2.2.2.15.1 TS_SYS_PROCESS_INFORMATION
The TS_SYS_PROCESS_INFORMATION structure contains information about a process running on a system.
-
typedef struct _TS_SYS_PROCESS_INFORMATION { ULONG NextEntryOffset; ULONG NumberOfThreads; LARGE_INTEGER SpareLi1; LARGE_INTEGER SpareLi2; LARGE_INTEGER SpareLi3; LARGE_INTEGER CreateTime; LARGE_INTEGER UserTime; LARGE_INTEGER KernelTime; TS_UNICODE_STRING ImageName; LONG BasePriority; DWORD UniqueProcessId; DWORD InheritedFromUniqueProcessId; ULONG HandleCount; ULONG SessionId; ULONG SpareUl3; SIZE_T PeakVirtualSize; SIZE_T VirtualSize; ULONG PageFaultCount; ULONG PeakWorkingSetSize; ULONG WorkingSetSize; SIZE_T QuotaPeakPagedPoolUsage; SIZE_T QuotaPagedPoolUsage; SIZE_T QuotaPeakNonPagedPoolUsage; SIZE_T QuotaNonPagedPoolUsage; SIZE_T PagefileUsage; SIZE_T PeakPagefileUsage; SIZE_T PrivatePageCount; } TS_SYS_PROCESS_INFORMATION, *PTS_SYS_PROCESS_INFORMATION;
NextEntryOffset: Offset to the start of data for the next process.
NumberOfThreads: Number of threads in the process.
SpareLi1: Reserved.
SpareLi2: Reserved.
SpareLi3: Reserved.
CreateTime: Creation time of the process. Time is measured as the number of 100-nanosecond intervals since January 1, 1601 (UTC).
UserTime: Amount of time in milliseconds the process has spent running in user mode.
KernelTime: Amount of time in milliseconds the process has spent running in kernel mode.
ImageName: String containing the process's image name.
BasePriority: Base priority of the process.
UniqueProcessId: Process's unique process ID.
InheritedFromUniqueProcessId: Parent process's unique process ID.
HandleCount: Current number of handles open in the process.
SessionId: Session identifier of the process session.
SpareUl3: Reserved.
PeakVirtualSize: Peak size of virtual memory, in bytes, used by the process.
VirtualSize: Current size of virtual memory, in bytes, used by the process.
PageFaultCount: Number of page faults in the process.
PeakWorkingSetSize: Peak size of the working set in kilobytes of the process.
WorkingSetSize: Current size, in bytes, of the working set of the process.
QuotaPeakPagedPoolUsage: Peak quota charged to the process for paged pool usage.
QuotaPagedPoolUsage: Current quota charged to the process for paged pool usage.
QuotaPeakNonPagedPoolUsage: Peak quota charged to the process for nonpaged pool usage.
QuotaNonPagedPoolUsage: Current quota charged to the process for nonpaged pool usage.
PagefileUsage: Amount of bytes of page file storage in use by the process.
PeakPagefileUsage: Peak amount of bytes of page file storage in use by the process.
PrivatePageCount: Current number of memory pages allocated by the process.