About | Buy Stuff | News | Products | Rants | Search | Security | Social
Home » Gallery

SysGuard

SysGuard is a utility for Windows XP/2000. It uses proprietary XP API calls to monitor changes to your disks, partitions, and Registry from User Mode. It runs a minimum of twenty one (21) sovereign threads to protect you and alert you to dangers as they occur on your local machine. In practice, the output of SysGuard shows all activity in your system.

SysGuard's output is as concise and to the point as possible: no undue information is included, no important information is left out.

Disk Activity

SysGuard's disk monitor catches all disk activity in terms of standard change notification values.

  • Added - a sub-directory or file was added to the target.
  • Modified - a sub-directory or file was modified.
  • Removed - a sub-directory or file was removed from the target.
  • Renamed (Old) - a sub-directory or file was renamed, this is the old name.
  • Renamed (New) - a sub-directory or file was renamed, this is the new name.

Registry Alerts

SysGuard also watches the sensitive Registry 'Run' keys. Normally these keys should not be tampered with at all. If any alien program, hostile or otherwise, does attempt to trespass, SysGuard will put up an alert: its tray icon will blink.

SysGuard's Registry monitor catches all Registry activity at these keys in terms of the four standard activity types.

  • Attrs - the attributes of a key have changed.
  • SD - the security descriptor of the key has changed.
  • Subkey - a subkey has been added or deleted.
  • Value - a value has been added, deleted, or modified.

Logging Activity

SysGuard can log all disk and Registry activity to disk. Choose File - Log File from the menu to set the log file.

Toggle logging on and off by choosing File - Log from the menu.

Automatic Logging

When SysGuard's settings are saved, the name of your log file is also saved, and if you have the Log toggle (File - Log) on, SysGuard will automatically log to file on startup.

Responding to an Alert

Once SysGuard has alerted you to an access to your 'Run' keys, open SysGuard and note which keys were affected. Use any Registry editor to inspect the damage and threat. Clearing SysGuard's display (Edit - Delete) will turn the blinking tray icon off.

Copy to the Clipboard

The contents of SysGuard's display can be selected and copied to the Clipboard at any time in text readable format.

File size: 7.5KB.

About | Gallery | News | Order the XPT | Products | Resources | Security | Services | Workshop
Copyright © Radsoft. All rights reserved.