Enum Process Method 1

This is one of the most famous method to enumerate running process on Windows.

If AFilterSameArch is set to True, only processes running with same architecture as current process will be listed.

{
    Jean-Pierre LESUEUR (@DarkCoderSc)

    Example:

    ...
    var AProcessName    : String;
        AProcessId      : Cardinal;
        AProcessList    : TDictionary<Integer, String>;
    begin
        AProcessList := EnumProcess(True);
        try
            for AProcessId in AProcessList.Keys do begin
                if NOT AProcessList.TryGetValue(AProcessId, AProcessName) then
                    continue;
                ///

                ...
            end;
        finally
            if Assigned(AProcessList) then
            FreeAndNil(AProcessList);
        end;
    end;
}

//...
uses tlhelp32, SysUtils, Windows, Generics.Collections;
//...

function EnumProcess(AFilterSameArch : Boolean = False) : TDictionary<Integer {Process Id}, String {Process Name}>;
var ASnap         : THandle;
    AProcessEntry : TProcessEntry32;
    AProcessName  : String;

    procedure AppendEntry();
    begin
      if AFilterSameArch and ((IsProcessX64(GetCurrentProcessId())) <> (IsProcessX64(AProcessEntry.th32ProcessID))) then
        Exit();
      ///

      result.Add(AProcessEntry.th32ProcessID, AProcessEntry.szExeFile);
    end;

begin
  result := TDictionary<Integer, String>.Create();
  ///

  ASnap := CreateToolHelp32Snapshot(TH32CS_SNAPPROCESS, 0);
  if ASnap = INVALID_HANDLE_VALUE then
    Exit();
  try
    ZeroMemory(@AProcessEntry, SizeOf(TProcessEntry32));
    ///

    AProcessEntry.dwSize := SizeOf(TProcessEntry32);

    if NOT Process32First(ASnap, AProcessEntry) then
      Exit();

    AppendEntry();

    while True do begin
      ZeroMemory(@AProcessEntry, SizeOf(TProcessEntry32));
      ///

      AProcessEntry.dwSize := SizeOf(TProcessEntry32);

      if NOT Process32Next(ASnap, AProcessEntry) then
        break;

      AppendEntry();
    end;
  finally
    CloseHandle(ASnap);
  end;
end;
comments powered by Disqus