Single interface for enumerating processes and modules under NT and Win9x/2K.

Environment: VC6 SP4, Windows 2000/NT and 95/98/Me

Abstract

Some time ago I developed a system that had to meet a common requirement for supporting Windows 9x as well as NT/2000 family. Everything went smoothly until I had to implement a mechanism for retrieving all currently running processes along with mapped to each process DLLs. Windows 9x/ME and 2000 provide a built-in implementation (i.e. implemented by Kernel32.dll) of Tool Help Library. On the other hand Windows NT uses for the same purpose PSAPI library. I needed a way to allow my application to run and then to detect dynamically which process "helper" is available. Thus the system can determine which the supported library is, and accordingly to use the appropriate APIs.

Solution

I would like to present an object-oriented architecture that implements a simple framework for retrieving processes and modules under NT/2000 and 9x/ME. The design of my classes allows extending the framework according to your specific needs. The implementation itself is pretty straightforward. CTaskManager implements the system's processor. It is responsible for creating an instance of a specific library handler (i.e. CPsapiHandler or CToolhelpHandler) that is able to employ the correct process information provider library (i.e. PSAPI or ToolHelp32 respectively). CTaskManager is in charge of creating and marinating a container object that keeps a list with all currently active processes. After instantiating of the CTaskManager object the application calls Populate() method. It forces enumerating of all processes and DLL libraries and storing them into a hierarchy kept by CTaskManager'smember m_pProcesses.

It is important to take into account the fact that NT's Kernel32.dll doesn't implemented any of the ToolHelp32 functions. Therefore we must link them explicitly, using runtime dynamic linking. Otherwise, if we use static linking the code will fail to load on NT, regardless whether or not the application has attempted to execute any of those functions. 

Following snippet illustrates exposed by CTaskManager basic interface methods.

int main(int argc, char* argv[])
{
    CTaskManager        taskManager;
    CExeModuleInstance  *pProcess;
    CModuleInstance     *pModule;

    // Retrieves information about processes and modules. 
    // The taskManager dynamically decides whether to use ToolHelp library or PSAPI
    taskManager.Populate();

    // Enumerates all processes
    for (unsigned i = 0; i < taskManager.GetProcessCount(); i++)
    {
        pProcess = taskManager.GetProcessByIndex(i);
        printf("Process %s pid=%d\n", pProcess->Get_Name(), pProcess->Get_ProcessId());
    
        // Enumerates all modules loaded by (pProcess) process
        for (unsigned j = 0; j < pProcess->GetModuleCount(); j++)
        {
            pModule = pProcess->GetModuleByIndex(j);
            printf("\t %s Handle=%.8x\n", pModule->GetBaseName(), pModule->Get_Module());
        } // for
    } // for
    return 0;
}

Downloads

Download sample - 8Kb



Comments

  • Hello

    Posted by asd on 06/29/2012 08:25pm

    This is great.

    Reply
Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Live Event Date: October 29, 2014 @ 11:00 a.m. ET / 8:00 a.m. PT Are you interested in building a cognitive application using the power of IBM Watson? Need a platform that provides speed and ease for rapidly deploying this application? Join Chris Madison, Watson Solution Architect, as he walks through the process of building a Watson powered application on IBM Bluemix. Chris will talk about the new Watson Services just released on IBM bluemix, but more importantly he will do a step by step cognitive …

  • Live Event Date: October 29, 2014 @ 1:00 p.m. ET / 10:00 a.m. PT It's well understood how critical version control is for code. However, its importance to DevOps isn't always recognized. The 2014 DevOps Survey of Practice shows that one of the key predictors of DevOps success is putting all production environment artifacts into version control. In this eSeminar, Gene Kim will discuss these survey findings and will share woeful tales of artifact management gone wrong! Gene will also share examples of how …

Most Popular Programming Stories

More for Developers

Latest Developer Headlines

RSS Feeds