# $Id: regmonitor.cfg,v 1.2 2006/06/28 15:55:45 hochoa Exp $ 
# (c) 2006, Core Security Technologies
# Author: Hernan Ochoa (hochoa@corest.com)

# LONG RegOpenKey( HKEY hKey, LPCTSTR lpSubKey, phkResult)
advapi32.dll:RegOpenKeyA:3:regmonitor.advapi32_regopenkeya_handler:B

# LONG RegOpenKeyEx( HKEY hKey, LPCTSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult)
advapi32.dll:RegOpenKeyExA:5:regmonitor.advapi32_regopenkeyexa_handler:B


# LONG RegCloseKey( HKEY hKey )
#advapi32.dll:RegCloseKey:1:regmonitor.advapi32_regclosekey_handler:B


# LONG RegSetValueA( HKEY hkey, LPCTSTR lpSubKey, LPCTSTR lpValueName,
#                     DWORD dwType, LPCVOID lpData, DWORD cbData)
advapi32.dll:RegSetValueA:6:regmonitor.advapi32_regsetvaluea_handler:B

# LONG RegSetValueExA( HKEY hKey, LPCTSTR lpValuename, DWORD Reserved,
#                 DWORD dwType, const BYTE=lpData, DWORD cbData)
advapi32.dll:RegSetValueExA:6:regmonitor.advapi32_regsetvalueexa_handler:B


# LONG RegQueryValueA( HKEY hkey, LPCTSTR lpSubKey, LPTSTR lpValue,
#                   PLONG lpcbValue )
advapi32.dll:RegQueryValueA:4:regmonitor.advapi32_regqueryvaluea_handler:B

# LONG RegQueryValueExA( HKEY hkey, LPCTSTR lpValuename,
#      LPDWORD lpReserved, LPDWORD lpType, LPBYTE lpData,
#      LPDWORD lpcbData )
advapi32.dll:RegQueryValueExA:6:regmonitor.advapi32_regqueryvalueexa_handler:B

# LONG RegDeleteValueA( HKEy hKey, LPCTSTR lpValueName )
advapi32.dll:RegDeleteValueA:2:regmonitor.advapi32_regdeletevaluea_handler:B

# LONG RegEnumValue( HKEY hkey, DWORD dwIndex, LPTSTR lpValueName,
#       LPDWORD lpcValueName, LPDWORD lpReserved, LPDWORD lpType,
#       LPBYTE lpData, LPDWORD lpcbData )
advapi32.dll:RegEnumValueA:8:regmonitor.advapi32_regenumvaluea_handler:B