PSCREATEPROCESSNOTIFYTYPE - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
// ntddk.h

typedef enum _PSCREATEPROCESSNOTIFYTYPE {
  PsCreateProcessNotifySubsystems
} PSCREATEPROCESSNOTIFYTYPE;
View the official Windows Driver Kit DDI reference

NtDoc

No description available.

Edit description on GitHub

Windows Driver Kit DDI reference (ne-ntddk-_pscreateprocessnotifytype)

_PSCREATEPROCESSNOTIFYTYPE enumeration

Description

Indicates the type of process notification. This enumeration is used in PsSetCreateProcessNotifyRoutineEx2 to register callback notifications.

Constants

PsCreateProcessNotifySubsystems

Indicates that the driver-registered callback is invoked for processes of all subsystems, including the Win32 subsystem. Drivers can call NtQueryInformationProcess to determine the underlying subsystem. The query retrieves a SUBSYSTEM_INFORMATION_TYPE value.

See also

NtQueryInformationProcess

PsSetCreateProcessNotifyRoutineEx2

SUBSYSTEM_INFORMATION_TYPE

View the official Windows Driver Kit DDI reference

Edit description on GitHub