Commands tagged windows (82)

  • Taskkill: As the name of the utility ?taskkill? suggests that it is simply used to see the running processes and to kill one or more processes either by using its PID i.e. ProcessID or by using its Image name i.e. by which it is present in system and being executed. We can also filter the results on the basis of user name, PID, image name, CPU time, memory usage etc at the time of killing or terminating a process. Syntax: taskkill [/s [/u [\] [/p []]]] {[/fi ] [...] [/pid /im ]} [/f] [/t] Parameters description: /s :- To provide IP specification or name of the remote computer; if not provided local computer is considered. Do not use backslashes in the value of the parameter. /u \ :- To provide UserName or Domain\UserName under whose permission command should execute. If not provided then command run under the permission of person who is logged on. Option /u can be used only if /s is specified. /p :- For the password of that user account which is provided with /u parameter. Password is prompted in case this field is omitted. /fi :- To apply filter to select a set of tasks. Wildcard character (*) can be used for specifying all tasks or image names. Filter names are provided after parameter description. /pid >ProcessID> :- For specifying PID of the process to be killed. /im :- For providing image name of the process to be terminated. Also Wildcard character (*) can be used to specify all image names. /t :- To terminate the whole tree of the process including all child processes started by it. /f :- For forceful termination of process. It is not omitted in case of remote process as they are terminated forcefully in default. Filters description: Filters are provided to filter the result. This filtering is based on some Filter names which are checked with some relational operators. You will observe that the filter names are the column names which comes in task manager. Filter Name Valid Operators Valid Values STATUS eq,ne RUNNINGNOT RESPONDINGUNKNOWN IMAGENAME eq, ne Name of image PID eq, ne, gt, lt, ge, le ProcessID number SESSION eq, ne, gt, lt, ge, le Session number CPUTIME eq, ne, gt, lt, ge, le CPU time in the format HH:MM:SS, where MM and SS are between 0 and 59 and HH is any unsigned number MEMUSAGE eq, ne, gt, lt, ge, le Memory usage(in KB) USERNAME eq, ne Any valid user name (User or Domain\User) SERVICES eq, ne Service name WINDOWTITLE eq, ne Window title MODULES eq, ne DLL name where eq, ne, gt, lt, ge & le are meant for equal to, not equal to, greater than, less than, greater than equal to and less than equal to respectively. Points to be noted: In case of remote process WINDOWTITLE and STATUS filters are not supported. Wildcard (*) character is accepted for /im option only when filter is applied. Not necessary that /f is specified in case of remote process termination as in default that is terminated forcefully. Don?t specify computer name to HOSTNAME filter as it will result in a shutdown and all processes are stopped. For specifying ProcessID (PID) tasklist command can be used. Examples: To terminate a process with PID 3276 use parameter /pid. ?taskkill /pid 3276 To terminate more than one process with pid as 2001, 2224, 4083. ?taskkill /pid 2001 /pid 2224 /pid 4083 To terminate a process with its image name like wmplayer.exe for Windows Media Player use /im parameter. ?taskkill /im wmplayer.exe To terminate a process and all its child process i.e. to end process tree in task manager use /t parameter. ?taskkill /f /im explorer.exe /t To terminate all those processes which have PID greater than or equal to 1500 without considering their image names use filter ge with wildcard character. ?taskkill /f /fi ?PID ge 1500? /im * To terminate the process tree with PID 2521 which is started by account name admin. ?taskkill /pid 2521 /t /fi ?USERNAME eq admin? To terminate all process beginning with note on a remote system named serverpc under user name ?administrator? having its password as [email protected]()r3?. ?taskkill /s serverpc /u administrator /p [email protected]()r3 /fi ?IMAGENAME eq note*? /im * To terminate a process with its windows title as ?paint? ?taskkill /f /fi ?WINDOWTITLE eq paint? Source: http://unlock-windows.blogspot.com/2008/12/taskkill-command-line-utility.html Show Sample Output


    -3
    Taskkill /?
    StephenJudge · 2011-10-01 17:47:11 0

  • -4
    for /F %G in ('dir /b c:\Windows\system32\notepad.exe') do ( echo %G )
    eneko · 2010-06-11 21:28:36 1
  • Aside from curl one will need iconv windows binary since windows lacks a native utf-8 cli interface. In my case I need a proxy in China and iconv to convert gbk status string into utf-8. GnuWin32 is a good choice with loads of coreutils natively ported to Windows "FOR /f" is the solution to pass iconv output to curl.


    -5
    FOR /f %%g in ('echo %1 ^| iconv -f gbk -t utf-8') DO curl -x proxy:port -u user:pass -d status=%%g -d source="cURL" http://twitter.com/statuses/update.xml
    MeaCulpa · 2010-07-21 04:53:54 0
  • The taskkill command has the option of the curve, for a complete list just type: taskkill /? As we know, but to give a practical example, suppose you want to act only on the user's processes Cicciopalla use this command


    -5
    taskkill /F /FI "USERNAME eq Cicciopalla"
    0disse0 · 2012-02-05 12:00:52 0
  • Useful for if you want to create a log file every now and again or wish to record file names with date and time. You can't use the / for file names. so this replaces the / with a - Windows only Show Sample Output


    -8
    echo tmp%date:~4,2%-%date:~7,2%-%date:~10,4%_%time%
    Agnostos · 2010-05-25 03:34:12 0
  • To disable the requirement for the sender to be authenticated: Set-DistributionGroup -Identity Name-of-Dist-Group -RequireSenderAuthenticationEnabled $false To disable the group: disable-DistributionGroup Name-of-Dist-Group


    -8
    Enable-DistributionGroup Name-of-Dist-Group
    shawn_abdushakur · 2014-01-07 18:49:07 0
  • documents all active ips on a subnet and saves to txt file. Show Sample Output


    -9
    FOR /L %i IN (1,1,254) DO ping -n 1 10.254.254.%i | FIND /i "Reply">> c:\ipaddresses.txt
    barrytrujillo · 2010-06-29 21:02:21 0
  • ‹ First  < 2 3 4

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

List files accessed by a command
Can be run as a script `ftrace` if my_command is substrituted with "[email protected]" It is useful when running a command that fails and you have the feeling it is accessing a file you are not aware of.

Download all mp3's listed in an html page

Search for a string inside all files in the current directory
ack seeks for , list all found files and display everything in nice colors. Look for it in http://betterthangrep.com/

Get AWS temporary credentials ready to export based on a MFA virtual appliance
You might want to secure your AWS operations requiring to use a MFA token. But then to use API or tools, you need to pass credentials generated with a MFA token. This commands asks you for the MFA code and retrieves these credentials using AWS Cli. To print the exports, you can use: `awk '{ print "export AWS_ACCESS_KEY_ID=\"" $1 "\"\n" "export AWS_SECRET_ACCESS_KEY=\"" $2 "\"\n" "export AWS_SESSION_TOKEN=\"" $3 "\"" }'` You must adapt the command line to include: * $MFA_IDis ARN of the virtual MFA or serial number of the physical one * TTL for the credentials

find out which directories in /home have the most files currently open

Create a quick back-up copy of a file
Uses shell expansion to create a back-up called file.txt.bak

Create a thumbnail from a video file

Perl Command Line Interpreter
Read, Evaluate, Print, Loop - REPL

Check reverse DNS
I'm just a simple programmer. I find dig too verbose. host tells me alias(es) and IP address in a quick to grok format with nothing special to remember for input parameters. With thanks to http://www.cyberciti.biz/faq/how-to-test-or-check-reverse-dns/

"hidden" remote shell
opens a "hidden" remote shell (login will not appear in "last" for example). This is not really hidden, because the login will be shown in auth.log and the process is visible anyways. ssh -T = Disable pseudo-tty allocation. bash -i = interactive shell


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: