Use the CreateToolhelp32Snapshot Function
hSnapShot = FCreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
Next is Process32First and Process32Next .
You will get PROCESSENTRY32 as follows with a szExeFile member.
PROCESSENTRY32W processInfo; processInfo.szExeFile
Before listing, first get the SeDebugPrivilege privilege, so you get all the processes in all sessions and users.
To get privilege to get all sessions:
acquirePrivilegeByName(SE_DEBUG_NAME);
Where is purchasedPrivilegeByName is defined as:
BOOL acquirePrivilegeByName( const TCHAR *szPrivilegeName) { HANDLE htoken; TOKEN_PRIVILEGES tkp; DWORD dwerr; //---------------- adjust process token privileges to grant privilege if (szPrivilegeName == NULL) { SetLastError(ERROR_INVALID_PARAMETER); return FALSE; } if (!LookupPrivilegeValue(NULL, szPrivilegeName, &(tkp.Privileges[0].Luid))) return FALSE; tkp.PrivilegeCount = 1; tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &htoken)) return FALSE; if (!AdjustTokenPrivileges(htoken, FALSE, &tkp, 0, NULL, NULL) || GetLastError() != ERROR_SUCCESS) // may equal ERROR_NOT_ALL_ASSIGNED { dwerr = GetLastError(); CloseHandle(htoken); SetLastError(dwerr); return FALSE; } CloseHandle(htoken); SetLastError(ERROR_SUCCESS); return TRUE; } //acquirePrivilegeByName()
If you need the full name of the process image, you can use QueryFullProcessImageName , but the szExeFile member may be enough for your needs.