could you tell me how to monitor registry changes (specified values) using WinAPI or so?
I know there is the function RegNotifyChangeKeyValue that allows to notify the caller about changes to the attributes or contents of a specified registry key, for example: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
But I need to see if value of the specified parameter in the key was changed: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Skype
So RegNotifyChangeKeyValue only works with keys and monitors all parameters of the specified key...
Thank you!
RegNotifyChangeKeyValue is what you need. Pass in REG_NOTIFY_CHANGE_LAST_SET as the notify filter argument, and whenever you receive notification you know that some value of the key has be added, deleted or modified. You must then check whether or not the specific value of interest has changed. There is no more fine-grained monitoring functionality available to you.