Compartir a través de


CEL_PROCESS_CREATE (Compact 2013)

3/28/2014

This structure identifies a new process that has been created with CreateProcess.

Syntax

typedef struct __CEL_PROCESS_CREATE {
  HANDLE hProcess;
  DWORD dwVMBase;
  WCHAR szName[0];
} CEL_PROCESS_CREATE, *PCEL_PROCESS_CREATE; 

Members

  • hProcess
    Handle of the created process. Corresponds to the hProcess parameter of the PROCESS_INFORMATION structure for CreateProcess.
  • dwVMBase
    Base address for the virtual memory assigned to the new process.
  • szName
    Null-terminated string containing the name of the launched process that is passed to CreateProcess. The length of the name can be inferred from the length given in the event header, CEL_HEADER. If this parameter is NULL, the event occurred due to the OpenProcess call.

Requirements

Header

celog.h

See Also

Reference

CeLog Event Tracking Structures
CEL_HEADER
CEL_EXTRA_PROCESS_INFO
PROCESS_INFORMATION
CreateProcess
OpenProcess