Find "hidden" Windows processes in .NET

Question

I'm trying to enumerate all processes running on my machine:

public int EnumProcesses()
{   
    Process[] ProList = Process.GetProcesses();
    Proc.iProcessNum = ProList.Length;
    for (int i = 0; i < ProList.Length; i++)
    {
        PrintProcess(ProList[i]);
    }          
    return 0;
}

Some processes (such as games run with XTrap) aren't found by Process.GetProcesses(). Task Manager can see them, though. How can I find these "hidden" processes?

---

Now i have picked its processID up, but processName is "a ghost"(true name is ge.exe, but i get chrome.exe or anything else). I've try with

GetModuleFileName()
GetModuleHandle()
GetModuleHandleEx()

Why can Task manager and ProcessExplorer show true, Any give me a solution.

Answer 1

Most likely your program isn't running with enough rights to get the information on other processes.

Only by executing as SYSTEM will you get every process name, but for the others you can request your application runs with administrative rights (usually by specifying the UAC level in the applications manifest), (you may also need to enable the SeDebugPrivilege in the process access token) and this should allow you to see most of them.

Beyond that, calling into the native API would make things clearer, as there is lots of sample code already in usage to do these exact tasks.

EDIT::

GetModuleFileName is only for usage on process modules (i.e. DLLs), and even then they must have been loaded by the current process. What you're after is:

GetProcessImageFileName

So long as you can open the process handle with the required access, it should work. Here's a link to the msdn documentation for GetProcessImageFileName: http://msdn.microsoft.com/en-us/library/windows/desktop/ms683217%28v=vs.85%29.aspx

Note that ProcessExplorer loads up a driver, and thereby has total access to the system, hence it can find out pretty much everything. TaskManager uses some infamous APIs to retrieve the data. They're a bit much to get into here though.