I have the following function to get a list of all runing processes and other info, as posted in two other places in the section, one of the most irritating things about it is that GetModuleBaseName does not get the correct name for all the processes, e.g. ALG.exe and CSRSS.exe, two common windows processes aren't in the list where they are in taskmanager.
Code:
int getProcesses() {
HMODULE hModule;
char szProcessName[MAX_PATH] = {0};
DWORD dwProcesses[1024], cbNeeded, cProcesses;
unsigned int i;
char PIDbuf[10];
char buf[50];
if (!EnumProcesses(dwProcesses, sizeof(dwProcesses), &cbNeeded))
return -1;
cProcesses = cbNeeded / sizeof(DWORD);
for (i = 0; i < cProcesses; i++)
if(dwProcesses[i] != 0)
{
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION |
PROCESS_VM_READ, FALSE, dwProcesses[i]);
if (NULL != hProcess)
{
strcpy(szProcessName, "System");
if (EnumProcessModules(hProcess, &hModule, sizeof(hModule),
&cbNeeded))
{
GetModuleBaseName(hProcess, hModule, szProcessName,
sizeof(szProcessName)/sizeof(CHAR));
}
}
sprintf(PIDbuf, "%d", dwProcesses[i]);
InsertRow(GetDlgItem(hwndMain, ID_LISTVIEW), szProcessName,PIDbuf,
GetProcessMemoryWSS(hProcess, buf), GetProcessMemoryPWSS(hProcess, buf),
GetProcessPriority(hProcess),
GetUserInfo(dwProcesses[i], hProcess));
CloseHandle(hProcess);
}
return cProcesses;
}
As you can see in the attachment the process with a PID of 3600 is ment to be ALG.exe not nmsrvc.exe. Also where this happens the memory usage and briotity class are blank. I was thinking of checking whether GetProcessMemoryWSS fails (returns "") if it has, get PID -> open handle -> get name and replace it with szProcessName. However I don't know of any functions to do this. I don't want to use PdhEnumObjectItems as that caches and I don't fancy using Snapshots either. Is there any way this can be acheived?