При чём тут запуск от имени администратора и окошки?
Я проверил, заменив ресурс у Process Monitor'а посредством Resource Hacker'а:
читать дальше »
Код:
C:\Program Files\Sysinternals.com\Sysinternals Suite>sigcheck.exe Procmon.exe
Sigcheck v2.01 - File version and signature viewer
Copyright (C) 2004-2013 Mark Russinovich
Sysinternals - www.sysinternals.com
C:\Program Files\Sysinternals.com\Sysinternals Suite\Procmon.exe:
Verified: Signed
Signing date: 01:54 01.06.2013
Publisher: Microsoft Corporation
Description: Process Monitor
Product: Sysinternals Procmon
Prod version: 3.05
File version: 3.05
MachineType: 32-bit
C:\Program Files\Sysinternals.com\Sysinternals Suite>sigcheck.exe Procmon.exe
Sigcheck v2.01 - File version and signature viewer
Copyright (C) 2004-2013 Mark Russinovich
Sysinternals - www.sysinternals.com
C:\Program Files\Sysinternals.com\Sysinternals Suite\Procmon.exe:
Verified: Unsigned
Link date: 18:27 21.05.2013
Publisher: Sysinternals - www.sysinternals.com
Description: Process Monitor
Product: Sysinternals Procmon
Prod version: 3.05
File version: 3.05
MachineType: 32-bit
