I’ve read about KPROCESS in Windows Vista, which is also called PCB, as I understood from my reading in chapter 5, in the “Windows Internals” book, 5th ed. I’m working with Windows 7.
I need to reach my process registers which I thought that I could find them in the PCB, as I found in:
Process control block - Wikipedia, the free encyclopedia
and many other resources.
But when I read the contents of the KPROCESS struct of my process using the WinDbg tool, I didn’t find any registers.
I don’t know if the PCB struct doesn’t resembles the KPROCESS?? or something else??
Thanks in advance.