how can i find whether a program has device driver or not (or know program run in ring0 or ring3)
i need function(api) for this in c# or c/c++ like regmon it has device driver
thank
+1
A:
Is it Windows?
(Disclaimer: I have no experience with drivers. I'm just finding information from Google)
- To find out whether a certain piece of code actually runs in ring0, you will need a kernel mode debuger, like WinDbg.
- To find out whether a certain ring3 program communicates with a certain driver, use SysInternals Process Explorer and see if the ring3 program opens any files that says "\Device\something"
http://social.msdn.microsoft.com/Forums/en/Vsexpressvc/thread/5bc594a5-b593-4368-a2b3-31cc5f4a7ddb
rwong
2010-07-03 20:26:44
A:
Another sign that a program uses a device driver is that if it imports/invokes the DeviceIoControl Function.
ChrisW
2010-07-03 20:48:57