Full Disclosure mailing list archives
Re: Windows Registry Analzyer
From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Thu, 3 Mar 2005 19:39:45 -0000
"Eric Windisch" wrote in message news:1109872449.8117.25.camel@localhost...
Perhaps this is just the Unix user in me, but I ask: How about just making a copy of the registry on boot (or at intervals) and compare it to the last copy? Note that the following example is untested, but should be mostly accurate.
No, it would be completely useless. In case you didn't realise, the registry is not an ASCII text file, it's megabytes of unintelligible binary gibberish. cheers, DaveK -- Can't think of a witty .sigline today.... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Windows Registry Analzyer Danny (Mar 03)
- Re: Windows Registry Analzyer Matt Ostiguy (Mar 03)
- Re: Windows Registry Analzyer NSC (Mar 03)
- Re: Windows Registry Analzyer Dave King (Mar 03)
- Re: Windows Registry Analzyer Frank Knobbe (Mar 03)
- Re: Windows Registry Analzyer Ken A (Mar 03)
- RE: Windows Registry Analzyer Aditya Deshmukh (Mar 03)
- <Possible follow-ups>
- RE: Windows Registry Analzyer Cassidy Macfarlane (Mar 03)
- Re: Windows Registry Analzyer Danny (Mar 03)
- Re: Windows Registry Analzyer Eric Windisch (Mar 03)
- Re: Windows Registry Analzyer Dave Korn (Mar 03)
- Re: Re: Windows Registry Analzyer Michael Holstein (Mar 03)
- Re: Re: Windows Registry Analzyer Eric Windisch (Mar 03)
- Re: Windows Registry Analzyer Raoul Nakhmanson-Kulish (Mar 04)
- RE: Re: Windows Registry Analzyer Aditya Deshmukh (Mar 05)
- Re: Windows Registry Analzyer Danny (Mar 03)
- Re: Re: Windows Registry Analzyer Michael Holstein (Mar 03)
- Re: Windows Registry Analzyer joey (Mar 03)