|
-
July 22nd, 2005, 09:03 PM
#1
Junior Member
Program loading "peeker"
Does such a program exist that allows the viewing of other programs as they boot? For example if i wanted to see the processes of a program as it loads, would it be possible load a seperate program to view the other program as it loads in the operating enviroment? I hope this makes sense to some people, since I'm curious to see how Windows handles software processes in real time...
In silence man can most readily preserve his integrity
-
July 23rd, 2005, 03:19 PM
#2
Sounds like what you need is a debugger.
http://www.nuvisionmiami.com/books/asm/debug/
It may be of limited use, though, because debuggers are primarily aimed
at those who are writing their own software. When you compile a program
the compiler includes, by default, all sorts of useful information to aid the debugger
in analyzing the running of the program. But, when the software is released commercially,
these debugging symbols are stripped out to reduce the size of the executable (and
to keep people from reverse engineering the software).
I came in to the world with nothing. I still have most of it.
-
July 25th, 2005, 01:43 PM
#3
In Windows it is apparantly possible to hook into the API, and thus redirect these API calls to your own functions. Thus, the CreateProcess API could be redirected to your own routine, which then logs some information and calls the System CreateProcess API to continue the processing of this process.
But how this should be done? I don't have a clue. All I know is that on Windows, this could be done by an extremely experienced Kernel developer.
-
July 25th, 2005, 01:47 PM
#4
Oliver's Law:
Experience is something you don't get until just after you need it.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
