Sysinternals Homepage
Forum Home Forum Home > Windows Discussions > Internals
  New Posts New Posts RSS Feed: Device Driver Listing
  FAQ FAQ  Forum Search   Calendar   Register Register  Login Login

Device Driver Listing
 Post Reply Post Reply
Author
Message Reverse Sort Order
  Share Topic Share Topic  Topic Search Topic Search  Topic Options Topic Options
molotov View Drop Down
Moderator Group
Moderator Group
Avatar

Joined: 04 October 2006
Online Status: Offline
Posts: 17492 		Post Options Post Options   Quote molotov Quote  Post ReplyReply Direct Link To This Post Topic: Device Driver Listing
    Posted: 20 November 2009 at 12:07pm
I suspected something like that may be going on.  Still, it would be interesting to note the bugcheck details, if at all available...

What version of handle do you use (I assume v3.42, the latest...)?
Daily affirmation:
net helpmsg 4006
Back to Top
tribina View Drop Down
Newbie
Newbie


Joined: 06 November 2009
Location: USA
Online Status: Offline
Posts: 2 		Post Options Post Options   Quote tribina Quote  Post ReplyReply Direct Link To This Post Posted: 19 November 2009 at 2:42pm
It's interesting to learn that handle.exe also uses the same drives.  I do use handle.exe in a script which would explain why the driver is always loaded.
 
Thanks for answering my question indirectly.
 
Tongue
Back to Top
molotov View Drop Down
Moderator Group
Moderator Group
Avatar

Joined: 04 October 2006
Online Status: Offline
Posts: 17492 		Post Options Post Options   Quote molotov Quote  Post ReplyReply Direct Link To This Post Posted: 19 November 2009 at 11:32am
 If i use it will loaded and its absence from the list would confirm no else has.
Note that only if Process Explorer is run by an Administrator, will its driver be loaded.  But, since only a kernel component or faulty hardware can cause a bugcheck, it would seem you are only interested in that case.

Also note that other utils such as Handle.exe use the Process Explorer driver.

Of course bugcheck details would be of interest, but it does not sound like those are available to you... Dead


Edited by molotov - 19 November 2009 at 11:33am
Daily affirmation:
net helpmsg 4006
Back to Top
Meriadoc View Drop Down
Senior Member
Senior Member
Avatar

Joined: 22 August 2006
Online Status: Offline
Posts: 233 		Post Options Post Options   Quote Meriadoc Quote  Post ReplyReply Direct Link To This Post Posted: 07 November 2009 at 11:00am
 Maybe DriverView

The only way to confirm it for yourself would be to run Windbg or something like blue screen view.




Edited by Meriadoc - 07 November 2009 at 11:35am
Back to Top
tribina View Drop Down
Newbie
Newbie


Joined: 06 November 2009
Location: USA
Online Status: Offline
Posts: 2 		Post Options Post Options   Quote tribina Quote  Post ReplyReply Direct Link To This Post Posted: 06 November 2009 at 10:50pm

Hello,

I would like to know how I can get a list of loaded kernel drivers on a windows server box.  I know how to do it with ProcessExplorer, but I don't/can't use it.  The reason is that I have a windows server box that's getting a blue screen.  The sysops tell me that it was caused by procexp113.sys driver, but I don't think it was.  I would like to get a list to confirm no one has run procexplorer.  If i use it will loaded and its absence from the list would confirm no else has.
 
PS.  I don't have a copy of the minidump that was created to confirm it.  The sysops have analyzed the dump before and found it was loaded and caused the blue screen, but now have stopped doing it and directly assume we're running procexplorer, which we have stopped running.
Back to Top
 Post Reply Post Reply

Forum Jump Forum Permissions View Drop Down