I was looking around in google for a program that monitors programs that access and change registry values. Like a firewall, it would have exception rules for processes that constantly write to the registry - like explorer.exe and services.exe / svchost.exe ect.
It would come in handly for malware detection. It could also provide tracking for actual values written to the registry.
Smilary there could be a process firewall - where processes must first be authenticated to run...
Could any one share any coding possibilies for these ideas? Or do these programs already exist?