> (1) I want to do my stuff before the code (starting from entry point) will run - this means also before
any additional threads will be created
In a case if any DllMain routine of any dependent DLL creates a thread - this is impossible.
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
> What you are trying to do is basically introducing the concepts of jails/zones(i.e. light-weight
process virtualization mechanisms as they are known under respectively FreeBSD and Solaris)
There was a product called Parallels Virtuozzo which was doing something very similar.
I’ve heard that it was constantly broken by Windows Update patches, and the requirement was to always update Virtuozzo first before applying Windows Update.
This is the cost of doing undocumented things.
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
> > (1) I want to do my stuff before the code (starting from entry point)
will run - this means also before
>any additional threads will be createdIn a case if any DllMain routine of any dependent DLL creates a thread -
this is impossible.
small note: This normally doesnt happen and ideally shouldn’t be done.
>>In a case if any DllMain routine of any dependent DLL creates a thread - this is impossible.
small note: This normally doesnt happen and ideally shouldn’t be done.
With normal software - yes.
What about malware?
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com
If you inject your DLL into the process it’s supposed to protect, you already failed.
The guard is supposed to be on the other side of the airtight hatch.