I am writing a small spyware removal software … I am writing this tool in VC++ and in ASM … currently I am writing a module to build the signature database and methods to retrieve informations from the DB … while doing this work I came across a good website which has excellent information about [...]

regmon and filemon are the two important tools used in malware analysis. any malware, when it first infects the Windoze box, it infects the registry. the reason behind this is to make sure that the malware runs every time windoze boots up and to disable other security settings of windoze / av’s. regmon tool basically [...]