![]() This list covers the events that it does capture: It will additionally track a few other events in a limited fashion. Registry – this could be creating keys, reading them, deleting them, or querying them.You’ll be surprised just how often this happens. File System – this could be file creation, writing, deleting, etc, and it can be for both local hard drives and network drives.Network – this will show the source and destination of TCP/UDP traffic, but sadly it doesn’t show the data, making it a bit less useful.Process – These are events for processes and threads where a process is started, a thread starts or exits, etc. ![]() This can be useful information in certain instances, but is often something you’d want to look at in Process Explorer instead.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |