Skip to content

Commit

Permalink
default.stacktags
Browse files Browse the repository at this point in the history 
  - Added tag for Broadcast Window Message
  - Updated Ativirus stackags.
  - ESET added eamonm.sys drvier
  - Added Antivirus - BitDefender
    with driver vlflt.sys
  • Loading branch information
@AloisKraus
AloisKraus committed Aug 6, 2024
1 parent 70e3d35 commit 21ed660
Showing 1 changed file with 13 additions and 4 deletions.
17 changes: 13 additions & 4 deletions ETWAnalyzer/Configuration/default.stacktags
View file
Original file line number Diff line number Diff line change
Expand Up @@ -352,18 +352,23 @@
<Entrypoint Module="cyvrmtgn.sys" Method="*"/>
</Tag>
</Tag>

<Tag Name="Antivirus - Palo Alto Networks - FSFilter Activity Monitor cyvrlpc.sys" Priority="1">
<Entrypoint Module="cyvrlpc.sys" Method="*"/>
</Tag>

<Tag Name="Antivirus - ESET NOD32">
<Tag Name="FSFilter Driver ehdrv.sys">
<Entrypoint Module="ehdrv.sys" Method="*"/>
</Tag>
<Tag Name="FSFilter Driver eamonm.sys">
<Entrypoint Module="eamonm.sys" Method="*"/>
</Tag>
</Tag>

<Tag Name="Antivirus - Mc Afee" Priority="1" >
<Tag Name="Antivirus - BitDefender" Priority="1">
<Tag Name="FSFilter Driver ehdrv.sys">
<Entrypoint Module="vlflt.sys" Method="*"/>
</Tag>
</Tag>
<Tag Name="Antivirus - Mc Afee" Priority="1" >
<Entrypoint Module="MfeAVSvc.exe" Method="*"/>
<Entrypoint Module="mfecore.dll" Method="*"/>
<Entrypoint Module="mfefires.dll" Method="*"/>
Expand Down Expand Up @@ -680,6 +685,10 @@
<Entrypoint Module="libcef.dll" Method="**"/>
</Tag>

<Tag Name="Broadcast Window Message">
<Entrypoint Module="win32kfull.sys" Method="xxxBroadcastMessageEx*"/>
</Tag>

<Tag Name="UI Automation Overhead">
<Entrypoint Module="ole32.dll" Method="ThreadWndProc*"/>
<Entrypoint Module="oleacc.dll" Method="LresultFromObject*"/>
Expand Down

0 comments on commit 21ed660

Please sign in to comment.