Your account | Cart Cart
 Search
Home Products FAQs Download Shop Contact

GNU/Linux ps for Microsoft Windows

ps is a console utility that displays information on Windows processes in manner familiar to users of GNU/Linux. For each running process it displays detailed information on the process ID, parent process ID, user name, CPU priority, real memory size, virtual memory size, CPU time (kernel and user), command-line arguments, window name, loaded DLLs, DLL versions, and DLL memory addresses.

An example of the output: 

> ps -l
 PID PPID PRI  VSIZE  RSIZE  ETIM  KTIM  UTIM COMMAND
   0    0   0      0     24        2d16  0:00 Idle
   4    0   8  13016   7716  1d09  2:09  0:00 System
 280  628   8 477960  67964  1d09  0:09  0:16 svchost
 444  248   8 237688  56856  1d09  1:26  0:43 Explorer
 452    4  11   5844    944  1d09  0:00  0:00 smss
 468  228   8  67100  22444  1d09  0:13  0:08 audiodg
 528  516  13 111340   6148  1d09  0:02  0:00 csrss
 532  628   8  51284  10656  1d09  0:02  0:00 SLsvc
 588  516  13  56952   4720  1d09  0:00  0:00 wininit
 620 3988   8  69600   7684 13:22  0:00  0:00 vi *32
 628  588   9  61164  10112  1d09  0:04  0:00 services
 644  588   9  70752   4380  1d09  0:03  0:04 lsass
 648  628   8  99832  15220  1d09  0:00  0:00 svchost
 652  588   8  37416   5560  1d09  0:00  0:00 lsm
 696  572  13  67832   7236  1d09  0:00  0:00 winlogon
 880  264  13  72120   3036  3h18  0:08  0:07 Dwm
1008  280   8 112372  12516  3h18  0:00  0:00 taskeng
1272  628   8 132232  19732  1d09  0:00  0:00 spoolsv
1692  508  13  67680   6940  3h18  0:00  0:00 winlogon
2044  628   8  67808   9592  1d09  0:49  0:17 vmware-authd *32
2108  444   8  70412   5432  1d09  0:00  0:00 SOUNDMAN *32
2364  444   8 332748 115600  1d09  0:15  0:32 SharpReader *32
2408 2340   8 114828  24064  1d09  0:00  0:00 vmware-tray *32
2560 2116   8  89708   8600  1d09  0:00  0:00 rundll32
2968 3068   8  80892   7332  7h34  0:00  0:00 splwow64
3404 3272   8  89708   8512  3h17  0:00  0:00 rundll32
3988  444   8  49744   3756 45:21  0:00  0:00 cmd

Or it can display command-line parameters: 

> ps -c
 PID  TIME COMMAND
   0  2d16 Idle
   4  2:10 System
 280  0:26 C:\Windows\system32\svchost.exe -k netsvcs
 444  2:10 C:\Windows\Explorer.EXE
 452  0:00 \SystemRoot\System32\smss.exe
 468  0:22 audiodg
 528  0:02 C:\Windows\system32\csrss.exe ObjectDirectory=\Windows 
    SharedSection=1024,20480,768 Windows=On SubSystemType=Windows 
	ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
	ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off 
	MaxRequestThreads=16
 532  0:03 C:\Windows\system32\SLsvc.exe
 588  0:00 wininit.exe
 620  0:00 vi myfile.txt
 628  0:04 C:\Windows\system32\services.exe
 644  0:07 C:\Windows\system32\lsass.exe
 648  0:01 C:\Windows\system32\svchost.exe -k LocalService
 652  0:00 C:\Windows\system32\lsm.exe
 696  0:00 winlogon.exe
 880  0:15 "C:\Windows\system32\Dwm.exe"
1008  0:00 taskeng.exe {10891F60-250C-49DD-8739-70B79194CB64}
1272  0:01 C:\Windows\System32\spoolsv.exe
1692  0:00 winlogon.exe
2044  1:08 "C:\Program Files (x86)\VMware\vmware-authd.exe"
2108  0:00 "C:\Windows\SOUNDMAN.EXE" 
2364  0:48 "C:\Program Files (x86)\SharpReader\SharpReader.exe" 
2408  0:01 "C:\Program Files (x86)\VMware\vmware-tray.exe" 
2560  0:00 rundll32 NVSVC64.DLL,nvsvcInitialize 
2968  0:00 splwow64
3368  0:01 "C:\Program Files (x86)\VMware\vmware-tray.exe" 
3376  0:00 "C:\Program Files (x86)\VMware\hqtray.exe" 
3404  0:00 rundll32 NVSVC64.DLL,nvsvcInitialize 
3988  0:00 "C:\Windows\System32\cmd.exe" /K C:\LBIN\MSDOS_W2K.BAT

Or a detailed breakdown of DLLs and their versions: 

> ps -m cmd
 PID  TIME COMMAND
1048  0:00 cmd         Administrator: ps -m cmd

Command line: "C:\Windows\System32\cmd.exe"

 Load Base       Size      Version          Path
 0x00004AD00000  0x5D000   6.00.6000.16386  C:\Windows\System32\cmd.exe
 0x000078E80000  0x17A000  6.00.6000.16386  C:\Windows\system32\ntdll.dll
 0x000078D40000  0x131000  6.00.6000.16386  C:\Windows\system32\kernel32.dll
 0x07FF7FEE0000  0xFF000   6.00.6000.16386  C:\Windows\system32\ADVAPI32.dll
 0x07FF7FDA0000  0x139000  6.00.6000.16525  C:\Windows\system32\RPCRT4.dll
 0x07FF769F0000  0xA1000   7.00.6000.16386  C:\Windows\system32\msvcrt.dll
 0x07FF75400000  0x35000   6.00.6000.16386  C:\Windows\system32\apphelp.dll

 

Usage Information

Usage: ps [-chlLmMuwW] [process_id]
       ps [-chlLmMuwW] ["name"]

  where
    -c   Show the command line
    -h   Show hidden processes
    -l   Long listing
    -L   Do not show the logo
    -m   Show modules, display the original load base
    -M   Show modules, display the actual memory base
    -u   Show the user name
    -w   Wide command line
    -W   Show the window name

   process_id  Show information for the given process ID number.
   "name"      Show information for the given process name or window name.

Names can be wildcarded, for example ps "explore*"

Kill Utility

Also included is the utility kill. It can terminate a process, change its priority, or change it to run on a single processor.

Compatible Platforms
Windows Server 2008 Yes
Windows Vista Yes
Windows XP Yes
Windows Server 2003 Yes
Windows 2000 Yes
NT 4 Yes
95/98/ME Yes

 

Download

Download ps

See Also

See also ls for Windows and UMove for Active Directory.

Algin Technology LLC
   Home -- Products -- FAQs -- Shop -- Download -- Reseller -- Privacy -- Contact
Copyright © 2008, Algin Technology LLC