UCtrl.rar Process.h

www.pudn.com > UCtrl.rar > Process.h
NTSYSAPI NTSTATUS NTAPI ZwCreateProcess( 
		OUT PHANDLE ProcessHandle, 
		IN ACCESS_MASK DesiredAccess, 
		IN POBJECT_ATTRIBUTES ObjectAttributes, 
		IN HANDLE InheritFromProcessHandle, 
		IN BOOLEAN InheritHandles, 
		IN HANDLE SectionHandle OPTIONAL, 
		IN HANDLE DebugPort OPTIONAL, 
		IN HANDLE ExceptionPort OPTIONAL, 
		IN HANDLE Unknown  
		); 
typedef NTSTATUS (*ZWCREATEPROCESS)( 
		OUT PHANDLE ProcessHandle, 
		IN ACCESS_MASK DesiredAccess, 
		IN POBJECT_ATTRIBUTES ObjectAttributes, 
		IN HANDLE InheritFromProcessHandle, 
		IN BOOLEAN InheritHandles, 
		IN HANDLE SectionHandle OPTIONAL, 
		IN HANDLE DebugPort OPTIONAL, 
		IN HANDLE ExceptionPort OPTIONAL, 
		IN HANDLE Unknown  
		); 
NTSTATUS FakedZwCreateProcess( 
		OUT PHANDLE ProcessHandle, 
		IN ACCESS_MASK DesiredAccess, 
		IN POBJECT_ATTRIBUTES ObjectAttributes, 
		IN HANDLE InheritFromProcessHandle, 
		IN BOOLEAN InheritHandles, 
		IN HANDLE SectionHandle OPTIONAL, 
		IN HANDLE DebugPort OPTIONAL, 
		IN HANDLE ExceptionPort OPTIONAL, 
		IN HANDLE Unknown  
		); 
ZWCREATEPROCESS RealZwCreateProcess; 
int    CreateProcessposition; 
 
 
VOID ProcMoniterOn(); 
VOID ProcMoniterOff();