Although not frequently used, it is possible to clone an NTFS partition to an image file and, where necessary, restore the image to another partition. This command is useful, for example, if we want to keep a backup copy of our Windows installation, or in a corporate environment to install or repair a Windows of one or more computers. For the command syntax is refer to the documentation (man ntfsclone)

With this command you can create an empty NTFS partition. The command is useful if, for example, we want to format a previous installation of Windows and reinstall before you want to restore some files on the partition.

Taskkill: As the name of the utility ?taskkill? suggests that it is simply used to see the running processes and to kill one or more processes either by using its PID i.e. ProcessID or by using its Image name i.e. by which it is present in system and being executed. We can also filter the results on the basis of user name, PID, image name, CPU time, memory usage etc at the time of killing or terminating a process. Syntax: taskkill [/s [/u [\] [/p []]]] {[/fi ] [...] [/pid /im ]} [/f] [/t] Parameters description: /s :- To provide IP specification or name of the remote computer; if not provided local computer is considered. Do not use backslashes in the value of the parameter. /u \ :- To provide UserName or Domain\UserName under whose permission command should execute. If not provided then command run under the permission of person who is logged on. Option /u can be used only if /s is specified. /p :- For the password of that user account which is provided with /u parameter. Password is prompted in case this field is omitted. /fi :- To apply filter to select a set of tasks. Wildcard character (*) can be used for specifying all tasks or image names. Filter names are provided after parameter description. /pid >ProcessID> :- For specifying PID of the process to be killed. /im :- For providing image name of the process to be terminated. Also Wildcard character (*) can be used to specify all image names. /t :- To terminate the whole tree of the process including all child processes started by it. /f :- For forceful termination of process. It is not omitted in case of remote process as they are terminated forcefully in default. Filters description: Filters are provided to filter the result. This filtering is based on some Filter names which are checked with some relational operators. You will observe that the filter names are the column names which comes in task manager. Filter Name Valid Operators Valid Values STATUS eq,ne RUNNINGNOT RESPONDINGUNKNOWN IMAGENAME eq, ne Name of image PID eq, ne, gt, lt, ge, le ProcessID number SESSION eq, ne, gt, lt, ge, le Session number CPUTIME eq, ne, gt, lt, ge, le CPU time in the format HH:MM:SS, where MM and SS are between 0 and 59 and HH is any unsigned number MEMUSAGE eq, ne, gt, lt, ge, le Memory usage(in KB) USERNAME eq, ne Any valid user name (User or Domain\User) SERVICES eq, ne Service name WINDOWTITLE eq, ne Window title MODULES eq, ne DLL name where eq, ne, gt, lt, ge & le are meant for equal to, not equal to, greater than, less than, greater than equal to and less than equal to respectively. Points to be noted: In case of remote process WINDOWTITLE and STATUS filters are not supported. Wildcard (*) character is accepted for /im option only when filter is applied. Not necessary that /f is specified in case of remote process termination as in default that is terminated forcefully. Don?t specify computer name to HOSTNAME filter as it will result in a shutdown and all processes are stopped. For specifying ProcessID (PID) tasklist command can be used. Examples: To terminate a process with PID 3276 use parameter /pid. ?taskkill /pid 3276 To terminate more than one process with pid as 2001, 2224, 4083. ?taskkill /pid 2001 /pid 2224 /pid 4083 To terminate a process with its image name like wmplayer.exe for Windows Media Player use /im parameter. ?taskkill /im wmplayer.exe To terminate a process and all its child process i.e. to end process tree in task manager use /t parameter. ?taskkill /f /im explorer.exe /t To terminate all those processes which have PID greater than or equal to 1500 without considering their image names use filter ge with wildcard character. ?taskkill /f /fi ?PID ge 1500? /im * To terminate the process tree with PID 2521 which is started by account name admin. ?taskkill /pid 2521 /t /fi ?USERNAME eq admin? To terminate all process beginning with note on a remote system named serverpc under user name ?administrator? having its password as ?qu@dc()r3?. ?taskkill /s serverpc /u administrator /p qu@dc()r3 /fi ?IMAGENAME eq note*? /im * To terminate a process with its windows title as ?paint? ?taskkill /f /fi ?WINDOWTITLE eq paint? Source: http://unlock-windows.blogspot.com/2008/12/taskkill-command-line-utility.html Show Sample Output

Aside from curl one will need iconv windows binary since windows lacks a native utf-8 cli interface. In my case I need a proxy in China and iconv to convert gbk status string into utf-8. GnuWin32 is a good choice with loads of coreutils natively ported to Windows "FOR /f" is the solution to pass iconv output to curl.

The taskkill command has the option of the curve, for a complete list just type: taskkill /? As we know, but to give a practical example, suppose you want to act only on the user's processes Cicciopalla use this command

Useful for if you want to create a log file every now and again or wish to record file names with date and time. You can't use the / for file names. so this replaces the / with a - Windows only Show Sample Output

To disable the requirement for the sender to be authenticated: Set-DistributionGroup -Identity Name-of-Dist-Group -RequireSenderAuthenticationEnabled $false To disable the group: disable-DistributionGroup Name-of-Dist-Group

documents all active ips on a subnet and saves to txt file. Show Sample Output