Process '& Module Enumeration Class

This article presents a class (CPSAPI) which can be used to enumerate all of the processes, modules and even device drivers currently executing on either a Windows 9x or Windows NT machine.

As you can see in the provided demo application, this class is extremely easy to use. All you need to is the following:

  • Derive a class from the CPSAPI base class
  • Implement the derived class' OnXXX method that correlates to the desired function:
    • virtual BOOL OnDeviceDriver(LPVOID lpImageBase);
    • virtual BOOL OnProcess(LPCTSTR lpszFileName, DWORD ProcessID);
    • virtual BOOL OnModule(HMODULE hModule, LPCTSTR lpszModuleName, LPCTSTR lpszPathName);
  • Instantiate your object
  • Call the object's Initialize method
  • Call the desired enumeration function:
    • BOOL EnumDeviceDrivers(void);
    • BOOL EnumProcesses(void);
    • BOOL EnumProcessModules(DWORD dwProcessId);

If this sounds a bit difficult, not to worry. A demo application I included with this article illustrates how to do all this.

Downloads

Download demo project - 19 Kb