On 13 Jul 2011 at 14:08, Erik Goldoff wrote:
> What I would like to see from the OS is something like a trimmed down
> version of UAC *just for the malware load points* !!! A permission /
> integrity monitor that prompts and/or logs whever a RUN key is
> altered, whenever a scheduled task is created, whenever a link is
> added to the STARTUP group, etc ...
WinPatrol does this pretty well. The basic one is free, even for commercial
use, but it doesn't monitor the startup locations in real time.
http://www.winpatrol.com/morewhyplus.html#plus3
Advanced Examination of HIDDEN Registry Startup Keys (NOW
FREE in Version 14)
While programs like MSConfig will show you the standard
Startup locations in Windows, we know there are other ways to
launch programs without your knowledge. WinPatrol PLUS
examines many alternate, more technically advanced locations.
We've seen undesirable programs use these locations and even
some of our friends in the security business now hide their
programs there. WinPatrol PLUS will let you know about any
changes to the following alternate startup keys.
See:
WinPatrol Free vs PLUS
http://www.winpatrol.com/compare.html
and
WinPatrol Real-Time Infiltration Detection
http://www.winpatrol.com/rid.html
RID is NOT in the free version.
The non-free Plus version is currently on sale at 50% off, but I bought my
licenses last year during his 99-cent sale ;-). He offers discounts for
quantity
purchases.
HTH
Angus
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
