Navigation

← Previous Changeset
Next Changeset →

Changeset 1348

Timestamp:

03/10/08 11:54:15 (6 months ago)

Author:

kindlund

Message:

Updated white list with further exclusions (windows update).

Files:

honeyclient/trunk/thirdparty/capture-mod/FileMonitor.exl (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

honeyclient/trunk/thirdparty/capture-mod/FileMonitor.exl

r1347	r1348
199	199	+ Write C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\system32\\wuweb\.dll
200	200	+ Delete C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\system32\\wuweb\.dll
201		+ Delete C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD1\.tmp
202		+ Write C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD1\.tmp\\wuweb\.dll
203		+ Delete C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD1\.tmp\\wuweb\.dll
204		+ Write C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD1\.tmp\\wuweb\.inf
205		+ Delete C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD1\.tmp\\wuweb\.inf
206		+ Write C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD1\.tmp\\wuweb\.cat
207		+ Delete C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD1\.tmp\\wuweb\.cat
	201	+ Delete C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD.?.?\.tmp
	202	+ Write C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD.?.?\.tmp\\wuweb\.dll
	203	+ Delete C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD.?.?\.tmp\\wuweb\.dll
	204	+ Write C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD.?.?\.tmp\\wuweb\.inf
	205	+ Delete C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD.?.?\.tmp\\wuweb\.inf
	206	+ Write C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD.?.?\.tmp\\wuweb\.cat
	207	+ Delete C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\ICD.?.?\.tmp\\wuweb\.cat
208	208	+ Write C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\system32\\CatRoot2\\dberr\.txt
209	209	+ Write C:\\Program Files\\Internet Explorer\\iexplore\.exe C:\\WINDOWS\\LastGood\\TMP.?.?\.tmp

Navigation

Changeset 1348

Legend:

honeyclient/trunk/thirdparty/capture-mod/FileMonitor.exl

Download in other formats: