I am trying to create a program that performs a specific action (let's say, printing a time stamp) whenever a specified process experiences a context switch (either in or out). My research has pointed me towards the possibility of Windows kernel hooking being the best way to do this. Further research revealed that there is a kernel function called nt!SwapContext which is called every time there is a context switch. Unfortunately, I'm completely new to Windows hooking and have little idea of where to start with this (nor am I sure that my proposed way is accurate). Can anyone help me out?
0 Replies - 940 Views - Last Post: 10 November 2012 - 11:21 AM
Page 1 of 1