379

Is there a command equivalent to 'ps' on Unix that can list all processes on a Windows machine?

readonly
  • 4,064

15 Answers15

481

Working with cmd.exe:

tasklist

If you have Powershell:

get-process

Via WMI:

wmic process

(you can query remote machines as well with /node:ComputerOrIP, and there are a LOT more ways to customize this command: link)

aggserp4
  • 3
Factor Mystic
  • 13,015
94

There is a tool called Windows Management Instrumentation Command-line tool (wmic.exe).

You can call wmic process list to see all processes.

Paulius Maruška
  • 1,041
32

I wanted to mention that WMIC (pam's entry) can do a lot more. Have a look at my WMIC snippets page, which is a cheatsheet showing many of the common ways to use WMIC (with sample output shown) here

user4197
  • 577
23

  1. Tasklist

  2. WMIC /OUTPUT:C:\ProcessList.txt PROCESS get Caption,Commandline,Processid

or

 WMIC /OUTPUT:C:\ProcessList.txt path win32_process get Caption,Processid,Commandline
22

I tried on Windows 7. The command is: TASKLIST /FI "IMAGENAME eq application_name"

Eg: c:\>TASKLIST /FI "IMAGENAME eq notepad.exe"

To show all process with port details:

c:\> TASKLIST

Also to kill the process you can use c:\> pskill or tskill processname

Eg: c:\> tskill notepad

12

tasklist or pslist from sysinternals. Also, get-process is amazing from PowerShell.

Hafthor
  • 980
6

If you use Powershell, it has the 'ps' command (it is aliased to Get-Process)

user15123
  • 161
5

To kill a process use:

TASKKILL /F /IM processname.exe

For example:

TASKKILL /F /IM firefox.exe
Gareth
  • 19,080
2

open windows command prompt

C:\>tasklist                       // list all the tasks


C:\>Taskkill /IM firefox.exe /F     // Kill task by name

or

C:\>Taskkill /PID 26356 /F           // kill task by PId
spacedev
  • 131
2

If you running windows XP try using the 'tasklist' command. I tried it out with Vista and it seems to also work.

Marcel
  • 381
1

Using WMI and Powershell you can do:

Get-WMIObject -Class Win32_Process

Then you can filter properties using Select-Object and show in GUI using Out-GridView.

wasif
  • 9,176
1

Use this command to see all the processes in windows machine

tasklist /svc

LOKESH
  • 141
0

For more process info

running in cmd,handle is the process id:

wmic.exe path Win32_Process where handle='22792' get Commandline /format:list

result:

/path/to/app.exe [args specified goes here]
sammy
  • 101
0

I have done a msproject ( c source code) , archive is available at : lsproc.zip project archive

and exe file: lsproc.exe binary

this is a command line tool output:

lsproc 
Thierry Bremard
t.bremard@gmail.com
list binary files and driver with their local path on disks
most of code retreived from msdn site
--------------------

Process ID: 0
--------------------

Process ID: 4
<unknown>  (PID: 4)
<unknown>
    PageFaultCount             : 0x00002E4B
    PeakWorkingSetSize         : 0x00419000
    WorkingSetSize (Mem usage) : 0x0003A000 (232 ko)
    QuotaPeakPagedPoolUsage    : 0x00000000
    QuotaPagedPoolUsage        : 0x00000000
    QuotaPeakNonPagedPoolUsage : 0x00000000
    QuotaNonPagedPoolUsage     : 0x00000000
    PagefileUsage              : 0x00000000
    PeakPagefileUsage          : 0x00000000
--------------------

Process ID: 764
smss.exe  (PID: 764)
\SystemRoot\System32\smss.exe
    PageFaultCount             : 0x000000D6
    PeakWorkingSetSize         : 0x00082000
    WorkingSetSize (Mem usage) : 0x0006C000 (432 ko)
    QuotaPeakPagedPoolUsage    : 0x00006C34
    QuotaPagedPoolUsage        : 0x00001854
    QuotaPeakNonPagedPoolUsage : 0x000004D8
    QuotaNonPagedPoolUsage     : 0x00000280
    PagefileUsage              : 0x0002C000
    PeakPagefileUsage          : 0x00030000
--------------------

Process ID: 816
--------------------

Process ID: 844
winlogon.exe  (PID: 844)
\??\C:\WINDOWS\system32\winlogon.exe
    PageFaultCount             : 0x0000261D
    PeakWorkingSetSize         : 0x00B58000
    WorkingSetSize (Mem usage) : 0x0029B000 (2668 ko)
    QuotaPeakPagedPoolUsage    : 0x0001B054
    QuotaPagedPoolUsage        : 0x000185A4
    QuotaPeakNonPagedPoolUsage : 0x0000C988
    QuotaNonPagedPoolUsage     : 0x0000B6A0
    PagefileUsage              : 0x005EC000
    PeakPagefileUsage          : 0x006C6000
--------------------

...
    PeakPagefileUsage          : 0x03277000
--------------------

Process ID: 2712
lsproc.exe  (PID: 2712)
C:\Documents and Settings\LoginX\Bureau\lsproc.exe
    PageFaultCount             : 0x000000EC
    PeakWorkingSetSize         : 0x000F1000
    WorkingSetSize (Mem usage) : 0x000E4000 (912 ko)
    QuotaPeakPagedPoolUsage    : 0x000032B4
    QuotaPagedPoolUsage        : 0x000032B4
    QuotaPeakNonPagedPoolUsage : 0x00000400
    QuotaNonPagedPoolUsage     : 0x00000398
    PagefileUsage              : 0x00042000
    PeakPagefileUsage          : 0x0005C000
There are 131 drivers:
--------------------
   1: ntkrnlpa.exe
\WINDOWS\system32\ntkrnlpa.exe
--------------------
   2: hal.dll
\WINDOWS\system32\hal.dll
--------------------
   3: KDCOM.DLL
\WINDOWS\system32\KDCOM.DLL
--------------------
   4: BOOTVID.dll
\WINDOWS\system32\BOOTVID.dll


...


--------------------
 129: HTTP.sys
\SystemRoot\System32\Drivers\HTTP.sys
--------------------
 130: hiber_WMILIB.SYS
\SystemRoot\System32\Drivers\hiber_WMILIB.SYS
--------------------
 131: ntdll.dll
\WINDOWS\system32\ntdll.dll



--------------
-2

Hello if you want to list running process ID's on a Windows machine then open a cmd screen and type:

netstat -aon | more

use the Enter key to scroll.