Process Explorer has a nice feature Replace Task Manager <img src="https://i.stack.imgur.com/Fw4kt.png" alt="enter image description here"> I just wondered how Mark Russinovich implements this. What trick is used for implementing this?

You can use ProcMon to find out how it's done... To save you the bother, ProcExp is defined as the debugger of taskmgr.exe in <code>Image File Execution Options</code> on the registry. This means ProcExp is launched before taskmgr starts to run, no matter how taskmgr was launched. Then, ProcExp can easily close task manager and show itself.

How to make the feature 'Replace Task Manager' of Process Explorer?

1 Answers

You can use ProcMon to find out how it's done...

To save you the bother, ProcExp is defined as the debugger of taskmgr.exe in Image File Execution Options on the registry. This means ProcExp is launched before taskmgr starts to run, no matter how taskmgr was launched. Then, ProcExp can easily close task manager and show itself.

105

answered Oct 10 '22 06:10

eran

Recent Activity
Apple Pay - authorize.net returns error 153 only when live, sandbox works
How to continue cursor loop even error occured in the loop
python find all neighbours of a given node in a list of lists
Fatal error: Call to a member function setColumn() on a non-object in Magento
Count how many of each value from a field with MySQL and PHP
Python 32-bit development on 64-bit Windows [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With

How to make the feature 'Replace Task Manager' of Process Explorer?

Tags:

windows

winapi

sysinternals

win32-process

process-explorer

Benjamin

1 Answers

eran

Recent Activity

Donate For Us

How to make the feature 'Replace Task Manager' of Process Explorer?

Tags:

windows

winapi

sysinternals

win32-process

process-explorer

Benjamin

1 Answers

eran

Related questions

Recent Activity

Donate For Us