ULONG GetProcessID(IN UNICODE_STRING ProcessName) { NTSTATUS NtStatus=STATUS_SEVERITY_SUCCESS; ULONG SystemInformationLength=0; PULONG SystemInformationBuffer=NULL; PSYSTEM_PROCESSES SystemProcessPointer=NULL; ULONG Value=0; ZwQuerySystemInformation(SystemProcessesAndThreadsInformation,NULL,0,&SystemInformationLength); SystemInformationBuffer=ExAllocatePool(PagedPool,SystemInformationLength); if (SystemInformationBuffer==NULL) { return NtStatus; } NtStatus=ZwQuerySystemInformation ( SystemProcessesAndThreadsInformation, SystemInformationBuffer, SystemInformationLength, NULL ); if (!NT_SUCCESS(NtStatus)) { ExFreePool(SystemInformationBuffer); return NtStatus; } SystemProcessPointer=(PSYSTEM_PROCESSES)SystemInformationBuffer; while(SystemProcessPointer->NextEntryDelta!=0) { if(RtlCompareUnicodeString(&ProcessName,&SystemProcessPointer->ProcessName,TRUE)==0) { Value=SystemProcessPointer->ProcessId; } SystemProcessPointer=(PSYSTEM_PROCESSES) (((PCHAR)SystemProcessPointer)+SystemProcessPointer->NextEntryDelta); } ExFreePool(SystemInformationBuffer); return Value; }