Windows API Reference

Process Management

The Windows API provides a comprehensive set of functions for managing processes, which are instances of running programs. This section covers key APIs related to process creation, termination, information retrieval, and manipulation.

CreateProcess
Creates a new process and its primary thread. The new process runs in the same address space of the calling process or in a separate address space.
Syntax 
BOOL CreateProcess(
  LPCSTR                lpApplicationName,
  LPSTR                 lpCommandLine,
  LPSECURITY_ATTRIBUTES lpProcessAttributes,
  LPSECURITY_ATTRIBUTES lpThreadAttributes,
  BOOL                  bInheritHandles,
  DWORD                 dwCreationFlags,
  LPVOID                lpEnvironment,
  LPCSTR                lpCurrentDirectory,
  LPSTARTUPINFOA        lpStartupInfo,
  LPPROCESS_INFORMATION lpProcessInformation
);
Parameters
  • lpApplicationName: The name of the module to be executed.
  • lpCommandLine: The command line for the application.
  • lpProcessAttributes: Security attributes for the process.
  • lpThreadAttributes: Security attributes for the thread.
  • bInheritHandles: Whether to inherit handles.
  • dwCreationFlags: Flags that control the creation of the process.
  • lpEnvironment: Environment block for the new process.
  • lpCurrentDirectory: Current directory for the new process.
  • lpStartupInfo: Startup information.
  • lpProcessInformation: Receives information about the new process.
Return Value TRUE if the function succeeds, FALSE otherwise.
TerminateProcess
Terminates the specified process and any threads that are running in it.
Syntax 
BOOL TerminateProcess(
  HANDLE hProcess,
  UINT   uExitCode
);
Parameters
  • hProcess: A handle to the process to be terminated.
  • uExitCode: The exit code for the process.
Return Value TRUE if the function succeeds, FALSE otherwise.
GetProcessId
Retrieves the identifier of the process associated with the specified handle.
Syntax 
DWORD GetProcessId(
  HANDLE ProcessHandle
);
Parameters
  • ProcessHandle: A handle to the process.
Return Value The process identifier. If the function fails, the return value is zero.
EnumProcesses
Retrieves the process identifiers for each process running on the local computer.
Syntax 
BOOL EnumProcesses(
  DWORD   *lpidProcess,
  DWORD   cb,
  LPDWORD lpcbNeeded
);
Parameters
  • lpidProcess: An array that receives the list of process identifiers.
  • cb: The size of the array pointed to by lpidProcess, in bytes.
  • lpcbNeeded: A pointer to a variable that receives the number of bytes needed to return a complete list of process identifiers.
Return Value TRUE if the function succeeds, FALSE otherwise.