Kernel Monitor

c++ / delphi package - dll injection and api hooking
Post Reply
JohnStevenson
Posts: 27
Joined: Mon Jun 14, 2004 12:45 pm

Kernel Monitor

Post by JohnStevenson »

Hi Madshi

You gave me a link to your Kernel Monitor a while back, to help debug an uninjection problem with Zone Alarm.

This has subsequently proved to be an excellent tool for developing with madCodeHook.

However, one minor point: The first column lists the process exe names, but always in long filename format, even if the process has been started using the short filename.

This caught me out when I was filtering for a certain email application that starts using the long filename and displays a "Select Profile" form, then calls the short filename (presumably with a different command line) to run the main application!

Unusual, but worth bearing in mind.

Thanks for all your hard work.
Top
madshi
Site Admin
Posts: 10764
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

Normally most people want to see the long file name when enumerating running processes. Of course it would be possible to also show the command line of each process. It's just that the kernel monitor was written mainly as a demo to demonstrate what madKernel can do. So I didn't put too many features in it... :wink:
Top
Post Reply

Return to “madCodeHook”