topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Friday April 19, 2024, 12:19 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

« previous next »
Pages: [1] • bottom

Author Topic: How to monitor changes being made on computer? (portable related)  (Read 5762 times)

superboyac

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,347
    • View Profile
    • Donate to Member
How to monitor changes being made on computer? (portable related)
« on: May 18, 2009, 01:30 AM »
For programs that are portable, how can you be sure no changes are being written outside of the program directory?  Or sometimes, these programs claim to make a change, but remove the changes when the program is exited.  Is there a program that monitors changes or something like that, just to be sure?  Maybe something that has to do with cirtual machines...I don't know.

argv

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 45
    • View Profile
    • Donate to Member
Re: How to monitor changes being made on computer? (portable related)
« Reply #1 on: May 18, 2009, 01:34 AM »
Maybe sandboxie can do it, as long as no drivers are implied: http://www.sandboxie.com/

PhilB66

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,522
    • View Profile
    • Donate to Member
Re: How to monitor changes being made on computer? (portable related)
« Reply #2 on: May 18, 2009, 01:42 AM »
Yes, Sandboxie with SandboxDiff (List differences in registry and files). RegFromApp also very useful.

widgewunner

  • Member
  • Joined in 2009
  • **
  • Posts: 93
    • View Profile
    • Donate to Member
Re: How to monitor changes being made on computer? (portable related)
« Reply #3 on: May 18, 2009, 08:58 AM »
RegMon (Registry Monitor) for monitoring changes made to the registry and
FileMon (File Monitor) for monitoring changes made to the file system.

These are just two of the free utilities available from SysInternals (from the wicked smart mind of Mark Russinovich). Other excellent SysInternals utilities include:

ProcExp (Process Explorer) for monitoring/controlling running processes.
AutoRuns for monitoring/controlling startup tasks.
PageDfrg (System File Defragmenter) for defragmenting system files which are normally untouchable: pagefile and registry files.

The versions I run (2006) are older - (from before SysInternals was bought out by Microsoft). I haven't tried the latest versions but they are probably A-Ok too. Highly recommended.

MerleOne

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 957
  • 4D thinking
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: How to monitor changes being made on computer? (portable related)
« Reply #4 on: May 18, 2009, 10:09 AM »
I would use RSIT, described and discovered here : http://www.raymond.c...-installed-software/

It's based on Hijackthis.
.merle1.

superboyac

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,347
    • View Profile
    • Donate to Member
Re: How to monitor changes being made on computer? (portable related)
« Reply #5 on: May 18, 2009, 10:32 AM »
Lots of cool stuff to try out.  Thanks!
Pages: [1] • top
« previous next »