WTSEnumerateProcesses vs CreateToolhelp32Snapshot

I want to enumerate all runn开发者_运维百科ing processes on a 32 or 64 (local) machine. What should I better use: WTSEnumerateProcesses or CreateToolhelp32Snapshot?

I would say CreateToolhelp32Snapshot, it works on any windows version except NT4 out of the box. On WinXP, WTSEnumerateProcesses only works when the terminal server service is running (And when it is running, WTSEnumerateProcesses will give you information about processes you are not supposed to have when running as non-admin, this hole was closed in Vista)

But the two functions don't give you the same information so it depends on what you are after, under the hood they both just call the semi documented ZwQuerySystemInformation

Getting the full path of a proccess is problematic either way (GetModuleFileNameEx fails for WOW64, GetProcessImageFileName returns kernel path and has rename issues and QueryFullProcessImageName is Vista+ and has space in path issues supposedly)