I'm trying to debug an installer, and I want to make sure that installations are performed properly when I tweak some settings. What I want to do is compare the logged file/folder changes after a proper installation to the logged changes after a tweaked installations, and if all files/folders were created,changed,deleted in exactly the same way, I know the tweak install was ok.
So is there a system file that keeps track of all creation, modification, and deletion of file and folders? I think it might be ntuser.dat.log or software.log, but I'm not sure. I came to these two files by creating, modifying, and deleting randome files, then performing multiple "date modified" searches to find the files that are most frequently modified when I perform these operations.
The problem is, if one of these two files is the one I'm looking for, I can't access either of them since they are system files currently in use.
So my question is if there is a file that logs file/folder creation/mod/del and how to access this file if access is prevented.
So is there a system file that keeps track of all creation, modification, and deletion of file and folders? I think it might be ntuser.dat.log or software.log, but I'm not sure. I came to these two files by creating, modifying, and deleting randome files, then performing multiple "date modified" searches to find the files that are most frequently modified when I perform these operations.
The problem is, if one of these two files is the one I'm looking for, I can't access either of them since they are system files currently in use.
So my question is if there is a file that logs file/folder creation/mod/del and how to access this file if access is prevented.