getting current process name

Hi

I’m trying to get the name (e.g. “filename.exe”) of the current process
from within a device driver. I’ve looked in MSDN and the DDK docs but only
managed to
find references to PsGetCurrentProcessId, which returns only a PID, and some
examples
which enumerate currently active process names, but are intended for
user-mode code.

One function mentioned in the DDK, PsGetCurrentProcess, returns a PEPROCESS.
Does
anyone know any more about this? Can I use it further to obtain more
information about
the process?

many thanks
Duncan


Duncan Sellars - Systems Programmer
mail: xxxxx@reflex-magnetics.com
“We want a few mad people now. See where the sane ones have landed us!” -
George B. Shaw

The “FileMon” sample from http: provides some
insight into this.

Good luck,

Thomas F. Divine

PCAUSA - Toolkits & Resources For Network Software Developers
NDIS Protocol - TDI Client - Windows 95 Redirector
http:

----- Original Message -----
From: Duncan Sellars
To: NT Developers Interest List
Sent: Wednesday, May 31, 2000 8:40 AM
Subject: [ntdev] getting current process name

> Hi
>
> I’m trying to get the name (e.g. “filename.exe”) of the current process
> from within a device driver. I’ve looked in MSDN and the DDK docs but only
> managed to
> find references to PsGetCurrentProcessId, which returns only a PID, and
some
> examples
> which enumerate currently active process names, but are intended for
> user-mode code.
>
> One function mentioned in the DDK, PsGetCurrentProcess, returns a
PEPROCESS.
> Does
> anyone know any more about this? Can I use it further to obtain more
> information about
> the process?
>
> many thanks
> Duncan
>
> –
> Duncan Sellars - Systems Programmer
> mail: xxxxx@reflex-magnetics.com
> “We want a few mad people now. See where the sane ones have landed us!” -
> George B. Shaw
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@pcausa.com
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)
></http:></http:>