曾經基於興趣搞過很多小功能，但後來工作中比較少用到，程式碼也就安靜的沉沒在磁碟中。最近打算整理下之前弄過的東西，也不算荒廢之前的付出吧。。。

void InitProcessList()
{
    ZWQUERYSYSSTEMINFORMATION MyZwQuerySystemInformation = (ZWQUERYSYSSTEMINFORMATION)GetProcAddress(GetModuleHandle(_T("ntdll")), "ZwQuerySystemInformation");
    if (MyZwQuerySystemInformation)
    {
        PVOID pBuff = malloc
 
(PROCESSINFO_BUF_SIZE);
        memset(pBuff, 0, PROCESSINFO_BUF_SIZE);

        LONG lStatus = MyZwQuerySystemInformation(SystemProcessInformation, pBuff, PROCESSINFO_BUF_SIZE, NULL);
        if (lStatus == 0)
        {
            PSYSTEM_PROCESS_INFORMATION_MY pInfo = (PSYSTEM_PROCESS_INFORMATION_MY)pBuff;
            WCHAR wchProcessName[MAX_PATH] = {0
 
};
            CString strProcessId = _T("");

            for (; ;)
            {
                memset(wchProcessName, 0, MAX_PATH);
                memcpy(wchProcessName, pInfo->ProcessName.Buffer, pInfo->ProcessName.Length);
                if (pInfo->ProcessId == 0)
                {
                    memcpy
 
(wchProcessName, L"System Process", MAX_PATH);
                }

                int nRow = m_List.InsertItem(0, wchProcessName);
                strProcessId.Format(_T("%d"), (DWORD)pInfo->ProcessId);
                m_List.SetItemText(nRow, 1, strProcessId);

                if (pInfo->NextEntryOffset == 0)
                {
                    break;
                }

                pInfo = (PSYSTEM_PROCESS_INFORMATION_MY)(((PUCHAR)pInfo) + pInfo->NextEntryOffset);
            }

        }
    }
}