I want to intercept file (ReadFile, WriteFile) operations and registry calls of some program. I decided that filter driver will be the best solution. Is it possible to do that from WDF or I need to learn WDM? Are there any samples?
OK, minifilter is the right solution