Thursday 12 May 2011

Kill tasks in Windows through the command line

I received a frantic phone call from my Dad last night, who lives a few thousand miles away, across a few oceans. "My computer is not working. Something is wrong with my hard disk" - he said. "Fix it!". Although it was  flattering that my dad thinks that I could magically fix a bad hard drive from a few thousand miles away, it didn't sound quite right because he had just recently bought that machine. I will spare you my dear readers, of the painful 10 minutes that I spent talking in a very slow and calm voice to my dad to figure out what was really wrong. Eventually I managed to figure out that he was infected with the "Windows Recovery" virus. (http://www.bleepingcomputer.com/virus-removal/remove-windows-recovery).

Removing this infection is simple enough if you follow the excellent instructions from the bleepingcomputer guide above. However,  what can you do when you don't have physical access to the machine? Luckily the LogmeIn app I had installed sometime back was still running and accessible, so I could access the computer remotely. However, trying to download the rkill application to stop the virus was impossible because it was blocking all DNS requests out of the machine. The task manager was disabled by the virus as well, so pressing Ctrl+Alt+Del didn't work either. Restarting the computer in safe mode would cut off my remote access through LogMeIn. Asking my dad to press even a single key takes more than 5 minutes of explanations and several wrong attempts - so telling him what to do was not an option either.

The Solution:

tasklist


There is a little known command in Windows named tasklist, which does the same thing as the Linux ps command. Running the command on a command prompt will display a list of all running processes along with their PIDs. To kill any process, type tskill followed by the PID. For example, to kill PID 2476, type:

tskill 2476


Pretty simple, but very handy command for those sticky situations!

 

 

 

2 comments:

Dasun said...

Hmm I didn't got a call.. I'm offended . I think... :(

Anonymous said...

Be glad. It was the middle of the bloody night. 3 am, if I recall correctly. :)