SpyMeTools
SpyMeTools
I came across SpyMe Tools V 1.5 recently via ...
http://www.lcibrossolutions.com/spyme_tools.htm
SpyMe Tools is very useful in detecting Registry and Disk changes. If any application installs spyware, adware, dlls, programs, files, or any other type of file, picture, or program, etc. or changes the Registry's content, you will be able to see exactly where the modification occurred so you can take measures. With this software you will know everything that is added or removed.
SpyMe Tools also includes a Real time Disk/Registry monitor so you may spot the changes in real time but this is only available on a NT platform (including Win2k and Win XP).
You can also use the program to backup your Registry.
Now, let's be in no doubt - the program does make some changes to the Registry beyond the usual MRU type entries. But not too many and they may be acceptable.
If interested - download. Uni- extract files. Delete the rubbish but place madCHook.dll in the main folder
http://www.lcibrossolutions.com/spyme_tools.htm
SpyMe Tools is very useful in detecting Registry and Disk changes. If any application installs spyware, adware, dlls, programs, files, or any other type of file, picture, or program, etc. or changes the Registry's content, you will be able to see exactly where the modification occurred so you can take measures. With this software you will know everything that is added or removed.
SpyMe Tools also includes a Real time Disk/Registry monitor so you may spot the changes in real time but this is only available on a NT platform (including Win2k and Win XP).
You can also use the program to backup your Registry.
Now, let's be in no doubt - the program does make some changes to the Registry beyond the usual MRU type entries. But not too many and they may be acceptable.
If interested - download. Uni- extract files. Delete the rubbish but place madCHook.dll in the main folder
Well, tested with regshot:
the application likes to "register" itself...
The settings are written into an ini file in its folder... The program does not use any "Last used folder"...
Well, I guess that it´s almost portable. I wait for other opinions...
the application likes to "register" itself...
Code: Select all
----------------------------------
Keys added:3
----------------------------------
HKLM\SOFTWARE\LC IBros Solutions
HKLM\SOFTWARE\LC IBros Solutions\Spyme Tools
HKU\S-1-5-21-407404009-2007238923-643028249-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\rdf
Code: Select all
----------------------------------
Values added:5
----------------------------------
HKLM\SOFTWARE\LC IBros Solutions\Spyme Tools\last_check: 00 00 00 00 00 1A E3 40
HKU\S-1-5-21-407404009-2007238923-643028249-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU\e: 53 00 70 00 79 00 4D 00 65 00 54 00 6F 00 6F 00 6C 00 73 00 2E 00 65 00 78 00 65 00 00 00 43 00 3A 00 5C 00 74 00 65 00 6D 00 70 00 5C 00 50 00 61 00 6F 00 6C 00 6F 00 20 00 43 00 44 00 5C 00 73 00 70 00 79 00 6D 00 65 00 74 00 6F 00 6F 00 6C 00 73 00 5F 00 69 00 6E 00 73 00 74 00 61 00 6C 00 6C 00 65 00 72 00 5C 00 7B 00 61 00 70 00 70 00 7D 00 00 00
HKU\S-1-5-21-407404009-2007238923-643028249-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*\g: "C:\temp\test\spymetools_installer\{app}\pippo1.rdf"
HKU\S-1-5-21-407404009-2007238923-643028249-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\rdf\a: "C:\temp\test\spymetools_installer\{app}\pippo1.rdf"
HKU\S-1-5-21-407404009-2007238923-643028249-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\rdf\MRUList: "a"
Well, I guess that it´s almost portable. I wait for other opinions...
- Andrew Lee
- Posts: 3065
- Joined: Sat Feb 04, 2006 9:19 am
- Contact:
I think it is portable, but not stealth.
It writes this lone entry:
Seems to be the timestamp for the last autoupdate, which is the first thing I would disable anyway.
I will add this to the database.
It writes this lone entry:
Code: Select all
HKLM\SOFTWARE\LC IBros Solutions\Spyme Tools\last_check: 00 00 00 00 40 1A E3 40
I will add this to the database.
-
- Posts: 47
- Joined: Tue Mar 27, 2007 12:21 pm
Hi! Maybe you did not copy that application from the {sys} folder to the {app} folder of the application...calm_observer wrote:i found it installs madCHook.dll in the system folder.
How to extract: Download the installer and extract using Universal Extractor to a folder of your choice. The application files are located in the {app} subfolder, but you need {sys}\madCHook.dll in this folder as well. Launch the program by double-clicking on SpyMeTools.exe.exe. Upon inital launch, you may want to disable auto-update under "Options".
-
- Posts: 47
- Joined: Tue Mar 27, 2007 12:21 pm
Re: SpyMeTools
Please note that the application website offers a zipped archive with I believe all files included.
Re: SpyMeTools
Updated the Entry! I added additional information to finally stop HKLM\SOFTWARE\LC IBros Solutions\Spyme Tools\ being created. If you create a new file called 'config.ini' and then paste the following...
it will stop the program checking for updates, thus not creating the Registry Key on first run.
Code: Select all
[options]
check_for_updates=0
-
- Posts: 133
- Joined: Wed Sep 05, 2007 8:42 pm
Re: SpyMeTools
If anyone else has trouble finding the TPFC entry, it's at http://www.portablefreeware.com/index.php?id=1156
And if you try searching for it here, be sure to include the space: "SpyMe Tools". I learned the hard way!
And if you try searching for it here, be sure to include the space: "SpyMe Tools". I learned the hard way!