What is the best way to detect a process crash using C ++?

Question

What is the best way to detect a process crash using C ++?

Is there a way to detect a process crash on Windows 7? Just to clarify, every time a process crashes, Windows generates WERfault.exe (Windows Error Reporting). I have a driver that monitors the system using the existing kernel callback mechanism. A callback notifies my driver when a specific process event occurs (using PsSetCreateProcessNotifyRoutine). The problem is that I can see that WERfault.exe was created by svchost.exe, but I cannot find a way to resolve which process crashed.

+3

c ++ windows-7 winapi windows-kernel

Hen amar Feb 19 13 at 19:52

source to share

2 answers

-> Is there a way to detect a process crash in Windows 7?

Yes, you can use an AdPlus script which can be used from the command line. it can be used with windbg for documentation, i think it might solve your problem. Adplus dumps all your process memory to a file.

+1

user2369171 May 10 '13 at 8:18

source to share

Deanna · Accepted Answer · 2013-02-20T09:13:36+0000

Set up your application as an automatic debugger. This can then dispatch the event to the real WER if you want to provide a normal interface.

What is the best way to detect a process crash using C ++?

More articles: