Changeset 1469
- Timestamp:
- 04/08/08 10:05:22 (3 months ago)
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
honeyclient/branches/exp/kindlund-simpler_agent/thirdparty/capture-mod/FileMonitor.exl
r1467 r1469 261 261 + Write C:\\WINDOWS\\system32\\svchost\.exe C:\\WINDOWS\\SoftwareDistribution\\DataStore\\Logs 262 262 + Write C:\\WINDOWS\\system32\\svchost\.exe C:\\WINDOWS\\system32 263 + Write C:\\WINDOWS\\system32\\svchost\.exe C:\\WINDOWS\\system32\\config 263 264 + Write C:\\WINDOWS\\system32\\svchost\.exe C:\\WINDOWS\\repair 264 265 + Write C:\\WINDOWS\\system32\\svchost\.exe C:\\WINDOWS\\SoftwareDistribution … … 296 297 + Delete C:\\WINDOWS\\system32\\svchost\.exe C:\\Documents and Settings\\.+\\Cookies\\index.dat 297 298 + Write C:\\WINDOWS\\system32\\svchost\.exe C:\\WINDOWS\\WinSxS\\Policies\\.* 299 + Write C:\\WINDOWS\\system32\\svchost\.exe C:\\WINDOWS\\WinSxS 298 300 + Write C:\\WINDOWS\\system32\\svchost\.exe C:\\ 301 + Write C:\\WINDOWS\\system32\\svchost\.exe C:\\Documents and Settings\\.+\\Application Data\\.+ 302 + Delete C:\\WINDOWS\\system32\\svchost\.exe C:\\Documents and Settings\\.+\\Application Data\\.+ honeyclient/branches/exp/kindlund-simpler_agent/thirdparty/capture-mod/RegistryMonitor.exl
r1402 r1469 355 355 + SetValueKey C:\\Program Files\\Windows Media Player\\wmpnscfg\.exe HKLM\\SOFTWARE\\Microsoft\\Windows Media Player NSS\\.* 356 356 + SetValueKey C:\\Program Files\\Windows Media Player\\wmpnetwk\.exe HKLM\\SOFTWARE\\Microsoft\\Windows Media Player NSS\\.* 357 358 #### HONEYCLIENT AUTO EXCLUDE SCRIPT - Internet Explorer 7 Updates 359 + SetValueKey C:\\WINDOWS\\explorer\.exe HKCU\\Software\\Microsoft\\Windows\\Shell\\Bag.+
