#16
|
|||
|
|||
Olly v2 allows debbuggin child proceses.. dunno if it help in your case though
bunion |
#17
|
|||
|
|||
I hope you checked out codeproject as well. There is some great info (with sources of course) on api hooking. You'd need some adaptation for windows 7 and you would need to disable the antivirus as well. Some av's can catch api hooking.
|
#18
|
||||
|
||||
use windbg, set ".childdbg 1"
__________________
AKA Solomon/blowfish. |
#19
|
|||
|
|||
You could try putting a breakpoint somewhere on the internals of OpenMutexA (for the child) and CreateMutexA for the father.
Also some tool you might like: http://www.mediafire.com/?p8xf39q81ppzx5n (source included) Greetings |
The Following 4 Users Gave Reputation+1 to mr.exodia For This Useful Post: | ||
#20
|
|||
|
|||
A few days have passed, I am eager to know if my suggestion help you, how about the result? Does the breakpoint get hit if we follow the steps above? -_-
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Program to view what another Program is doing when it is run? | sojourner353 | General Discussion | 19 | 07-07-2012 00:17 |