Process and Job Objects

Just like we mentioned in The Main Thread Problem, some questions do not have direct answer just because they are invalid by definition. Today, the invalid question would be: How do I kill a process tree in Windows? Unfortunately, the question is invalid, since Windows by design doesn’t keep a tree of process creation relationship….

0

CRT Startup

In my previous blog Early Debugging, we’ve demonstrated how early can you get using a user mode debugger. Normally we don’t want to be such early, there are some other places we would want to start with: OEP (Original Entry Point) of the EXE module. WinDBG has a predefined Pseudo-Register called $exentry which makes it a lot…

0