bed time c:

driver/callbacks.c

@@ -82,8 +82,6 @@ OB_PREOP_CALLBACK_STATUS ObPreOpCallbackRoutine(
 			report->thread_id = PsGetCurrentThreadId();
 			RtlCopyMemory( report->process_name, process_creator_name, HANDLE_REPORT_PROCESS_NAME_MAX_LENGTH );
 
-			DEBUG_LOG( "Process ID: %lx", report->process_id );
-
 			InsertReportToQueue( report );
 		}
 	}

server/Message.cs

@@ -70,9 +70,9 @@ namespace server
         {
             _logger.Information("Report id: {0}", reportId);
 
-            var openHandleFailure = Helper.BytesToStructure<Types.Reports.OPEN_HANDLE_FAILURE_REPORT>(ref _buffer);
+            var openHandleFailure = Helper.BytesToStructure<Types.Reports.OPEN_HANDLE_FAILURE_REPORT>(ref _buffer, sizeof(int));
 
-            _logger.Information("Report code: {0}, ProcessID: {1:x}, ThreadId: {2:x}, DesiredAccess{3:x}",
+            _logger.Information("Report code: {0}, Process Name: {4} ProcessID: {1:x}, ThreadId: {2:x}, DesiredAccess{3:x}",
                 openHandleFailure.ReportCode,
                 openHandleFailure.ProcessId,
                 openHandleFailure.ThreadId,

service/Message.cs

@@ -27,7 +27,7 @@ namespace service
 
         public T GetPacketHeader<T>(ref byte[] buffer)
         {
-            return Helper.BytesToStructure<T>(ref buffer);
+            return Helper.BytesToStructure<T>(ref buffer, 0);
         }
     }
 }

service/helper.cs

@@ -12,14 +12,14 @@ namespace service
 {
     public class Helper
     {
-        unsafe public static T BytesToStructure<T>(ref byte[] buffer)
+        unsafe public static T BytesToStructure<T>(ref byte[] buffer, int offset)
         {
             int typeSize = Marshal.SizeOf(typeof(T));
             IntPtr ptr = Marshal.AllocHGlobal(typeSize);
 
             try
             {
-                Marshal.Copy(buffer, 0, ptr, typeSize);
+                Marshal.Copy(buffer, offset, ptr, typeSize);
                 return (T)Marshal.PtrToStructure(ptr, typeof(T));
             }
             finally