We needed to monitor all processes Registry calls/File Sytem calls/Process creations in the system (for the antivirus hips module) .

Also time by time it will be needed to delay some calls or decline them.