Found this one on securitytube
http://www.securitytube.net/Reverse-E...
Most of us install software downloaded both known and unknown sources. Sometimes, we might have a reason to suspect that the software in question may be doing some malicious activity on our PC - such as modifying a registry key, overwriting an important system DLL etc. In this video we will look at how to reverse engineer a software install process by using InstallWatch.
InstallWatch is a great piece of software which creates a snapshot of your system both before and after you install the suspicious piece of software. Then it creates the "diff" and tells you what are the new / modified / deleted files, registry entries, folders, INI files etc. This allows you to immediately check if something bad has happened to your system in the course of installing the said software. The software however, does not have an "uninstall" or "revert to original snapshot" option.
It is important to note that what we have done here is a kind of "installation forensics". In later videos we will look at more advanced techniques such as memory dumping and analysis, imaging a live operating system etc.
Auf dieser Seite können Sie das Online-Video Reverse Engineering a Software Install Process mit der Dauer stunde minuten sekunde in guter Qualität ansehen, das der Benutzer Christiaan008 18 Juni 2009 hochgeladen hat, den Link mit Freunden und Bekannten teilen, dieses Video wurde auf Youtube bereits 18,654 Mal angesehen und es wurde von 42 den Zuschauern gefallen. Viel Spaß beim Betrachtenden Zuschauern gefallen!