Jump to content

Does ESET NOD32 4.2.71 use "mini-filters"?


Wallaby
 Share

Recommended Posts

Just watched this interesting video on a Microsoft channel

hxxp://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-47-WPT-MiniFilter-Analysis

 

Those guys use Windows Performance Analyzer to see a "mini-filter" trace generated by xperf while a Windows antivirus scans some files.

 

I tried with a scan with NOD32 4.2.71 but at the end I don't get any data to view, so I was wondering if NOD32 uses this "mini-filters" approach or not.

Any idea?

 

Thanks in  advance

Link to comment
Share on other sites

I have Windows 7 SP1 x64 Home Premium

When I right-click on eamonm.sys in the drivers Tab I see (in Sysinternals Autoruns) that "eamonm.sys is not currently running"

What is wrong?

What do I have to do to see some mini-filter activity?

Link to comment
Share on other sites

It is running

 

   TYPE                   : 2  FILE_SYSTEM_DRIVER
   STATUS              : 4  RUNNING
                           (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

...........

 

but mini-filter is not recording anything :(

OK... let's forget about it... I'll investigate

 

Thanks anyway

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...