Hi
I was just looking for a program that tells you exactly what the installer does
If you want to know what actually gets installed (inclusively registry entries),
use installwatch[1]. If you want to understand what the program is accessing while
running use filemon[2], regmon[3] and maybe process explorer[4]; and have a look at
this tutorial[5] for a general guideline to forensic analysis.
I see that you have found two other monitoring programs. Would you mind
sharing your experience, once you performed some tests?
Cheers
[1] http://www.epsilonsquared.com/installwatch.htm
[2] http://www.sysinternals.com/Utilities/Filemon.html
[3] http://www.sysinternals.com/Utilities/regmon.html
[4] http://www.sysinternals.com/Utilitie...sexplorer.html
[5] http://www.antionline.com/showthread...hreadid=272469
Reply With Quote