Как Process Explorer подменяет Task Manager.

? ??????, ??? Process Explorer ????????? ????? ??????????? Task Manager?

??????????? ??? ????? ?????? ? ????????. ?? ????????????? ???? ? ???????? ????????? ??? taskmgr.exe!

???????????? ?????? ?????? ?????????:

1. ??????? ?????????? ? ?????? CreateProcess. ??????? ??? ? ??? ????????? taskmgr.exe, ?????? ????? ??????? Process Explorer;
2. ?? ????? ???????? Windows File Protection (WPF), ??????? ????????? ??????????? ???? Task Manager’? ? %windir%\system32.

??????????:

1. ??????? ?????????? ??? ??????????? ?? ????????? ??????????????? taskmgr.exe. ??? ????? ???? ? ?? Task Manager ?????, ?????? ??? ???????. ??? ????? ?????? ???? ????? ??????? Process Explorer;
2. ??? ???????????? ????? “taskmgr.exe” ?????????? ? ????????? ?????? ???????????? ????????. ?.?. ??? ?????? ???????? ???????? notepad.exe ?? ?????? ???????? ?? ?????????.

?? ??????-?? ????? ????????? ???????.

Cross-posted from blog.not-a-kernel-guy.com.