0
This may be an already answered question but I couldn't find any references to it here on superuser.
I have a situation whereby a process that's installed on my Windows 10 box changes a particular registry key whenever it runs. I would like to protect this registry key from being modified by any other process.
Does anyone know of any programs that does the following... Run in the background, keeping a watch on any changes to one (or more) given registry key(s), and if any other process attempts to change it, it either prevents them from changing it, or it allows the change and simply changes it right back to a value I provide?
And before you ask... No, I can't remove or prevent this process from running. It does several other things, but I don't care about any of those. I simply care about the change it makes to this one registry key.
Any pointers in the right direction would be much appreciated.
rdragon78
Posted 2017-11-26T02:45:22.273
Reputation: 11
What are the permissions currently set on the specific registry key (in regedit you can right click the registry key and choose "Permissions...)", and what specific program is changing this (it changes the answer based on what program it is)? Edit your post with the output of this, rather than trying to rewrite the permissions you see, with powershell
Get-Acl -Path HKLM:\Path\to\the\specified\key | Format-List– El8dN8 – 2017-11-26T03:04:29.450I am going to guess you don’t have the permissions on the domain required to make the modifications required by any solution we can provide. – Ramhound – 2017-11-26T03:52:47.853
I'm voting to close this question as off-topic because it's about circumventing network security/policies at an institution. – DavidPostill – 2017-11-26T13:33:22.143