Hi,

I wonder if it´s really necessary to monitor this regkey, and with that I mean, if malware modifies this key, can it be an immediate threat? Even when no malicious processes are running?

-{ Quote: "HKLM\SOFTWARE\Classes\CLSID\*\InProcServer32" }-

http://www.sophos.com/virusinfo/analyses/trojbckdrwf.html

Hello,

Anybody out there? ::)

Hello,
Not really sure what to tell you. Anything in the registry can potentially be subverted to serve the borg. But if you control your machine, you have nothing to worry about.
Mrk

The thing is, this regkey is often used by legitimate apps, and it´s possible that when installing tools you may have to respond to about 30 alerts, without even having a clue if this may be malicious or not. If I´m correct it´s used to register ActiveX controls, and if you deny these things apps will most likely not function correctly. So that´s why I wondered if allowing this key to be modified, could be a problem. I mean, just some dll/ocx file on disk can´t do any harm, not?