摘要
Windows 95/98注册表存放着应用程序和计算机系统的全部重要信息,众 多的程序在运行时都要对注册表进行读写,其中包括黑客程序和共享软件等,因此对注册表 进行监视有重要意义,论述了采用 Windows多进程和挂钩技术对注册表的读写进行监视的方 法 .
All important imformation of application programs and computer syst em are stored in Windows95/98 Registry.It is significant to monitor the reading and writing on the Registry for lots of programs,especially hacker programs and sharewares act on the Registry when they run .In this paper we give a method of moniting the Registry by multiprocess,VxD services and Windows hooks.
出处
《沈阳工业大学学报》
EI
CAS
2001年第3期228-231,共4页
Journal of Shenyang University of Technology