This software helps prevent the launching of untrusted executable binaries and protects against damage to data by untrusted processes. It provides callback notifications for process/thread creation and termination.
The Easefilter Process Filter Driver is an effective kernel-mode driver that filters processes and thread creation and termination. It offers users a hassle-free experience in the development of Windows applications to monitor and protect Windows processes. Using this driver, you can easily prevent malwares and other potentially harmful executable binaries from being launched. This software also enables you to secure your data from getting damaged by untrusted processes.
One of its key features includes providing callback notifications for process/thread creation or termination. By getting new process information, developers can now obtain IDs for the parent process and thread. They can also access the exact file name used to open the executable file as well as the command line used to execute the process if available.
To receive notifications on the new process creation, simply enable the "PROCESS_CREATION_NOTIFICATION" flag. For process termination notification, enable "PROCESS_TERMINATION_NOTIFICATION". For notifications about process handle creation or duplication, enable "PROCESS_HANDLE_OP_NOTIFICATION". In addition, the driver provides similar notifications for the creation and termination of threads.
In summary, the Easefilter Process Filter Driver is a highly effective and efficient solution that provides developers with a reliable and safe way of monitoring and protecting Windows processes. Its user-friendly interface, coupled with these robust features, makes it an invaluable tool for all Windows application developers.
One of its key features includes providing callback notifications for process/thread creation or termination. By getting new process information, developers can now obtain IDs for the parent process and thread. They can also access the exact file name used to open the executable file as well as the command line used to execute the process if available.
To receive notifications on the new process creation, simply enable the "PROCESS_CREATION_NOTIFICATION" flag. For process termination notification, enable "PROCESS_TERMINATION_NOTIFICATION". For notifications about process handle creation or duplication, enable "PROCESS_HANDLE_OP_NOTIFICATION". In addition, the driver provides similar notifications for the creation and termination of threads.
In summary, the Easefilter Process Filter Driver is a highly effective and efficient solution that provides developers with a reliable and safe way of monitoring and protecting Windows processes. Its user-friendly interface, coupled with these robust features, makes it an invaluable tool for all Windows application developers.
What's New
Version 5.1.8.1:
1. Added trusted process to control the filter rule.
2. Fixed the slow issue of the service starting.
3. Enhanced the driver connection security check.
4. Fixed the issue which the user access rights not working correctly.