Enumerating All Processes

The following sample code uses the EnumProcesses function to enumerate the current processes in the system.

#include <windows.h>
#include <stdio.h>
#include <tchar.h>
#include <psapi.h>

// To ensure correct resolution of symbols, add Psapi.lib to TARGETLIBS
// and compile with -DPSAPI_VERSION=1

void PrintProcessNameAndID( DWORD processID )
{
    TCHAR szProcessName[MAX_PATH] = TEXT("<unknown>");

    // Get a handle to the process.

    HANDLE hProcess = OpenProcess( PROCESS_QUERY_INFORMATION |
                                   PROCESS_VM_READ,
                                   FALSE, processID );

    // Get the process name.

    if (NULL != hProcess )
    {
        HMODULE hMod;
        DWORD cbNeeded;

        if ( EnumProcessModules( hProcess, &hMod, sizeof(hMod), 
             &cbNeeded) )
        {
            GetModuleBaseName( hProcess, hMod, szProcessName, 
                               sizeof(szProcessName)/sizeof(TCHAR) );
        }
    }

    // Print the process name and identifier.

    _tprintf( TEXT("%s  (PID: %u)\n"), szProcessName, processID );

    // Release the handle to the process.

    CloseHandle( hProcess );
}

int main( void )
{
    // Get the list of process identifiers.

    DWORD aProcesses[1024], cbNeeded, cProcesses;
    unsigned int i;

    if ( !EnumProcesses( aProcesses, sizeof(aProcesses), &cbNeeded ) )
    {
        return 1;
    }


    // Calculate how many process identifiers were returned.

    cProcesses = cbNeeded / sizeof(DWORD);

    // Print the name and process identifier for each process.

    for ( i = 0; i < cProcesses; i++ )
    {
        if( aProcesses[i] != 0 )
        {
            PrintProcessNameAndID( aProcesses[i] );
        }
    }

    return 0;
}

The main function obtains a list of processes by using the EnumProcesses function. For each process, main calls the PrintProcessNameAndID function, passing it the process identifier. PrintProcessNameAndID in turn calls the OpenProcess function to obtain the process handle. If OpenProcess fails, the output shows the process name as <unknown>. For example, OpenProcess fails for the Idle and CSRSS processes because their access restrictions prevent user-level code from opening them. Next, PrintProcessNameAndID calls the EnumProcessModules function to obtain the module handles. Finally, PrintProcessNameAndID calls the GetModuleBaseName function to obtain the name of the executable file and displays the name along with the process identifier.

 

 

Send comments about this topic to Microsoft

Build date: 2/7/2012

How to enumerate both 32bit and 64bit processes ?

If the process that performs the enumeration is 64bit then only 64bit processes are enumerated. Similarly when the process is 32bit it enumerates only 32bit processes. Did anyone knows how to correctly implement enumaration of all processes on each (32 and 64 bit) platform ?

Fix to the above code

$0Add PSAPI.DLL to the project directory along with the #pragma comment(lib, "Psapi.lib"), worked for me on WIN7 64Bit Core i7, with 64bit Win7$0 $0$0 $0 >This code mayn't work. It needs Psapi.lib. It's not by default added to the linker commandline property. So we need to add it ourself else will get linker error Unr>esolve external symbols........:) $0$0 $0 $0Best way is use #pragma comment(lib, "Psapi.lib") .$0 $0$0 $0 $0Thanks.$0 $0Subrat$0

Linking problems with PSAPI, despite the functions supposedly being moved to Kernel32.DLL

The #pragma comment(lib, "Psapi.lib"), and copy PSAPI.DLL into your project directory, resolved all the linker problems for me. Win7 64Bit, and the DLL I picked up from an old XP backup. PM me for a copy if you need the DLL. $0$0 $0 $0Ck$0

LNK2019

workaround should be found here http://blogs.msdn.com/b/vcblog/archive/2009/08/27/windows-sdk-v7-0-v7-0a-incompatibility-workaround.aspx

from win7 the dll architecture changed for performance reasons, some function are not in psapi but in kernel32. refer to the article for a full explanation.