Hello guys , I have a question. If I will use winreg that to add a program in registry, will be antivirus or firewall to note it ? And sorry for my English.

What do you mean by "add a program in the registry"?

The firewall monitors network traffic, it has nothing to do with the registry.

For example I would like to do that after reboot PC program will Auto start, it's ok for firewall and antivirus ?

And if I will send something with using curl for a email , then firewall and antivirus will notice it ? Thanks for help.

Again, the firewall has nothing to do with it.

The various lists of programs that run automatically are among the first things antiviruses check. If you add a naughty program there, even the worst AVs will catch it right away.

If you're sending an email using, for example, STMP, then the default port is 25, so that would need to be open on your firewall. Different email protocols use different ports by default.

Your combinations of questions are very suspicious, I probably shouldn't even reply but it's not like I'm saying anything more than what you could find with a simple web search.

If you are wanting to add a program to the Windows registry the process would be better done by creating an installer program. It is all too easy to trash the registry if not done correctly. A trashed registry can result in Windows not working or booting.

Windows Installer Documentation - https://documentation.help/Windows-Installer/

Windows Installer Scripting Examples - https://docs.microsoft.com/en-us/windows/win32/msi/windows-installer-scripting-examples

Knowing what Windows Installer does, and doesn't do...
What is Windows Installer - https://naevette.com.au/what-is-windows-installer/

I'm thankful for the help. I'm studying at University on specialty of information security. I am in the 3rd year, and what I do , it's my food. It's just white hat .

I could be way off, but my very limited understanding is that the registry is not useful here.

If an executable program type (includes libraries and more) is dumped anywhere onto your disk, the antivirus scans it against its search algorithms for bad stuff. It does not care if it has a registry entry or was properly installed. It does not, to my knowledge, check the registry for this (it may check it for auto-startup and other known virus signatures, but not installed programs).

Think about it, what would a registry entry prove? If all it took to convince the AV that your program is legit is a registry entry, don't you think malware would have such entries?

So the bottom line is that if your AV is of any value, yes, it will notice that you put a program on your machine and it will check it out. This will happen whether the program is 'installed' and 'registered' or not.

Thanks for the good respond. Just I need to add program in registry for auto start after reboot . So what can I do it more right for bypass antivirus?

Turn off the antivirus, or add it to the antivirus' ignore list.

it shouldn't matter. plenty of things auto start without tripping AV. Adding to ignore list will work on one machine, but in general, if that file later gets infested it will be big trouble to track down because its on ignored list. Auto start is valid and won't trigger AV unless the program being started also triggers the AV's scans. Now if you auto-start via a root-kit or some other nefarious approach, that will get some attention.

Here is a short tutorial on how to add a program to the "Startup" list:

https://www.howtogeek.com/208224/how-to-add-programs-files-and-folders-to-system-startup-in-windows-8.1/