iea has asked for the wisdom of the Perl Monks concerning the following question:

Hi,

i was wondering if there is any way to check a process BEFORE it starts.
I know how to check if a process started and then kill it but i would like to grep the servicecreate call (<== just an idea) on windows before it comes up.
Is there any way to do that?

thanks in advanced
iea

Replies are listed 'Best First'.
Re: Process Monitor
by Bloodnok (Vicar) on Apr 04, 2009 at 16:35 UTC
    Maybe you'd like to provide a little more background &/or context - as it stands, the question...
    • Is likely to lead to more responses such as that proffered by JavaFan
    • Reads like either a potential design problem or possibly an XY Problem.

    A user level that continues to overstate my experience :-))
[reply]
Re: Process Monitor
by JavaFan (Canon) on Apr 04, 2009 at 16:16 UTC
    i was wondering if there is any way to check a process BEFORE it starts.
    Is that the same as getting a health check before conception? If the process hasn't started, it isn't there. And there's nothing to check.
[reply]
      Well before windows starts the process it calls NtCreateProcess() or NtCreateSection() and so on... i would like to deny some processes before they are able to start theire code.
      It must be possible to tell windows 
      Windows: I want to start this process.
Me : Ok ... but please wait i check name and checksum
Windows: failed to start process
Me: check is ok now i start process xyz
 ||
Me : check failed i won't start process

      [download]

      here my inspiration http://www.codeproject.com/KB/system/soviet_protector.aspx
      thanks for your reply
[reply]
[d/l]
        here my inspiration
        There is your example.
[reply]

Back to Seekers of Perl Wisdom