How do you list all processes on the command line in Windows?

303

32

Is there a command equivalent to 'ps' on Unix that can list all processes on a Windows machine?

tim

Posted 2008-09-10T05:50:39.107

Reputation: 3 304

1

This Starting and Stopping process in Windows from command Line might be useful.

– Aniket Thakur – 2014-09-21T09:17:38.197

Answers

388

Working with cmd.exe:

tasklist

If you have Powershell:

get-process

Via WMI:

wmic process

(you can query remote machines as well with /node:ComputerOrIP, and there are a LOT more ways to customize this command: link)

Factor Mystic

Posted 2008-09-10T05:50:39.107

Reputation: 11 212

34you might want to pipe it to the clipboard then paste into notepad: c:>tasklist | clip – None – 2011-08-25T21:04:15.307

3Specifically you could try >tasklist /FI "SERVICES eq wampapache" – RiggsFolly – 2013-05-01T00:25:50.690

If I list tasks with tasklist, how do I then end a task from command prompt? – Kyle Delaney – 2017-03-17T21:59:27.593

If you use Powershell, it's really convenient to pipe it to Out-Gridview, like this: "Get-Process | Out-GridView" – Charles Burge – 2018-06-01T06:44:39.200

1Or just pipe it directly into a text file: C:>tasklist > C:\myProcesses.txt – P.Brian.Mackey – 2018-12-26T13:37:35.023

85

There is a tool called Windows Management Instrumentation Command-line tool (wmic.exe).

You can call wmic process list to see all processes.

Paulius Maruška

Posted 2008-09-10T05:50:39.107

Reputation: 951

4I found this s.o. thread while trying to solve the same problem, and wanted to point out that wmic worked well for me. With wmic you can choose the most appropriate output for parsing, using /format:csv or /format:rawout. Beware: wmic does not implement csv format correctly (fields are never quoted, even if they contain embedded quotes or commas), so I was forced to use xml. – JimN – 2011-07-28T02:05:27.710

1@JimN - /format:rawxml and not /format:rawout – Joe – 2014-01-24T15:32:02.840

Can you filter any process using wmic ? – Kiquenet – 2015-09-03T05:40:58.553

If you need to find the command line that launched the process this is the answer – Shane Gannon – 2016-02-15T16:30:17.470

29

I wanted to mention that WMIC (pam's entry) can do a lot more. Have a look at my WMIC snippets page, which is a cheatsheet showing many of the common ways to use WMIC (with sample output shown) here

user4197

Posted 2008-09-10T05:50:39.107

Reputation: 537

19

  1. Tasklist

  2. WMIC /OUTPUT:C:\ProcessList.txt PROCESS get Caption,Commandline,Processid

or

 WMIC /OUTPUT:C:\ProcessList.txt path win32_process get Caption,Processid,Commandline

Ali

Posted 2008-09-10T05:50:39.107

Reputation:

16

I tried on Windows 7. The command is: TASKLIST /FI "IMAGENAME eq application_name"

Eg: c:\>TASKLIST /FI "IMAGENAME eq notepad.exe"

To show all process with port details:

c:\> TASKLIST

Also to kill the process you can use c:\> pskill or tskill processname

Eg: c:\> tskill notepad

Neelesh

Posted 2008-09-10T05:50:39.107

Reputation:

1TASKLIST /FI "IMAGENAME eq explorer.exe" returns one whole line as output. Is there anyway to get just the PID itself? – Pacerier – 2015-05-05T00:03:58.323

for a more human-memorable command, taskkill is synonymous to tskill – Mushroom Man – 2017-12-05T01:24:13.720

On 8.1, there is no tskill only taskkill, and pskill is provided by SysInternals but not Windows. (@KiritoBepsibane) – dave_thompson_085 – 2018-06-01T06:59:47.297

11

tasklist or pslist from sysinternals. Also, get-process is amazing from PowerShell.

Hafthor

Posted 2008-09-10T05:50:39.107

Reputation: 960

5

If you use Powershell, it has the 'ps' command (it is aliased to Get-Process)

user15123

Posted 2008-09-10T05:50:39.107

Reputation: 151

3

To kill a process use:

TASKKILL /F /IM processname.exe

For example:

TASKKILL /F /IM firefox.exe

Saiyam

Posted 2008-09-10T05:50:39.107

Reputation:

This isn't a good answer. The question is how to list processes, not how to kill them. – Rikki Gibson – 2019-09-30T21:47:00.550

2

If you running windows XP try using the 'tasklist' command. I tried it out with Vista and it seems to also work.

Marcel

Posted 2008-09-10T05:50:39.107

Reputation: 351

1

open windows command prompt

C:\>tasklist                       // list all the tasks


C:\>Taskkill /IM firefox.exe /F     // Kill task by name

or

C:\>Taskkill /PID 26356 /F           // kill task by PId

spacedev

Posted 2008-09-10T05:50:39.107

Reputation: 121

1

Use this command to see all the processes in windows machine

tasklist /svc

LOKESH

Posted 2008-09-10T05:50:39.107

Reputation: 131

1Can you filter any process using tasklist with pipe or another way ? – Kiquenet – 2015-09-03T05:41:54.383

@Kiquenet Yes you can: tasklist|findstr "firefox.exe". If this returns an errorlevel of 1 the process was found in the list of processes. – Andreas – 2016-03-18T06:48:47.363

@mrt: findstr doesn't need quotes around the needle unless it contains space or special character like & although find does, and both of them return 1 for NOT found (0 for found). – dave_thompson_085 – 2018-06-01T06:54:54.370

@dave_thompson_085 Of course you are right, but in my opinion it's a good habit to put strings into quotes. This keeps me from accidently leave them out when they are needed. Also, it makes the statement easier to read since it's instantly obvious what the search term is. – Andreas – 2018-06-03T15:26:37.900

0

I have done a msproject ( c source code) , archive is available at : lsproc.zip project archive

and exe file: lsproc.exe binary

this is a command line tool output:

lsproc 
Thierry Bremard
t.bremard@gmail.com
list binary files and driver with their local path on disks
most of code retreived from msdn site
--------------------

Process ID: 0
--------------------

Process ID: 4
<unknown>  (PID: 4)
<unknown>
    PageFaultCount             : 0x00002E4B
    PeakWorkingSetSize         : 0x00419000
    WorkingSetSize (Mem usage) : 0x0003A000 (232 ko)
    QuotaPeakPagedPoolUsage    : 0x00000000
    QuotaPagedPoolUsage        : 0x00000000
    QuotaPeakNonPagedPoolUsage : 0x00000000
    QuotaNonPagedPoolUsage     : 0x00000000
    PagefileUsage              : 0x00000000
    PeakPagefileUsage          : 0x00000000
--------------------

Process ID: 764
smss.exe  (PID: 764)
\SystemRoot\System32\smss.exe
    PageFaultCount             : 0x000000D6
    PeakWorkingSetSize         : 0x00082000
    WorkingSetSize (Mem usage) : 0x0006C000 (432 ko)
    QuotaPeakPagedPoolUsage    : 0x00006C34
    QuotaPagedPoolUsage        : 0x00001854
    QuotaPeakNonPagedPoolUsage : 0x000004D8
    QuotaNonPagedPoolUsage     : 0x00000280
    PagefileUsage              : 0x0002C000
    PeakPagefileUsage          : 0x00030000
--------------------

Process ID: 816
--------------------

Process ID: 844
winlogon.exe  (PID: 844)
\??\C:\WINDOWS\system32\winlogon.exe
    PageFaultCount             : 0x0000261D
    PeakWorkingSetSize         : 0x00B58000
    WorkingSetSize (Mem usage) : 0x0029B000 (2668 ko)
    QuotaPeakPagedPoolUsage    : 0x0001B054
    QuotaPagedPoolUsage        : 0x000185A4
    QuotaPeakNonPagedPoolUsage : 0x0000C988
    QuotaNonPagedPoolUsage     : 0x0000B6A0
    PagefileUsage              : 0x005EC000
    PeakPagefileUsage          : 0x006C6000
--------------------

...
    PeakPagefileUsage          : 0x03277000
--------------------

Process ID: 2712
lsproc.exe  (PID: 2712)
C:\Documents and Settings\LoginX\Bureau\lsproc.exe
    PageFaultCount             : 0x000000EC
    PeakWorkingSetSize         : 0x000F1000
    WorkingSetSize (Mem usage) : 0x000E4000 (912 ko)
    QuotaPeakPagedPoolUsage    : 0x000032B4
    QuotaPagedPoolUsage        : 0x000032B4
    QuotaPeakNonPagedPoolUsage : 0x00000400
    QuotaNonPagedPoolUsage     : 0x00000398
    PagefileUsage              : 0x00042000
    PeakPagefileUsage          : 0x0005C000
There are 131 drivers:
--------------------
   1: ntkrnlpa.exe
\WINDOWS\system32\ntkrnlpa.exe
--------------------
   2: hal.dll
\WINDOWS\system32\hal.dll
--------------------
   3: KDCOM.DLL
\WINDOWS\system32\KDCOM.DLL
--------------------
   4: BOOTVID.dll
\WINDOWS\system32\BOOTVID.dll


...


--------------------
 129: HTTP.sys
\SystemRoot\System32\Drivers\HTTP.sys
--------------------
 130: hiber_WMILIB.SYS
\SystemRoot\System32\Drivers\hiber_WMILIB.SYS
--------------------
 131: ntdll.dll
\WINDOWS\system32\ntdll.dll



--------------

Thierry Bremard

Posted 2008-09-10T05:50:39.107

Reputation:

file not found, mister – Kiquenet – 2012-02-13T15:24:35.423

0

I had following problem on Windows 2003 SP2: Tasklist didn't return any output on stdout or stderr, when called from a process started as Windows service (even under Local Account). Tasklist returned with the (undocumented) code 128.

Called from the same program started as a normal process (not as service), it did run.

No help to change it. I couldn't find any reason or solution but use "pslist /accepteula" of sysinternal instead of it.

Same problem with taskkill: I had to replace it whith pskill.

Olivier Faucheux

Posted 2008-09-10T05:50:39.107

Reputation: 105

-1

Hello if you want to list running process ID's on a Windows machine then open a cmd screen and type:

netstat -aon | more

use the Enter key to scroll.

user3941685

Posted 2008-09-10T05:50:39.107

Reputation:

That only gives processes that are accessing the network, which is NOT all processes. – dave_thompson_085 – 2018-06-01T06:55:26.367

Asked: 2008-09-10T05:50:39.107

Viewed: 706 300 times

Active: 2018-06-01T04:58:34.080