Many users know about Task Manager that allows, between others, to quickly list the currently running processes and get info about each one. Some advanced users may also deal with Windows Resource Monitor, for real-time monitoring the running processes. Other ones may use command line tools lile Tasklist or Tlist as well as complex third-party applications, like Sysinternals Process Explorer and Process Monitor.
However, let’s say that we have to get a list of running processes and obtain additional info about them in our own application. This series of articles presents several methods for doing that in C/C++ programs, by using Windows API or other libraries. But first, let’s have a brief look at command-line tools.
Tasklist is a command-line utility tool, shipped with Windows XP (except home edition) and newer Windows versions. What you have to do is to open cmd console window and run tasklist.exe. Here are few examples:
- Displays info about all processes in LIST format
C++1tasklist /v /fo LIST
- Displays services running under svchost.exe
C++1tasklist /fi "Imagename eq svchost.exe" /svc
- Displays the modules loaded in Internet Explorer
C++1tasklist /m /fi "imagename eq iexplore.exe"
- Displays tasklist help.
For a complete reference, see the link under Resources section.
Tlist isn’t shipped with Windows operating system but is included in Debugging Tools for Windows suite that can be downloaded from Microsoft site.
- Displays the command line that started each process
C++1C:\Program Files\Debugging Tools for Windows>tlist /c
- Displays the services that run in each process
C++1C:\Program Files\Debugging Tools for Windows>tlist /s
Also, for a complete reference see the link, below.
Can we use these tools in our own program?
The answer is yes. We can launch tasklist.exe or tlist.exe with CreateProcess, then use a pipe to catch the output, then… But that may be a real overkill, so let’s forget it!
Next articles will show how to directly use APIs to list processes.