Wikipedia says that anti-virus implement on-access checking (aka autoprotect) by hooking the windows API functions.
However, Windows has an inotify-like API, isn't it?
Why don't anti-virus programs just use the FindFirstChangeNotification() call to automatically check files as they are written to disk?
JJ
Question for Windows API and anti-virus gurus...
Moderator: Moderator Team
-
- Posts: 43
- Joined: Mon Jun 18, 2007 11:14 pm
Who is online
Users browsing this forum: DotBot [Crawler] and 48 guests