostart status by adding to the registry startup keys every second. RegGuard blocks these attacks and the dangerous programs could not start after computer reboot. You need only delete their files.

RegGuard works with Windows 2000/XP/2003/Vista (not 64-bit).

Easy in use

RegGuard requires no user assistance.

After installing RegGuard will started using RegRun Secure Start or using WatchDog. You will see that WatchDog icon will be red (R).

Stop

Open WatchDog main menu, and click on the "RegGuard" item.

The menu item will be unticked. WatchDog icon will be green color.

RegGuard will be stopped. Repeat the same to reactivate RegGuard.

Installing new applications

If you are not sure that application is good, activate RegGuard. Later you can set auto start of application using its settings.

How does RegGuard work?

RegGuard uses kernel system driver regguard.sys.

RegGuard.sys intercepts access registry and checks for protected registry keys and calling application. It will give access or decline it.

All options you can set up using RegRun Start Control, Features, RegGuard.

Protected Regsitry Keys

  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersionxplorer\Browser Helper Objects
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

Uninstall

Open RegRun Start Control, Features, RegGuard.

Click on the "Remove RegGuard driver" button.

Add or See Comments (>10)
}