开发者

Construct Process Tree in Windows

开发者 https://www.devze.com 2023-01-08 05:22 出处：网络

To construct a process tree in Windows \"C\" given a PID, which one is a good approach to go for Win2k, XP, Windows Server 2008, Windows 7.

相关专题：visual-studio visual-studio-2010 winapi windows

To construct a process tree in Windows "C" given a PID, which one is a good approach to go for Win2k, XP, Windows Server 2008, Windows 7.

ZwQuerySystemInformation
NtQuerySystemInformation
CreateToolhelp32Snapshot

I rememb开发者_开发问答er ToolHelp had issue in leaking memory for win2k. Please correct me if I am wrong.

And using ZwQuerySystemInformation/NtQuerySystemInformation, I am not sure what the // System Information Class 5 structure should be for 64-bit architecture. Can someone provide pointers to it?

-Karthik

Off the top of my head, the documented ways to list processes include:

WTSEnumerateProcesses (Must delayload, call will fail if Terminal Services/Fastuserswitching is off)
EnumProcesses (Only a list of PID's)
CreateToolhelp32Snapshot
Performance Counters
WMI