Hi, all!
How to know the name of DOS task which perfoming file I/O from VxD?
For example, you could run command prompt and then press Ctrl+Alt+Del: you will see ‘MS-DOS Prompt’ string. How to get this string programmatically from VxD?
Filemon shows in this case ‘???’ : its method don’t help here, ring3proc returns -1:
CurProc = (PVOID)VWIN32_GetCurrentProcessHandle();
ring3proc = (PVOID) SelectorMapFlat( Get_Sys_VM_Handle(),
(DWORD) (*(PDWORD) ((char *) CurProc + 0x38)) | 0x7, 0 );
i.e. I have only current process handle and I want to know this process name…
any help will be appreciated
Regards,
Valery A. Boronin,
System Software Engineer, Novosoft
Web: http://www.novosoft-us.com
You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com