Minifilter intercepting request from perticular folder only

Ritesh · September 25, 2025, 11:39am

Hello everyone,

I’m trying to find a way to intercept I/O requests that originate from a specific folder using a minifilter driver. I understand that attaching the minifilter to the volume containing that folder works, and that I could also filter requests by checking for a path prefix match. However, I’m wondering if there’s a more efficient approach that allows interception of only the I/O requests from that particular folder, since prefix matching seems costly in terms of performance.

Thanks in advance!

Scott_Noone_OSR · September 25, 2025, 3:48pm

You need to do the prefix matching in your filter. There is no option for only filtering specific folders of a volume.

Ritesh · September 28, 2025, 5:45pm

Thanks @Scott_Noone_OSR for your response.

system · December 27, 2025, 5:46pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.