Thomas Hruska wrote:
> Thomas Eyde wrote:
>> On 9/6/06, Thomas Hruska <email@example.com> wrote:
>>> Really? What hook works across WinNT _AND_ Win9x?
>> I can't tell. The hooks I am referring to was used via the
>> FileSystemWatcher in .NET.
> And what function do you suppose FileSystemWatcher is based on? You
> know you've been working with .NET far too long if you can't figure out
> what Win32 APIs are being called behind the scenes. Every .NET call
> eventually interfaces with Win32 APIs.
> Here's a hint: DirectoryChangesW(). It only works for WinNT and it has
> major issues.
> The only thing I've ever seen that works is FileMon. SysInternals has
> long since stopped publishing the source to their various monitoring
> utilities and nobody ever bothered to save the old versions. People
> simply pointed to SysInternals' website and said, "Check this tool out -
> it even has source code". However, based on what I've read, things like
> FileMon are going to be impossible under 64-bit Windows Vista due to the
> alterations in the kernel-mode driver architecture.
FileMon is a file system filter driver. (The new WDK has a
similar sample in it called FileSpy by the way.)
These drivers do not depend on hooking, so there will not
be a problem under 64-bit windows vista. They will,
however, be required to be signed, as will all drivers
under 64-bit windows vista.
Unfortunately, I don't think automatically tracking renames
is a big enough ROI to justify implementing a file system
It might be worth it to implement a entirely new working
In such a hypothetical working copy format, there would
only need to be one version of unmodified files because
the driver would automatically make a copy of a file
before it was modified.
Things such as rename, file deletions and folder deletions
would be automatically tracked. About the only thing you
would need to do is add new items to your working copy.
Oh, and it wouldn't be necessary to scan your working copy
for changes because the driver would have recorded any changes
that happened when they happened. Bye-bye waiting for the
Now it might be worth a filter driver for that... but
even that is questionably, since we are talking about
pretty much the most difficult, complex single piece
of windows software that can be written... and a
single mistake will land the user in BSOD land.
To unsubscribe, e-mail: firstname.lastname@example.org
For additional commands, e-mail: email@example.com
Received on Wed Sep 6 18:55:03 2006