Printable View
Does such a program exist that allows the viewing of other programs as they boot? For example if i wanted to see the processes of a program as it loads, would it be possible load a seperate program to view the other program as it loads in the operating enviroment? I hope this makes sense to some people, since I'm curious to see how Windows handles software processes in real time...
Sounds like what you need is a debugger.
http://www.nuvisionmiami.com/books/asm/debug/
It may be of limited use, though, because debuggers are primarily aimed
at those who are writing their own software. When you compile a program
the compiler includes, by default, all sorts of useful information to aid the debugger
in analyzing the running of the program. But, when the software is released commercially,
these debugging symbols are stripped out to reduce the size of the executable (and
to keep people from reverse engineering the software).
:cool:
In Windows it is apparantly possible to hook into the API, and thus redirect these API calls to your own functions. Thus, the CreateProcess API could be redirected to your own routine, which then logs some information and calls the System CreateProcess API to continue the processing of this process.
But how this should be done? I don't have a clue. All I know is that on Windows, this could be done by an extremely experienced Kernel developer.
Have a look at the tools from Sysinternals..
http://www.sysinternals.com/Processe...Utilities.html