Jump to content

Friends, we are happy to invite you to our NEW Global Kaspersky Club! Please follow this link www.kasperskyclub.com , sign-in and enjoy our new platform!

- - - - -

analysis tools required .

  • Please log in to reply
1 reply to this topic

#1 ESecurity



  • Members
  • 6 posts

Posted 05 April 2007 - 02:34 PM


i see that many programs monitors the activity via hex changes at least ..

i want to uderstand the idea .. how kaspersky team know all the movements for example ..

and if there is programs free control these activity .. where i can find it ..

i read about sand box pro ... but didn't get enough info ..

thanks ...

#2 Whizard



  • Global Moderators
  • PipPipPipPip
  • 454 posts

Posted 13 April 2007 - 07:38 PM


For that you can try tools such as: RegMon, Filemon from Mark Russinovich.
The monitoring is done by hooking Windows API from Kernel mode via the driver.
Networking and Security Guru