[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Registry Watcher

To: <m.garg@xxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] Registry Watcher
From: "Aditya, ALD [Aditya Lalit Deshmukh]" <aditya.deshmukh@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Sun, 9 May 2004 09:35:18 +0530

>> the common installation inserts and all programs have values that must be
>> inserted. If a "watcher" would have a data base to follow and any odd or
>> uncommon entries could be flagged. As far as I know all newly found viruses
>> insert registry entries and these could be placed in a data base that would
>> cause registry to deny and flag. 

> viruses generally attack registry first because most of the application 
> including 
> os use registry for running properly.. so registry is the favorite target. 
> but 
> a virus can do much harm without changing registry also. 



hey for this sort of thing i use a program called as proport, it watches all 
the autostart up registry entries and alerts u when any new program is added to 
it. this program sits in the system tray so it is not obstrusive download it 
from www.tudpage.com u dont want regmon but proport for this sort of thing

-aditya


________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Registry Watcher
  - From: Steve Menard

References:
- Re: [Full-Disclosure] Registry Watcher
  - From: m . garg

Prev by Date: RE: [Full-Disclosure] Registry Watcher
Next by Date: RE: [Full-Disclosure] Victory day - Sasser surrenders
Previous by thread: RE: [Full-Disclosure] Registry Watcher
Next by thread: Re: [Full-Disclosure] Registry Watcher
Index(es):
- Date
- Thread