Skip navigation
Menu
Compute Engines

JSI Tip 7102. How do I determine a driver name from a pool tag?

In tip 7101 » How can I monitor my system for kernel mode memory leaks, we used Poolmon.exe to determine the pool tag of a leaking process.

To determine the driver name from a pool tag:

1. Open a CMD prompt.

2. Change to the drivers folder by typing cd /d %SystemRoot%\System32\Drivers

3. Type the following command:

findstr /m /l <pool tag> *.sys

4. If you receive multiple files, add an h to the <pool tag>. findstr /m /l hTCPt *.sys returns TCPIP.SYS.



Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
empty cockpit of autonomous car
What Is a Real-Time Operating System, and Who Needs One?
Mar 05, 2024
ERP button on keyboard
5 ERP Trends to Watch in 2024
Jan 17, 2024
automation key on keyboard
Storage Management as a Case Study for Network Automation Adoption
Dec 21, 2023
Abstract technology concept lighting effect on dark blue background
Top 10 Stories About Compute Engines, Linux in 2023
Dec 18, 2023