Question
If my product, MyApp.exe, is being debugged by OllyDbg (or any other debugger really), but the exe launches another one (such as MakeSerial.exe); will OllyDbg start debugging the newly-launched exe too? Or does it just trace MyApp.exe only? Thanks.
Solution 2
No, OllyDbg will not automatically debug child processes.
You could however look for the CreateProcess call that launches the child process and edit it's parameter dwCreationFlags in include the flag CREATE_SUSPENDED
(0x00000004). Then you can either detach from the parent process or open a new instance of OllyDbg to attach to the child process and resume/debug it.
OTHER TIPS
Yes, the newest version of OllyDbg has an option to automatically debug child processes.
and with the older ollydbg (version 1.10 ) goto openrce.org and download the
https://stackoverflow.com/questions/21695192
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianModified commandline plugin by anonymouse
hit alt+f1 and type childdbg 1 (log window should show debugging of child window enbaled)
now ollydbg 1.10 will also be able to catch the child process
