This article presents a class (CPSAPI) which can be used to enumerate all of the
processes, modules and even device drivers currently executing on either a
Windows 9x or Windows NT machine.
As you can see in the provided demo application, this class is extremely easy
to use. All you need to is the following:
- Derive a class from the CPSAPI base class
- Implement the derived class’ OnXXX method that correlates to the desired function:
- virtual BOOL OnDeviceDriver(LPVOID lpImageBase);
- virtual BOOL OnProcess(LPCTSTR lpszFileName, DWORD ProcessID);
- virtual BOOL OnModule(HMODULE hModule, LPCTSTR lpszModuleName, LPCTSTR lpszPathName);
- Instantiate your object
- Call the object’s Initialize method
- Call the desired enumeration function:
- BOOL EnumDeviceDrivers(void);
- BOOL EnumProcesses(void);
- BOOL EnumProcessModules(DWORD dwProcessId);
If this sounds a bit difficult, not to worry. A demo application I included with this article
illustrates how to do all this.