EnumProcesses是函数得到一系列过程采用EnumProcesses功能。为每个过程的主要功能，调用PrintModules功能，通过工艺标识符。PrintModules反过来呼叫OpenProcess功能得到过程处理。 如果OpenProcess失败，只有过程输出显示标识符。OpenProcess闲置，或者因为他们的准入限制CSRSS过程防止用户级代码从打开它们。其次，PrintModules称EnumProcessModules功能模块处理获得的功能。最后，PrintModules称GetModuleFileNameEx功能，对每一个模块进行一次，取得模块的名字。

检索进程中的每一个进程标识符.

The EnumProcessesfunction retrieves the process identifier for each process object in the system.

BOOL WINAPI EnumProcesses（_Out_ DWORD * pProcessIds，_In_ DWORD CB，_Out_ DWORD * pBytesReturned）;

EnumProcesses()带三个参数，DWORD 类型的数组指针 lpidProcess；该数组的大小尺寸 cb；以及一个指向 DWORD 的指针 pBytesRrturned，它接收返回数据的长度。DWORD 数组用于保存当前运行的进程 IDs。pBytesRrturned 返回数组所用的内存大小。

pProcessIds

接收进程标识符的数组.Pointer to an array that receives the list of process identifiers.

cb

数组的大小.Size of the pProcessIds array, in bytes.

pBytesReturned

数组返回的字节数.Number of bytes returned in the pProcessIds array.

成功返回非零数,失败返回零,可以使用函数 GetLastError获取错误信息.

Return Values

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

下面算式可以得出返回了多少进程：

nReturned = cbNeeded / sizeof(DWORD)。

定义个比较大的数组来接收进程IDs,是一个比较好的选择.虽然文档将返回的 DWORD 命名为“pBytesRrturned”，实际上是没有办法知道到底要传多大的数组的。EnumProcesses()根本不会在 pBytesRrturned 中返回一个大于 cb 参数传递的数组值。结果，唯一确保 EnumProcesses()函数成功的方法是分配一个 DWORD 数组，并且，如果返回的 cbNeeded 等于 cb，分配一个较大的数组，并不停地尝试直到 cbNeeded 小于 cb

It is a good idea to use a large array, because it is hard to predict how many processes there will be at the time you call EnumProcesses.

To determine how many processes were enumerated, divide the pBytesReturned value by sizeof(DWORD). There is no indication given when the buffer is too small to store all process identifiers. Therefore, if pBytesReturned equals cb, consider retrying the call with a larger array.

To obtain process handles for the processes whose identifiers you have just obtained, call the OpenProcess function.

客户端需求(Client Requires):Windows XP, Windows 2000 Professional, or Windows NT Workstation 4.0.

服务器需求(Server Requires)Windows Server 2003, Windows 2000 Server, or Windows NT Server 4.0.

头文件声明在Psapi.h (HeaderDeclared in Psapi.h.)

库中链接到 Psapi.lib (LibraryLink to Psapi.lib.)

DLL名: Psapi.dll (DLLRequires Psapi.dll.)

For an example, see Enumerating All Processes or Enumerating All Modules for a Process.

Enumerating All Modules For a Process

To determine which processes have loaded a particular DLL, you must enumerate the modules for each process. The following sample code uses the EnumProcessModules function to enumerate the modules of current processes in the system.

The main function obtains a list of processes by using the EnumProcesses function. For each process, the main function calls the PrintModules function, passing it the process identifier. PrintModules in turn calls the OpenProcess function to obtain the process handle. If OpenProcess fails, the output shows only the process identifier. For example, OpenProcess fails for the Idle and CSRSS processes because their access restrictions prevent user-level code from opening them. Next, PrintModules calls the EnumProcessModules function to obtain the module handles function. Finally, PrintModules calls the GetModuleFileNameEx function, once for each module, to obtain the module names.