>> the common installation inserts and all programs have values that must be
>> inserted. If a "watcher" would have a data base to follow and any odd or
>> uncommon entries could be flagged. As far as I know all newly found viruses
>> insert registry entries and these could be placed in a data base that would
>> cause registry to deny and flag.
> viruses generally attack registry first because most of the application including
> os use registry for running properly.. so registry is the favorite target. but
> a virus can do much harm without changing registry also.
hey for this sort of thing i use a program called as proport, it watches all the autostart up registry entries and alerts u when any new program is added to it. this program sits in the system tray so it is not obstrusive download it from www.tudpage.com u dont want regmon but proport for this sort of thing
-aditya
________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Sun May 09 01:50:25 2004
This archive was generated by hypermail 2.1.8 : Sun May 09 2004 - 02:03:09 EDT
