geun-yeong
commented
1 year ago Did you check the "Capture Kernel" and the "Enable Verbose Kernel Output" of debugview? you can set both options if you run debugview as administrator.
If MiniFilter-Example(minifilter project) was successfully installed, debugview will print that any process accesses which files.
MiniFilterPort-Example(filterport project) must be run before executing filterportuser. First, you make "test.txt" file on any location. Then, enter "sc start MiniFilterPort-Example" and run filterportuser.exe, you can see that accessing "test.txt" is denied when you try to open "test.txt". MiniFilterPort-Example's role is to block an accessing the file and filterportuser's role is to send a block command.
I'm not good at English, so I'm not sure you understand my words. If you have any questions, comment on this issue whenever.
sorry for late.
sukritphiboon
Hi, your project is very interesting :)
I'm new to "minifilter" and my objective is learn this field for my studies. Can I kindly ask you a procedure for install and run your project? :)
I compiled and "installed" the 2 minifilter. Apparently is all okay, but nothing happen. When I use basic minifilter: nothing is printed in debugview When use port minfilter, filterportuser64.exe return only: "Hello, User"
I installed the two minitiport with right mouse click on .inf file and selected "install". After this I ran: sc start MiniFilterPort-Example or sc start MiniFilter-Example
with "fltmc" command I can seen the minifilter in list.
and apparently is ok. But ... all is mute :(
Thankyou and best regards, Massimiliano