ExeSpy95 & ExeSpy3x
|
|
ExeSpy95 & ExeSpy3x |
||
|
|
|||
|
|
|||
This online help is not done yet. We will post the finished help on our web site when it is ready
.
TBD
After you install the program, you should restart the Windows, this enables that Windows loads the new drivers.
If it is the first time you run ExeSpy95/ExeSpy3x, you did not setup registration before, you are running the try & buy edition, or you click 'Reload Registration' menu, you will see this dialogbox:
Enter the drive letter in the entry field (default to 'A') to tell ExeSpy3x/ExeSpy95 where to load your identification file. If you are running try & buy edition, simply click on <Cancel> to continue to try the program. If you like the program, you may register the program online through CompuServe or you may contact the resellers (for example, ZAC Catalogs) to order the product. If you register the program on line, you will receive your identification file (EXE3XUR.DAT for ExeSpy3x or EXE95UR.DAT for ExeSpy95) shortly. Run the program, click on "Reload Registration" menu to load the identification file to enable all features that ExeSpy3x/ExeSpy95 provides. If you purchase ExeSpy3x/ExeSpy95 from the resellers, please complete the registration to receive your personalized identification file.
If you see one of the following dialogboxes, you are running the trial edition or the unregistered copy or ExeSpy95/ExeSpy3x can not locate your identification file, EXE95UR.DAT for ExeSpy95 and EXE3XUR.DAT for ExeSpy3x, or the identification file is corrupted. Please do not modify the identification file or you will corrupt the file and ExeSpy95/ExeSpy3x will consider that you are an unregistered user and disable some important features. If you accidentally delete the file, you can copy the file, EXE95UR.DAT or EXE3XUR.DAT, from the shipping disk to the directory where ExeSpy95/ExeSpy3x is installed.
If you see this dialogbox, you are running the trial edition. By clicking on OK, you can continue to start the program. Since this is a limited edition, some hooks are disabled and some featured are disabled also. Do not modify or delete the identification file. If you do so, ExeSpy95/ExeSpy3x will consider you are not a registered user, prompt you this dialogbox, and disable many useful features.
If you purchase ExeSpy95 or ExeSpy3x from the resellers, you will see this dialogbox every time you run the program until you complete the registration and load your personalized identification file.
Write down the serial number shown in the dialogbox, C95-4000001-PRU in this example. Within the package you received, there is a registration form. Please complete and send/fax back the form. Please do fill in your email address. You will receive a new identification file, EXE95UR.DAT/EXE3XUR.DAT, via email shortly after we verify the serial number and record your registration. When you receive the final identification file, simply replace the one on your system with it. Once you complete the registration, you should not see this message anymore.
Keep the identification file in a safe place. You need it when you reinstall the program. If you do not complete the registration, the program will expire after a period of time.
Please be aware that each shipped copy does possess a unique serial number that can be traced back its distributor.
If there is a conflict, for example, the serial number already registered by someone else, we will need to ask you provide us with the proof of purchase (the invoice you received from whom you purchase the program from).
If you are running the shipped version or the registered version, you can enable the hooks on the APIs you are interested in and disable all other hooks. Use left mouse button to turn on or turn off the hook. When you exit the program, the setting will be stored in \WIN95\ExeSpy95.INI or \WIN31\ExeSpy3x.INI.
If you are running the trial edition, you will not be able to operate on this screen and the spy randomly enable/disable the hooks when you start the program. When you try to click on right mouse button, ExeSpy95/ExeSpy3x will prompt a message saying that this feature is disabled.
A font selection dialogbox is provided that you can change the font used to display the log on the screen and the report. By default, the spy uses Arial, 7point font.
A standard printer setup dialogbox is available that you can select the desired printer and setup its settings.
Log screen has two modes which are controlled by the horizontal scroll bar. For the first mode, you may see a log screen like this:
It displays these fields:
OS: it indicates if the call is a 16bit call or a 32bit call.
RESULT: it shows the return value of the API called.
FUNCTION CALLED: it shows the name of the API called
CALLER: it tells you the name and the ID of the process/task that issues the call.
PARAMETERS: It lists the parameters passed in the call.
If you click and set horizontal scroll bar to 1, you will see this log screen:
The first four fields are the same. The last one displays the extended information of the parameters. For example, if the parameter is string type, it shows its contents (it shows only the first 40bytes).
You can click on 'Save' to save the log (displayed in log screen) to file. ExeSpy95/ExeSpy3x will display standard Windows 'SaveAs' dialog:
Select target directory, enter log filename, and click 'Save' button to save the log to file.
TBD
TBD
If you encounter any problem or discover any bug, please report to us via
You can email your report or question to one of these two addresses:
71670.176@compuserve.com or info@spywindows.com
(847) 969 1512
The order hotline is provided mainly for taking order. Though your report or question will be forwarded to technical staffs, it may be delayed.
FuncHook enables programmers to setup SYSTEM-WIDE hooks to monitor 32bit APIs or 16bit APIs on Windows 3.x (the 16bit version of Microsoft Windows) or Windows 95. Based on this advanced technology, we have developed several SPYs and MONITORs that focus on different needs. For example, ExeSpy95/ExeSpy3x that monitors program execution, ResSpy that monitors resource access, ComSpy95/ComSpy3x that monitors COM/WinSock activities, MemMonitor95 STD/PRO that keeps track on memory usage and possibly help to detect memory leaking, ODBCSpy95 that let you monitor all ODBC drivers at the same time, SetupMonitor95 that keeps an eye on what installer has done to your system, etc.. You can download the trial version of all SPYs or MONITORs from www.spywindows.com.
With FuncHook SDK, you can write your own spy or monitor that monitor Windows native APIs or APIs in third party DLLs. You can find the sample that demonstrates monitoring the CreateProcess and TerminateProcess calls, on www.spywindows.com.
There are other SPYs and MONITORs available. Please visit
www.spywindows.com for up-to-date information and order information.You may directly order from us or order from the resellers. Contact
info@spywindows.com for reseller information.