Select IE Start Page in the "Fields" box, click Add > OK, and you should now see your current Internet Explorer start page displayed on the desktop. Type IE Start Page in the Identifier box.Įnter HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page in the Path box, and click OK > OK.
Launch BgInfo, clear all the current values in the editing area, and select Custom > New > Registry Value. It’s very lightweight, no background monitoring processes to worry about, but you’ll still get a warning (eventually) when something changes. Sysinternals’ BgInfo is a tiny tool which can display a vast amount of system information - and whatever Registry values you like - on your desktop wallpaper. This won’t give you a lot of detail, but you’ll at least get an idea of when a setting has changed, and can then investigate in more detail. Note-2: For those wondering what does this change: it disables driver signature verification request so nothing prompts no the screen to the GUI user when installing some unsigned drivers like TAP-driver (network) for OpenVPN unattended installation.The simplest form of Registry key monitoring is just to display its value occasionally.
Note: I did not explain, as long as I did not think it was necessary, but my original idea was to be capable to change the key BehaviorOnFailedVerify via remote shell, like SSH or telnet). If pretending to perform the same change via the reg command (without using gpedit.msc, which one should I change? All the four? This is: four changes, and only one of them has been detected by Process Monitor. How can I isolate the specific registry change for my GPEdit change performed?Īs suggested by Frank Thomas (thanks), there was only one RegSetValue entry, named HKCU\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\User\Software\Policies\Microsoft\Windows NT\Driver Signing. This thread explains it fine (thanks you, James T).īut it seems things are not so easy when talking about Group Policies Editor ( gpedit.msc), because I am getting more than 738 register events when trying to change just one entry: User Configuration -> Administrative Templates -> Code signing for drivers It is supposed that Process Monitor can capture the registry changes made by any program.
0 kommentar(er)
