How can I enumerate all processes running on the system?

The method to use depends on the Operating System the app is running on. For Win9x and Win2000, you use CreateToolhelp32Snapshot(), followed by Process32First() and Process32Next() from the Toolhelp Library (toolhlp.dll). For WinNT, you have two choices: The easy way, or the hard way. The easy way is to use EnumProcesses() from psapi.dll. The hard way is to read the information from the Performance Counters in the registry.

However, here you'll soon realize that on NT, neither of these methods will tell you about 16-bit processes running on the system. All you'll get will be the virtual machines (ntvdm.exe) they are running on. To enumerate 16-processes running in each VDM, you'll have to resort to a set of functions in the VDM debug library, vdmdbg.dll; mainly, you'll need to use VDMEnumTasksWOW() or VDMEnumTasksWOWEx(). The first one is documented on a help file called VDMDBG.HLP that used to come with the Platform SDK Documentation, but the latter is not. However, you can look for it's prototype in vdmdbg.h, and it's used the same way as the first.

Here's a short example for Win9x/Win2k using toolhelp32:

HANDLE  hSysSnapshot = NULL;
PROCESSENTRY32 proc;

proc.dwSize = sizeof(proc);
hSysSnapshot = CreateToolhelp32Snapshot ( TH32CS_SNAPPROCESS, 0 );
if ( hSysSnapshot == (HANDLE)-1 )
    return 0;
if ( Process32First ( hSysSnapshot, &proc ) )
{
    proc.dwSize = sizeof(proc);
    do
    {
        printf ("%lu - %s\n", proc.th32ProcessID, proc.szExeFile );
    }
    while ( Process32Next ( hSysSnapshot, &proc ) );

}
CloseHandle ( hSysSnapshot );

References and samples:

• Tomas Restrepo's Web site: "Enumerating 16-bit Processes on NT"
• Platform SDK and VC++ samples: ProcList sample, PerfMon sample.
• Knowledge Base Article Q175030 "HOWTO: Enumerate Applications in Win32"