What does this mean and why is it needed at all? Maybe somewhere used?

  • Help function read? Where did you see the [System process] ? - 伪位蔚蠂慰位蠀蟿
  • read, and you read? - helldrg
  • Explain what the meaning is? - Cerbo
  • [System process], if you do not understand what it is about, print the list of processes and the very first one will be he - helldrg

1 answer 1

The Process32First function sets the beginning of the process list Process32First , and in particular, ensures filling out by specifying in the second argument information about the first process in the system.

 BOOL WINAPI Process32First( _In_ HANDLE hSnapshot, _Inout_ LPPROCESSENTRY32 lppe );

The PROCESSENTRY32 structure has the szExeFile field, which contains the string value "[System process]" mentioned in the question. You can also pay attention to the identifier of this process (field th32ProcessID ), it will be equal to 0 .

This process is actually not a real process, and in fact reflects how free the system is to perform other tasks. Its existence allows us to simplify the mechanism of work of the process scheduler. In the Windows Task Manager, this "process" is called the "System Idle Process".

  • "and in fact reflects how free the system is" - and how does it reflect? What is the field structure PROCESSENTRY32? Is it used exactly by the developer? - helldrg