Is it possible to hook and modify the return values of x86 assembly instructions like: RDTSC and CPUID?

There is an example here that works for me on Linux/GNU platforms: http://www.agner.org/optimize/?e=0#testp

There are instructions for compiling with various Windows compilers, but I haven't tested any.

Regards,

Dave

Thanks for your reply! I think i m not able to properly communicate my problem...Actually i want to know is there any method by which i can intercept assembly language instructions just as i can hook windows api calls and then i can modify their return values. Similarly if i want to return a modified vendorstring in result of CPUID instruction instead of the actual one, is it possible to do such thing?

My blackhat friends tell me that anything is possible. They respected my request that they not tell me how.

Sorry.

Regards,

Dave

Yeah from the same BH guys work, i precieve that if there is present a hypervisor/VMM that emulates CPU than it can intercept and play with these instructions....I am just wondering in the absence of virtualization, when interacting with real CPU, is it somehow possible implementing such interception mechanism? Thanks for your time!

Well yes , RDTSC and CPUID are allowed to execute in Ring 3 programs, So feel free to mess with it