How to monitor the files on my computer?

AlexCode

AlexCode

Well-known member
Joined
Jul 7, 2003
Messages
931
Location
Portugal
Hi...

How can I monitor the files on my computer in such way that I would be able to block system calls before they occure?
Im talking about something like I try to delete a file but a resident Windows Service receves the info and blocks the delete process...

The only thing I find is on .net, the FileSystemWatch but it only grabs the info... doesnt block it...
Im looking foward for some APIs or even some C code...

Thanks...

Alex :p
 
To do what you actually said you wanted youd have to write a filesystem filter driver, which runs in kernel mode as a drive if i remember correctly, and you cant write such things in .NET. Probably not want you want.

On the other hand if you just want to block things from the windows shell (windows explorer not the command prompt) its relatively easy to implement the ICopyHook COM interface. The ICopyHook interface allows you to catch and prevent/alter all file/folder operations performed through the shell. Look it up on msdn and break out the System.Runtime.InteropServices namespace.

For a more complete answer id have to know what you want to block and why, can you tell us?
 
Thankyou very much!
I needed something to start looking for...

Im just wondering about a protection for some files.
Currently I have this security issue solved with the permissions of Windows Server, but something like blocking a user to delete an icon from the Desktop or so could be easyer to do...

In future I would like to build a custom "file guardian" like some already on the market, that would protect some serious security files/folder from the business with passwords.

I dont care if it has to be made in C, just as long as I know how to do it! :p

If theres anything else you can point me I would apreciate it! Thanks!

Alex :p
 
The copyhook can only detect file move delete or rename operations. What you want to do would need to be a filesystem driver filter. I dont recommend trying this without some serious reading about the subject, and yes it would have to be in c.
 

Similar threads

J
How to block the Windows 11 update from being installed on your PC
Replies
0
Views
76
Jacob Siegal
J
C
How to buy a computer: Everything to consider
Replies
0
Views
84
Christian de Looper
C
L
My computer has an undetectable virus on it
Replies
0
Views
95
LemonBridge48
L
M
Microsoft 10 security anti virus blocking dozens of my valid files, including for work and stuff I have bought.... NO OPTION to unblock is shwoing
Replies
0
Views
65
Malakie USN
M
M
Last chance to save $75 on the high-tech gadget of every golfer’s dreams
Replies
0
Views
75
Maren Estrada
M
Back
Top