Difference between revisions of "Techwiki:Win32k/W32PROCESS"
| Line 16: | Line 16: | ||
/* 0x02C */ DWORD SimpleLock; // Locking Process during access to structure. | /* 0x02C */ DWORD SimpleLock; // Locking Process during access to structure. | ||
/* 0x030 */ RTL_AVL_TABLE rtlAvlTable; // Process AVL Table. | /* 0x030 */ RTL_AVL_TABLE rtlAvlTable; // Process AVL Table. | ||
| − | /* 0x068 */ | + | /* 0x068 */ LIST_ENTRY Unknown1; |
| + | /* 0x070 */ LIST_ENTRY Unknown2; | ||
} W32PROCESS, *PW32PROCESS; | } W32PROCESS, *PW32PROCESS; | ||
Revision as of 16:31, 29 March 2009
W32PROCESS from Windows XP
typedef struct _W32PROCESS
{
/* 0x000 */ PEPROCESS peProcess;
/* 0x004 */ DWORD RefCount;
/* 0x008 */ FLONG W32PF_flags;
/* 0x00C */ DWORD InputIdleEvent;
/* 0x010 */ DWORD StartCursorHideTime;
/* 0x014 */ DWORD NextStart;
/* 0x018 */ PVOID pDCAttrList;
/* 0x01c */ PVOID pBrushAttrList;
/* 0x020 */ DWORD W32Pid;
/* 0x024 */ DWORD GDIHandleCount; // Gdi handle count per process. Ref in NtUserGetGuiResources.
/* 0x028 */ DWORD UserHandleCount; // User handle count per process. " " "
/* 0x02C */ DWORD SimpleLock; // Locking Process during access to structure.
/* 0x030 */ RTL_AVL_TABLE rtlAvlTable; // Process AVL Table.
/* 0x068 */ LIST_ENTRY Unknown1;
/* 0x070 */ LIST_ENTRY Unknown2;
} W32PROCESS, *PW32PROCESS;
W32P Flags:
#define W32PF_CONSOLEAPPLICATION 0x00000001 #define W32PF_FORCEOFFFEEDBACK 0x00000002 #define W32PF_STARTGLASS 0x00000004 #define W32PF_WOW 0x00000008 #define W32PF_READSCREENACCESSGRANTED 0x00000010 #define W32PF_INITIALIZED 0x00000020 #define W32PF_APPSTARTING 0x00000040 #define W32PF_WOW64 0x00000080 #define W32PF_ALLOWFOREGROUNDACTIVATE 0x00000100 #define W32PF_OWNDCCLEANUP 0x00000200 #define W32PF_SHOWSTARTGLASSCALLED 0x00000400 #define W32PF_FORCEBACKGROUNDPRIORITY 0x00000800 #define W32PF_TERMINATED 0x00001000 #define W32PF_CLASSESREGISTERED 0x00002000 #define W32PF_THREADCONNECTED 0x00004000 #define W32PF_PROCESSCONNECTED 0x00008000 #define W32PF_WAKEWOWEXEC 0x00010000 #define W32PF_WAITFORINPUTIDLE 0x00020000 #define W32PF_IOWINSTA 0x00040000 #define W32PF_CONSOLEFOREGROUND 0x00080000 #define W32PF_OLELOADED 0x00100000 #define W32PF_SCREENSAVER 0x00200000 #define W32PF_IDLESCREENSAVER 0x00400000
References
- http://www.woodmann.com/forum/showthread.php?p=72755
- Windows Symbol files, userkdx.dll, !dso
