Little explaination so as some dont think im hacking or etc..
Im writing a little process monitoring/access utility program. Ive completed the driver portion with psCreateProcessNotifyRoutine callback and can send the ProcessID,ParentID and MainThread of Process to usermode program.
In the usermode program I am suspending the thread so I can do checks on the exeutable thats starting up. I need to get the fullpathname to do the checks. So my question is, how can I get the fullpathname of the another process given its processid?


packetvb