Hello,

just a qustion about two book examples crossed my way in the net,

http://www.amazon.de/Windows%C2%AE-Internals-Fifth-PRO-Developer-Russinovich/dp/0735625301/ref=pd_sim_b_21

http://www.amazon.de/Windows%C2%AE-Fifth-PRO-Developer-Jeffrey-Richter/dp/0735624240/ref=pd_cp_eb_1


After reading the standart ida pro lecture and kris kasperskys books(im still knowing nothing...) i wanna get a better understanding of dll usage in windows environment and why things are used, so when im tracing or stuff i can distinguish between important and unimportant stuff, maybe you can give me a good book tip or something, helped you on your way.

Thank you for reading and sorry for my bed english, i tried best but this everything i can produce.

Hi

If your goal is to "distinguish between important and unimportant stuff" while tracing, there's no substitute for experience. No book will teach you that, even though the information in the books is important to learn as well.

I might suggest you code your own basic skeleton PE (dll/exe), or find an example on the net, and disassemble/trace it. You will then learn what a simple PE file that does "nothing" looks like. Learn to recognize standard constructs (i.e. message queues, window creation, etc.), so they'll become familiar in larger files.

You should read Iczelion's Win32 Assembly and PE tutorials. Study the programming structure lessons closely and disassemble/trace some of the compiled examples. This is one of the best resources around.

http://win32assembly.online.fr/tutorials.html

Good luck,
Kayaker