- Generated by
1.8.13
|
Bitdefender Hypervisor Memory Introspection
|
Event structure for process creation/termination. More...
#include <intro_types.h>
Data Fields | |
| BOOLEAN | Created |
| True if the process was created, False if it was terminated. More... | |
| BOOLEAN | Protected |
| True if the process is protected. More... | |
| BOOLEAN | Crashed |
| True if the process crashed. More... | |
| BOOLEAN | Reserved |
| DWORD | ExitStatus |
| The exit code of the process. More... | |
| INTRO_PROCESS | CurrentProcess |
| The currently active process. More... | |
| INTRO_PROCESS | Child |
| The process that is being created or terminated. More... | |
| INTRO_PROCESS | Parent |
| The parent of the process. More... | |
Event structure for process creation/termination.
This is an informational event, not an alert.
Definition at line 1910 of file intro_types.h.
| INTRO_PROCESS _EVENT_PROCESS_EVENT::Child |
The process that is being created or terminated.
Definition at line 1933 of file intro_types.h.
Referenced by IntLixTaskSendTaskEvent(), and IntWinProcSendProcessEvent().
| BOOLEAN _EVENT_PROCESS_EVENT::Crashed |
True if the process crashed.
This field is valid only if Created is False. This information is available only on 64-bit Windows versions newer than 10586.
Definition at line 1921 of file intro_types.h.
Referenced by IntLixTaskSendTaskEvent(), and IntWinProcSendProcessEvent().
| BOOLEAN _EVENT_PROCESS_EVENT::Created |
True if the process was created, False if it was terminated.
Definition at line 1913 of file intro_types.h.
Referenced by IntLixTaskSendTaskEvent(), and IntWinProcSendProcessEvent().
| INTRO_PROCESS _EVENT_PROCESS_EVENT::CurrentProcess |
The currently active process.
Definition at line 1930 of file intro_types.h.
Referenced by IntLixTaskSendTaskEvent(), and IntWinProcSendProcessEvent().
| DWORD _EVENT_PROCESS_EVENT::ExitStatus |
The exit code of the process.
This field is valid only if Created is False.
Definition at line 1927 of file intro_types.h.
Referenced by IntLixTaskSendTaskEvent(), and IntWinProcSendProcessEvent().
| INTRO_PROCESS _EVENT_PROCESS_EVENT::Parent |
The parent of the process.
Definition at line 1935 of file intro_types.h.
Referenced by IntLixTaskSendTaskEvent(), and IntWinProcSendProcessEvent().
| BOOLEAN _EVENT_PROCESS_EVENT::Protected |
True if the process is protected.
Definition at line 1915 of file intro_types.h.
Referenced by IntLixTaskSendTaskEvent(), and IntWinProcSendProcessEvent().
| BOOLEAN _EVENT_PROCESS_EVENT::Reserved |
Definition at line 1922 of file intro_types.h.
1.8.13