A large number of malicious plug-ins, viruses, trojans and other always find ways to modify the system's registry, making the system security at risk. If you can add a security barrier to the registry, then the system will reduce the likelihood of the lesion greatly reduced.
In the Ghost Security Suite (hereinafter referred to as GSS) in the Chinese version has been configured a large number of registry protection rules, you can intercept any trojan, virus, malicious plug-ins on the system registry key value changes. In the Chinese version of the firewall software, the author has set up a large number of interception rules for us, all you have to do is start the software, and then open the Drop-down list under "Security components" in the main interface and select "Rdstandard" (Figure 1), You can place modifications of registry key values under the protection of your software.
Click into the Ghost Security suite download page
You can also manually verify the effect after the modification: Run "regedit" to open Registry Editor, navigate to the above key value, when you try to add a key value or modify the existing key value, the system is not polite to prompt you cannot create or edit items, and GSS tray area will also pop-up prompts, Your modifications to the registry are completely unsuccessful.
Self-setting rules protect applications
The protection rules configured in GSS are sufficient to protect the key key values of the system registry (for example, from startup projects, drivers, services, network settings, browsers, file associations, and so on), and it allows you to customize new rules to protect more items. Let's take a look at how to customize the new rule to protect the application's registry settings.
In this case, we want to create a new protection rule to prevent users from modifying the Windows Optimizer Master's registration code and other information. As you know, this registration information is stored in the registry under the "Hkey_local_machinesoftwarewom" branch of the "Licno" key value, we just have to protect it.
Click the Configure button in GSS to open the Configure regdefend window.
1. For administrative convenience, we first create a new group: After group name, enter apply software protection (you can add protection to the software later), and then click the Add Group button.
2. Select the "Apply Software protection" group that you just added, click the Add Rule button, expand the registry on the left side of the Regdefend: Add Rule window, and navigate to the Hkey_local_machinesoftwarewom branch, and then click Licno on the right. , and then click the Add Rule button (Figure 2).
Tip: If you want to protect a branch, just select the branch, and the registry key will automatically fill in as "*" to indicate all items under that branch.
3. Close "Regdefend: Add Rules window, under these events under the Configure regdefend window, the Create key, modify key, set value, delete value four items are selected by default, and we simply select" Perform the following actions "to" intercept " Can be (Figure 3).
Tip: ① If you select "Ask user", when you want to modify the above key value, the system prompts the user to select "Allow" or "intercept" operation. ② when you set custom rules, remove the "log to disk" tick, or the subsequent attempts to modify the registry-related items will generate a log file that becomes very large over time.
Finally, in order to keep your registry under GSS protection, please check "run automatically when Windows starts" on the "Settings" menu.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
