Talking about ordinary executable files, the main stages of creating and executing a process (usually with the Windows
CreateProcess function) can be summarized as follows:
- Validate parameters; convert Windows subsystem flags and options to their native counterparts; parse, validate and convert the attributes list to its native counterpart.
- Open the image file (.EXE) to be executed inside the process.
- Create the Windows executive process object.
- Create the intial thread (stack, context, and Windows executive thread object).
- Perform post-creation, Windows-subsystem-specific process initialization.
- Start execution of the intial thread (unless the CREATE_SUSPENDED flag was specified).
- In the context of the new process and thread, complete the initialization of the address space (such as load required DLLs) and begin execution of the program
If you want to know more about processes, threads and jobs internals (as well as many other Windows internals topics), I suggest you to buy a copy of the book "Windows Internals, 5th Edition", by Mark Russinovich (http://blogs.technet.com/b/markrussinovich/):
you can read more about this book at the following web address
http://www.microsoft.com/learning/en/us/Book.aspx?ID=12069&locale=en-us
You can download the full Chapter 5 ("Processes, Threads and Jobs") from the following web address
http://download.sysinternals.com/Files/WindowsInternals-Ch05.pdf
Talking about managed executable files, the steps are less in number: read the document at the following web address
http://msdn.microsoft.com/en-us/library/k5532s8a(v=VS.100).aspx
Bye.
Luigi Bruno - Microsoft Community Contributor 2011 Award
