Text only | Text with Images

The MASM Forum Archive 2004 to 2012

General Forums => The Campus => Topic started by: xandaz on July 02, 2010, 10:16:22 PM

Title: How does one gain control over a process that's bout to run?
Post by: xandaz on July 02, 2010, 10:16:22 PM
    Hey guys. How does one gain control over a process or application that is about to run? How do firewalls do it? Are there any specific functions to achieve this?
    Feel free to reply. I looked around in the forum but found nothing. I'm not sure i know what to search for. I hope this isn't one those trust breaking issues that put me on the forum's black list. If it is then ... many sorries.
   Ty and bye :)
Title: Re: How does one gain control over a process that's bout to run?
Post by: drizz on July 02, 2010, 10:59:08 PM
You would write a driver that uses PsSetCreateProcessNotifyRoutine.

Heres an article from microsoft:
http://www.microsoft.com/msj/0199/nerd/nerd0199.aspx
Title: Re: How does one gain control over a process that's bout to run?
Post by: xandaz on July 02, 2010, 11:51:05 PM
    Thanks alot drizz. I'm looking into it.
    Ty and bye :)
Text only | Text with Images