Enumerating processes in the Windows system

Compiler: Visual C++ Express Edition 2005

Compiled on Platform: Windows Xp Pro SP2

Target platform: none, just for learning and fun

Header file: Standard and Windows

Additional library: Windows Platform SDK

Additional project setting: Set project to be compiled as C

Project -> your_project_name Properties -> Configuration Properties -> C/C++ -> Advanced -> Compiled As: Compiled as C Code (/TC)

Other info: non-CLR or unmanaged. Need to add psapi.lib (psapi.dll) to the project. Click the Project menu->Select the your_project_name Properties... sub menu->Expand the Configuration Properties folder on the left pane->Expand the Linker subfolder->Select the Input subfolder->Select the Additional Dependencies field on the right pane->Click the ... at the end of the field->Type in 'psapi.lib' in the empty pane->Click the OK button->Click the OK button second time to close the project Properties dialog.

To do: Enumerating the Windows processes

To show: More on various Windows thread and process C functions

// Need to link to psapi.lib.

#include <windows.h>

#include <stdio.h>

#include <tchar.h>

#include <psapi.h>

void PrintProcessNameAndID( DWORD processID )

{

// Initialize or default to "unknown"

// LPWSTR szProcessName = L"<unknown>";

TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>");

// Get a handle to the process.

HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, processID);

// Get the process name.

if (NULL != hProcess)

{

HMODULE hMod;

DWORD cbNeeded;

if (EnumProcessModules( hProcess, &hMod, sizeof(hMod), &cbNeeded))

{

GetModuleBaseName(hProcess, hMod, szProcessName, sizeof(szProcessName)/sizeof(TCHAR));

}

}

// Print the process name and identifier.

_tprintf(TEXT("%-30s %5u "), szProcessName, processID);

if(CloseHandle(hProcess) != 0)

printf("Process\'s handle closed successfully.\n");

}

void main(void)

{

// Get the list of process identifiers.

DWORD aProcesses[1024], cbNeeded, cProcesses;

unsigned int i;

if (!EnumProcesses(aProcesses, sizeof(aProcesses), &cbNeeded))

return;

// Calculate how many process identifiers were returned.

cProcesses = cbNeeded / sizeof(DWORD);

// Print the name and process identifier for each process.

printf("Process Name Process ID\n");

printf("=========== ==========\n");

for (i = 0; i < cProcesses; i++)

PrintProcessNameAndID( aProcesses[i]);

}

Output example:

Process Name Process ID

=========== ==========

<unknown> 0 <unknown> 4 Process's handle closed successfully.

smss.exe 344 Process's handle closed successfully.

csrss.exe 392 Process's handle closed successfully.

winlogon.exe 420 Process's handle closed successfully.

services.exe 464 Process's handle closed successfully.

lsass.exe 476 Process's handle closed successfully.

svchost.exe 636 Process's handle closed successfully.

svchost.exe 684 Process's handle closed successfully.

svchost.exe 724 Process's handle closed successfully.

svchost.exe 780 Process's handle closed successfully.

svchost.exe 808 Process's handle closed successfully.

spoolsv.exe 952 Process's handle closed successfully.

inetinfo.exe 1084 Process's handle closed successfully.

mdm.exe 1108 Process's handle closed successfully.