There are often cases when some unwanted program (mostly spyware and worms) try to hide their activity by hiding themselves using kernel level techniques.
So, to uncover these processes/modules/threads we have a driver which is compiled with Microsoft Windows DDK. The Driver is compatible with windows xp sp2 and sp3.
The Driver(Zip File)
So what we have to do is just run the InstDrv.exe (bundled along in the zip file). As With all the drivers we have to install my driver(TheOne.sys).
To Do This Start Install Drv by double clicking on it. Type in the path to TheOne.sys and click Install.
To Interface With the driver we also have a Usermode Program (Enlist.exe Bundled In Zip) in Microsoft Visual C++.
Run it to get the results from our driver. We get the following message on running it.
Now the output on the console will not be desirable so enlist.exe outputs the results to a LISTING.txt File created in the working directory.
HOPE THIS HELPS….