Get the active process list ?

OSR_Community_User · November 9, 2012, 9:56am

Is there any way to get the process list in kernel mode driver? and if i can get the process PID using the process name, like chrome.exe , thanks

maysam_firozi · November 9, 2012, 9:58am

use *SystemProcessInformation class in **ZwQuerySystemInformation
function *

On Fri, Nov 9, 2012 at 6:58 AM, wrote:

> Is there any way to get the process list in kernel mode driver? and if i
> can get the process PID using the process name, like chrome.exe , thanks
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>

Doron_Holan · November 9, 2012, 11:27am

Making decisions based on process name is highly insecure

d

debt from my phone

From: xxxxx@yahoo.com.cn
Sent: 11/9/2012 6:56 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] Get the active process list ?

Is there any way to get the process list in kernel mode driver? and if i can get the process PID using the process name, like chrome.exe , thanks

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer