yangjian issues

Repositories
Issues
Comments

Results 5 issues of


                                            yangjian

can taskexplorer monitor file rename event use etw

I want to monitor filename event, but i can't get the old file_path and new file_path in the event, i use taskexplorer but can not found this feature, does taskexplorer...

how to handle map and unmap (excluding image files) event type in krabsetw

hi ,I enable the EVENT_TRACE_FLAG_VAMAP in krabsetw, but can not receive event, from msdn, from msdn description, it is alse have no property. how can i handle map and unmap...

can processhacker plugin support individual file op ？

I am a heavy user of processhack, sometimes i need to analysis file operation(read,write), Hope processhack can have such a plugin

procmonxv2 can not use in windows7

i found TraceSystemTraceEnableFlagsInfo flag can not use in windows7

can etw file event support correlating filepath?

can ProcMonXv2 support correlating filepath for etw fileio event, especially for filerenam event?