[Bug 13913] Process Monitor can not capture live events

15 Jun 2008


      http://bugs.winehq.org/show_bug.cgi?id=13913
Anastasius Focht focht@gmx.net changed:
What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |focht@gmx.net
--- Comment #3 from Anastasius Focht focht@gmx.net  2008-06-15 04:21:01 ---
Hello,
--- quote ---
If this program uses kernel driver to intercept/read events, then it's a won't
fix.
--- quote ---
Yes, procmon uses a kernel mode filter driver as many other tools from the
suite.
The error message is due to failing filter API check.
Even if you fix it by using the native filter library (Fltlib.dll), this won't
work anyway.
Most Sysinternals tools use NtLoadDriver() to load the accompanying helper
kernel driver.
Those drivers hook kernel services and peek into windows kernel structures.
This is not in the scope of wine.
WONTFIX.
While you're at it, close http://bugs.winehq.org/show_bug.cgi?id=13012 (regmon)
too.
Same problem domain there.
Just out of curiosity ... why don't you use wine's builtin facilities (debug
channels) for process monitoring?
Regards
-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[Bug 13913] Process Monitor can not capture live events