[Full-Disclosure] Registry Watcher
Aditya, ALD [Aditya Lalit Deshmukh]
aditya.deshmukh at online.gateway.technolabs.net
Sun May 9 05:05:18 BST 2004
>> the common installation inserts and all programs have values that must be
>> inserted. If a "watcher" would have a data base to follow and any odd or
>> uncommon entries could be flagged. As far as I know all newly found viruses
>> insert registry entries and these could be placed in a data base that would
>> cause registry to deny and flag.
> viruses generally attack registry first because most of the application including
> os use registry for running properly.. so registry is the favorite target. but
> a virus can do much harm without changing registry also.
hey for this sort of thing i use a program called as proport, it watches all the autostart up registry entries and alerts u when any new program is added to it. this program sits in the system tray so it is not obstrusive download it from www.tudpage.com u dont want regmon but proport for this sort of thing
-aditya
________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
Full-Disclosure is hosted and sponsored by Secunia.