PsSetCreateProcessNotifyRoutine/PsSetLoadImageNotifyRoutine callback order

kumapoo · 02-18-2011

I am trying to create a process scaning application for my company use.
I've found using PsSetCreateProcessNotifyRoutine/PsSetLoadImageNotifyRoutine callbacks are useful for this purpose. Then, I have a question: Which callback is called first?
I've found the callback of PsSetCreateProcessNotifyRoutine got called first and PsSetLoadImageNotifyRoutine callback was subsquently called for a paticular process.

Can I rely on this finding? The callbacks always behave in this way? MSDN doc says that the callback of PsSetCreateProcessNotifyRoutine gets called after first thread of the process initiates. This does not explain relation ship between other callbacks.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Order of Accounts	Stephan Koenig	Windows Live Mail	5	04-17-2010 07:06 AM
Maintaining Order of Songs Synced from WMP to USB Stick	Johnny Novice	Windows Media Player	1	03-29-2010 11:37 PM
Default playlist order	Rosp	Windows Media Player	2	02-17-2010 09:10 PM
Playlist songs don't stay in order	Martha	Windows Media Player	0	12-14-2009 08:48 PM
Start Menu Resets Back To Alphabetical Order	Sabre24	Windows Vista File Management	10	06-27-2008 05:12 PM