Getting the detail information of the Windows OS processes



Compiler: Visual C++ Express Edition 2005

Compiled on Platform: Windows Xp Pro SP2

Target platform: none, just for learning and fun

Header file: Standard and Windows

Additional library: Windows Platform SDK

Additional project setting: Set project to be compiled as C

Project -> your_project_name Properties -> Configuration Properties -> C/C++ -> Advanced -> Compiled As: Compiled as C Code (/TC)

Other info: non-CLR or unmanaged. Need to add psapi.lib (psapi.dll) to the project. Click the Project menu->Select the your_project_name Properties... sub menu->Expand the Configuration Properties folder on the left pane->Expand the Linker subfolder->Select the Input subfolder->Select the Additional Dependencies field on the right pane->Click the ... at the end of the field->Type in 'psapi.lib' in the empty pane->Click the OK button->Click the OK button second time to close the project Properties dialog.

To do: Getting the detail information of the Windows processes

To show: The various Windows CRT threads and processes functions





// For WinXp as a target, change accordingly...

#define _WIN32_WINNT 0x0501


#include <windows.h>

#include <stdio.h>

#include <psapi.h>


void PrintModules(DWORD processID)


HMODULE hMods[1024];

HANDLE hProcess;

DWORD cbNeeded;

unsigned int i;


// Print the process identifier.

printf("\nProcess ID: %u\n", processID);

// Get a list of all the modules in this process.



if (hProcess == NULL)


if (EnumProcessModules(hProcess, hMods, sizeof(hMods), &cbNeeded))


for (i = 0; i < (cbNeeded / sizeof(HMODULE)); i++)


TCHAR szModPathName[MAX_PATH];

// Get the full path to the module's file.

if (GetModuleFileNameEx(hProcess, hMods[i], szModPathName, sizeof(szModPathName)))


// Print the module name and handle value. Use %ls or %S for unicode or wide character

printf("\t%S (0x%p)\n", szModPathName, hMods[i]);



printf("GetModuleFileNameEx() failed!.\n");






int main(void)


// Get the list of process identifiers.

DWORD aProcesses[2048], cbNeeded, cProcesses;

unsigned int i;


printf("Listing all the process's module...\n");

// If fail...

if (!EnumProcesses(aProcesses, sizeof(aProcesses), &cbNeeded))

printf("EnumProcesses() failed!.\n");


printf("EnumProcesses() is OK!.\n");


// Calculate how many process identifiers were returned.

cProcesses = cbNeeded / sizeof(DWORD);


// Print the name of the modules for each process.

for (i = 0; i < cProcesses; i++)


return 0;



Output example:


Process ID: 3568

C:\Program Files\Windows NT\Accessories\WORDPAD.EXE (0x01000000)

C:\WINDOWS\system32\ntdll.dll (0x7C900000)

C:\WINDOWS\system32\kernel32.dll (0x7C800000)

C:\WINDOWS\system32\MFC42u.DLL (0x72830000)

C:\WINDOWS\system32\msvcrt.dll (0x77C10000)

C:\WINDOWS\system32\GDI32.dll (0x77F10000)

C:\WINDOWS\system32\USER32.dll (0x77D40000)

C:\WINDOWS\system32\ADVAPI32.dll (0x77DD0000)

C:\WINDOWS\system32\RPCRT4.dll (0x77E70000)

C:\WINDOWS\system32\comdlg32.dll (0x763B0000)

C:\WINDOWS\system32\SHLWAPI.dll (0x77F60000)




C:\WINDOWS\ime\sptip.dll (0x5C2C0000)

C:\WINDOWS\system32\OLEACC.dll (0x74C80000)

C:\WINDOWS\system32\MSVCP60.dll (0x76080000)




C and C++ Programming Resources | C & C++ Code Example Index