none
How to use PsGetCurrentProcess in C# RRS feed

  • Question

  • I was trying to rewrite following code in C#, for that i need pinvoke definitions of functions used in code
    void HideProcess( char* input )
    {
    	PEPROCESS PeProcess = NULL; 
    	PLIST_ENTRY	pNextEntry, pListHead; 
    	PLIST_ENTRY BeforeProcess,Process,AfterProcess;
    	PeProcess = PsGetCurrentProcess(); 
    	if(!PeProcess) 
    		return;
    	if( IsListEmpty( &PeProcess->ActiveProcessLinks ) )
    		return;
    	else
    	{
    		pListHead = &PeProcess->ActiveProcessLinks;
    		pNextEntry = pListHead->Flink;
    
    		while(pNextEntry != pListHead) 
    		{
    			PeProcess = CONTAINING_RECORD( pNextEntry,EPROCESS,ActiveProcessLinks );
    			if(PeProcess->ActiveThreads)
    			{
    				if( !IsListEmpty( &PeProcess->ThreadListHead ) )
    				{
    					if( _strnicmp( PeProcess->ImageFileName, input ,strlen(input) ) == 0 )
    					{
    						Process = pNextEntry;
    						BeforeProcess = pNextEntry->Blink;
    						AfterProcess = pNextEntry->Flink;
    						BeforeProcess->Flink = Process->Flink;
    						AfterProcess->Blink = Process->Blink;
    						return;
    					}
    				}		
    			}
    			PeProcess = NULL;
    			pNextEntry = pNextEntry->Flink;
    		}
    	}
    	return;
    }
    
    
    
    These functions and structures are part of windows ddk. I'm unable to find declaration of functions.

    Guramrit Singh
    Wednesday, October 5, 2011 7:22 AM

Answers