I want to track changes made to the registry through programming using preferably .Net Platform. I want to develop a solution in which I specifically need to track changes that happened to the registry, particularly the malicious ones, not the regular system install etc. I have found that the WMI can be helpful, more details are below: http://ift.tt/1GLlibN can help track changes to registry. Is it a good idea or should I be looking into some other Windows APIs that target the need of detecting malicious activity in registry.
Aucun commentaire:
Enregistrer un commentaire