> [shrip] Is there any way of monitoring which processes are > loading which > dlls at realtime?? Since you mention dll's I'm assuming MS Windows. For WinNT/2000/XP, one way is to write a file system filter driver that sits on top of the file system driver your interested in (eg. ntfs.sys). Your filter driver would then intercept all create requests and you'd need to specifically look for the ".dll" extension. You could then allow the request to proceed to the file system or you could deny the request or whatever. Check out Rajeev Nagar's book, I think it's called "NT File System Internals". It has an excellent filter driver example which you can augment. (Although written for NT, the filter driver also works on Win2000). There's another book for 95 called "Inside the Windows 95 File System" by Stan Mitchell which would also be helpful. good luck, Marc
This archive was generated by hypermail 2b30 : Tue Jan 08 2002 - 12:12:33 PST