More on Processes and Threads

During the last weeks I've documented _EPROCESS and _ETHREAD structures for several versions of Microsoft Windows in the main (that is German) section of this blog. The declarations are in English anyway. I'd like to avoid duplicating those long lists here for several reasons, penalties by search engines among them. This post will guide you to the relevant articles. If there are still questions left please do not hestiate to ask me.

NameBuildStructures
Windows 20005.0.2195.7045ETHREAD and EPROCESS
Windows XP5.1.2600.0ETHREAD and EPROCESS
5.1.2600.2180ETHREAD and EPROCESS
Windows Server 20035.2.3790.0ETHREAD and EPROCESS

Archives

Imprint

This blog is a project of:
Andreas Schuster
Im Äuelchen 45
D-53177 Bonn
impressum@forensikblog.de

Copyright © 2005-2012 by
Andreas Schuster
All rights reserved.
Powered by Movable Type 5.12