RE: See processes in windows
- From: "Tanel Poder" <tanel@xxxxxxxxxx>
- To: "'Niall Litchfield'" <niall.litchfield@xxxxxxxxx>, <Chris.Taylor@xxxxxxxxxxxxxxx>, <jdanton1@xxxxxxxxx>, <Brian.Zelli@xxxxxxxxxxxxxxx>, <oracle-l@xxxxxxxxxxxxx>
- Date: Thu, 23 Apr 2009 12:57:01 +0800
I took a Windows internals & troubleshooting training by Mark Russinovich &
David Solomon few years ago and Mark mentioned both procexp/procmon install
a kernel driver and yes its done dynamically (that's actually what I meant
by "installing" - the loading of the driver). I haven't verified it myself,
I think I can believe the word of the author of that tool :)
Niall, tlist.exe is not written by sysinternals, you may be confusing it
with pslist.exe which is written by them.
Tanel.
>
> And indeed its from the same developers as tlist!
>
> On 4/22/09, Taylor, Chris David <Chris.Taylor@xxxxxxxxxxxxxxx> wrote:
> > Fyi Process Explorer doesn't install a kernel driver, unless its
> > dynamic at runtime (AFAIK). It doesn't have an install
> routine, you
> > just unzip and run the exe. It's possible/likely that it
> uses some type of 'hook'
> > into the system, but if so, its using dlls and such that
> are already
> > installed/registered.
> >
--
//www.freelists.org/webpage/oracle-l
Other related posts:
