Question about Registry Protection

Discussion in 'other security issues & news' started by Rasheed187, Dec 8, 2007.

Thread Status:
Not open for further replies.
  1. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,046
    Location:
    The Netherlands
    Hi,

    I wonder if it´s really necessary to monitor this regkey, and with that I mean, if malware modifies this key, can it be an immediate threat? Even when no malicious processes are running?

    http://www.sophos.com/virusinfo/analyses/trojbckdrwf.html
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,046
    Location:
    The Netherlands
    Hello,

    Anybody out there? :rolleyes:
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,699
    Hello,
    Not really sure what to tell you. Anything in the registry can potentially be subverted to serve the borg. But if you control your machine, you have nothing to worry about.
    Mrk
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,046
    Location:
    The Netherlands
    The thing is, this regkey is often used by legitimate apps, and it´s possible that when installing tools you may have to respond to about 30 alerts, without even having a clue if this may be malicious or not. If I´m correct it´s used to register ActiveX controls, and if you deny these things apps will most likely not function correctly. So that´s why I wondered if allowing this key to be modified, could be a problem. I mean, just some dll/ocx file on disk can´t do any harm, not?
     
    Last edited: Dec 15, 2007
Loading...
Thread Status:
Not open for further replies.