Registry Watcher

["RandallM" <randallm () fidmail com>]

Hi,

Any programs out there that "watches" changes to registry and can give an
alert? 

 

My intention for this is only because of my limited knowledge of the windows
registry. As I understand, no processes, applications, programs run with out
entries in to the registry. This it seems includes virus and Trojan
installations. There are the common entries that belong in the registry that
the common installation inserts and all programs have values that must be
inserted. If a "watcher" would have a data base to follow and any odd or
uncommon entries could be flagged. As far as I know all newly found viruses
insert registry entries and these could be placed in a data base that would
cause registry to deny and flag. Wouldn't this in a sense be a firewall and
virus protection method or am I really off base in my understanding. I know
that such use is used by AdWatch and other types of tools but I have never
seen anything mention for protection against backdoors, Trojans and viruses.
If such a program does not exist I'd appreciate any input on building one.

 

thank you

Randall M

 

 


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html