On Wed, Mar 28, 2007 at 08:36:15AM +0100, Dave Page wrote: > Magnus Hagander wrote: > > > > The obvious question before we even think about anything else - any > > antivirus, antispyware or any other third party software on the machine > > that may be using a filter driver? > > Any idea how easy would it be to log the installed filter drivers at > startup? If we can gather more info over the long term we could get a > better idea of what products have iffy drivers.
Seems not to be entirely easy. There are functions to do it in the DDK (IoEnumerateRegisteredFiltersList() and FltEnumerateFilters()), but those are kernel level functions. Check this thread, for example: http://groups.google.se/group/microsoft.public.development.device.drivers/browse_frm/thread/9affce7b16730526/7b8ab594d408da8e?lnk=st&q=enumerate+filter+drivers&rnum=2&hl=en#7b8ab594d408da8e IRIC they should be in the registry under CurrentControlSet, but I'm unsure if you can actually find out which are filter drivers from there. //Magnus ---------------------------(end of broadcast)--------------------------- TIP 1: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
