Baron-von-Riedesel/ProcWin
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
1. About Procwin Procwin is a process explorer, showing all currently executing processes. For every process you can examine the loaded modules, the heaps, the structure of the address space and the generated threads. For every module there can be viewed: - the memory image of the module - the PE header of the module - the code section as disassembled list - the exported functions of the module - the imported functions of the module It is possible to change the printed values and so to manipulate foreign processes. 2. Installation/Deinstallation ProcWin consists of PROCWIN.EXE and JDISASM.DLL. No registry entries will be created or modified. So just unzip the ProcWin package, preferably in its own directory, then run ProcWin.EXE. To deinstall simply delete the directory. 3. Restrictions - ProcWin was originally written for Windows 9x, using the Toolhelp functions, which wasn't available for Windows NT and its successors. Later support for psapi.dll was added, which works for NT/XP/Vista/ Windows 7 and (hopefully) the rest. However, only processes owned by the current user may be examined, for other processes no memory map will be displayed. - The "Explore" menu item might not work as expected for all Windows versions. 4. Creating PROCWIN.EXE See MAKEFILE for details how to create ProcWin.exe. If you're not interested in the source, all files except ProcWin.exe, JDisasm.dll and readme.txt may be deleted. 5. License ProcWin is Public Domain. You will use this program at your own risk. Written 2000-2009, Japheth ( http://www.japheth.de )
About
displays processes, modules and memory layout
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published