I'm trying to find out how to do this, I'm currently using CreateToolHelp32SnapShot to get a list of the running processes and I've got the FilePaths of the executables which are currently running, but I need to be able to find out what command line options were used to start the process.
I know its possible since you can see it on Process Explorer, I tried finding the source code of the old Process Explorer but had no luck :(
check if NtQueryInformationProcess and ReadProcessMemory win API calls will do what you need. There is no simple example for that so check the source code here: Get Process Info with NtQueryInformationProcess
another way for getting this data is throgh WMI, smth like this:
SELECT CommandLine FROM Win32_Process WHERE ProcessId = ???
more info here: Win32_Process Class