In Windows, I can use the C++ interface IWbemObjectSink to monitor the launch of a process. I can know a target process is launched in the virtual function Indicate(...), and I suspend the target process immediately when it is launched. But I find the target process has executed something before it is suspended.
How can I suspend the target process before it executes its main()?
Thanks a lot!
I expect a good way to suspend the target process before it executes its main().