I need to track to a log when a service or application in Windows

Question

0

Asked: May 25, 20262026-05-25T18:01:43+00:00 2026-05-25T18:01:43+00:00

I need to track to a log when a service or application in Windows

0

I need to track to a log when a service or application in Windows is started, stopped, and whether it exits successfully or with an error code.

I understand that many services do not log their own start and stop times, or if they exit correctly, so it seems the way to go would have to be inserting a hook into the API that will catch when services/applications request a process space and relinquish it.

My question is what function do I need to hook in order to accomplish this, and is it even possible? I need it to work on Windows XP and 7, both 64-bit.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-25T18:01:44+00:00

Editorial Team

2026-05-25T18:01:44+00:00Added an answer on May 25, 2026 at 6:01 pm

I think your best bet is to use a device driver. See PsSetCreateProcessNotifyRoutine.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I need to track to a log when a service or application in Windows

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply