Results 1 to 9 of 9

Thread: Windows + Linux-like Processes Behaviour

  1. #1
    mush-mushroom b0redom's Avatar
    Join Date
    Oct 2005
    Location
    Middlesex
    Posts
    3,438
    Thanks
    174
    Thanked
    362 times in 279 posts
    • b0redom's system
      • Motherboard:
      • Some iMac thingy
      • CPU:
      • 3.4Ghz Quad Core i7
      • Memory:
      • 24GB
      • Storage:
      • 3TB Fusion Drive
      • Graphics card(s):
      • nViidia GTX 680MX
      • PSU:
      • Some iMac thingy
      • Case:
      • Late 2012 pointlessly thin iMac enclosure
      • Operating System:
      • OSX 10.8 / Win 7 Pro
      • Monitor(s):
      • Dell 2713H
      • Internet:
      • Be+

    Windows + Linux-like Processes Behaviour

    Not scared off by the title then?

    Ok so, I have a Windows process (A) which forks off a number of other child processes (B,C,D).

    I want to be able to kill off the parent process (from the command line) and also the child processes.

    Is there any nice way of doing this? In a Linux environment I'd simply do:

    kill PID

    and let the OS look after the rest itself. This doesn't seem to work on Windows.

    Cheers...

    Tom

  2. #2
    Senior Member Kezzer's Avatar
    Join Date
    Sep 2003
    Posts
    4,863
    Thanks
    12
    Thanked
    5 times in 5 posts
    Windows doesn't treat processes the same way I thought? There's no process hierarchy in windows, they're all on the same level. Child processes being forked off is just a Linux concept.

    That's if my memory serves me correctly.

  3. #3
    mush-mushroom b0redom's Avatar
    Join Date
    Oct 2005
    Location
    Middlesex
    Posts
    3,438
    Thanks
    174
    Thanked
    362 times in 279 posts
    • b0redom's system
      • Motherboard:
      • Some iMac thingy
      • CPU:
      • 3.4Ghz Quad Core i7
      • Memory:
      • 24GB
      • Storage:
      • 3TB Fusion Drive
      • Graphics card(s):
      • nViidia GTX 680MX
      • PSU:
      • Some iMac thingy
      • Case:
      • Late 2012 pointlessly thin iMac enclosure
      • Operating System:
      • OSX 10.8 / Win 7 Pro
      • Monitor(s):
      • Dell 2713H
      • Internet:
      • Be+
    There is some way of doing it. I've seen a Microsoft visual tool which will allow you to do it. It just doesn't seem possible from the command line.

    Tom

  4. #4
    Theoretical Element Spud1's Avatar
    Join Date
    Jul 2003
    Location
    North West
    Posts
    7,494
    Thanks
    335
    Thanked
    313 times in 249 posts
    • Spud1's system
      • Motherboard:
      • Gigabyte Aorus Master
      • CPU:
      • 9900k
      • Memory:
      • 16GB GSkill Trident Z
      • Storage:
      • Lots.
      • Graphics card(s):
      • RTX3090
      • PSU:
      • 750w
      • Case:
      • BeQuiet Dark Base Pro rev.2
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Asus PG35VQ
      • Internet:
      • 910/100mb Fibre
    do you just want to be able to terminate processes from the command line?

    if so its not that hard, you need tasklist and taskkill

    Code:
    TASKLIST [/S system [/U username [/P [password]]]]
             [/M [module] | /SVC | /V] [/FI filter] [/FO format] [/NH]
    
    Description:
        This tool displays a list of currently running processes on
        either a local or remote machine.
    
    Parameter List:
       /S     system           Specifies the remote system to connect to.
    
       /U     [domain\]user    Specifies the user context under which
                               the command should execute.
    
       /P     [password]       Specifies the password for the given
                               user context. Prompts for input if omitted.
    
       /M     [module]         Lists all tasks currently using the given
                               exe/dll name. If the module name is not
                               specified all loaded modules are displayed.
    
       /SVC                    Displays services hosted in each process.
    
       /V                      Displays verbose task information.
    
       /FI    filter           Displays a set of tasks that match a
                               given criteria specified by the filter.
    
       /FO    format           Specifies the output format.
                               Valid values: "TABLE", "LIST", "CSV".
    
       /NH                     Specifies that the "Column Header" should
                               not be displayed in the output.
                               Valid only for "TABLE" and "CSV" formats.
    
       /?                      Displays this help message.
    
    Filters:
        Filter Name     Valid Operators           Valid Value(s)
        -----------     ---------------           --------------------------
        STATUS          eq, ne                    RUNNING |
                                                  NOT RESPONDING | UNKNOWN
        IMAGENAME       eq, ne                    Image name
        PID             eq, ne, gt, lt, ge, le    PID value
        SESSION         eq, ne, gt, lt, ge, le    Session number
        SESSIONNAME     eq, ne                    Session name
        CPUTIME         eq, ne, gt, lt, ge, le    CPU time in the format
                                                  of hh:mm:ss.
                                                  hh - hours,
                                                  mm - minutes, ss - seconds
        MEMUSAGE        eq, ne, gt, lt, ge, le    Memory usage in KB
        USERNAME        eq, ne                    User name in [domain\]user
                                                  format
        SERVICES        eq, ne                    Service name
        WINDOWTITLE     eq, ne                    Window title
        MODULES         eq, ne                    DLL name
    
    NOTE: "WINDOWTITLE" and "STATUS" filters are not supported when querying
          a remote machine.
    
    Examples:
        TASKLIST
        TASKLIST /M
        TASKLIST /V /FO CSV
        TASKLIST /SVC /FO LIST
        TASKLIST /M wbem*
        TASKLIST /S system /FO LIST
        TASKLIST /S system /U domain\username /FO CSV /NH
        TASKLIST /S system /U username /P password /FO TABLE /NH
        TASKLIST /FI "USERNAME ne NT AUTHORITY\SYSTEM" /FI "STATUS eq running"
    Code:
    TASKKILL [/S system [/U username [/P [password]]]]
             { [/FI filter] [/PID processid | /IM imagename] } [/T] [/F]
    
    Description:
        This tool is used to terminate tasks by process id (PID) or image name.
    
    Parameter List:
        /S    system           Specifies the remote system to connect to.
    
        /U    [domain\]user    Specifies the user context under which the
                               command should execute.
    
        /P    [password]       Specifies the password for the given user
                               context. Prompts for input if omitted.
    
        /FI   filter           Applies a filter to select a set of tasks.
                               Allows "*" to be used. ex. imagename eq acme*
    
        /PID  processid        Specifies the PID of the process to be terminated.
                               Use TaskList to get the PID.
    
        /IM   imagename        Specifies the image name of the process
                               to be terminated. Wildcard '*' can be used
                               to specify all tasks or image names.
    
        /T                     Terminates the specified process and any
                               child processes which were started by it.
    
        /F                     Specifies to forcefully terminate the process(es).
    
        /?                     Displays this help message.
    
    Filters:
        Filter Name   Valid Operators           Valid Value(s)
        -----------   ---------------           -------------------------
        STATUS        eq, ne                    RUNNING |
                                                NOT RESPONDING | UNKNOWN
        IMAGENAME     eq, ne                    Image name
        PID           eq, ne, gt, lt, ge, le    PID value
        SESSION       eq, ne, gt, lt, ge, le    Session number.
        CPUTIME       eq, ne, gt, lt, ge, le    CPU time in the format
                                                of hh:mm:ss.
                                                hh - hours,
                                                mm - minutes, ss - seconds
        MEMUSAGE      eq, ne, gt, lt, ge, le    Memory usage in KB
        USERNAME      eq, ne                    User name in [domain\]user
                                                format
        MODULES       eq, ne                    DLL name
        SERVICES      eq, ne                    Service name
        WINDOWTITLE   eq, ne                    Window title
    
        NOTE
        ----
        1) Wildcard '*' for /IM switch is accepted only when a filter is applied.
        2) Termination of remote processes will always be done forcefully (/F).
        3) "WINDOWTITLE" and "STATUS" filters are not considered when a remote
           machine is specified.
    
    Examples:
        TASKKILL /IM notepad.exe
        TASKKILL /PID 1230 /PID 1241 /PID 1253 /T
        TASKKILL /F /IM cmd.exe /T
        TASKKILL /F /FI "PID ge 1000" /FI "WINDOWTITLE ne untitle*"
        TASKKILL /F /FI "USERNAME eq NT AUTHORITY\SYSTEM" /IM notepad.exe
        TASKKILL /S system /U domain\username /FI "USERNAME ne NT*" /IM *
        TASKKILL /S system /U username /P password /FI "IMAGENAME eq note*"
    hope that helps, they seem to work in a similar way to ps and kill

  5. #5
    Seething Cauldron of Hatred TheAnimus's Avatar
    Join Date
    Aug 2005
    Posts
    17,164
    Thanks
    803
    Thanked
    2,152 times in 1,408 posts
    /T is the important thing to note.

    Windows has the idea of proccess trees, using T will kill that proccess, and everyone benieth.
    throw new ArgumentException (String, String, Exception)

  6. #6
    mush-mushroom b0redom's Avatar
    Join Date
    Oct 2005
    Location
    Middlesex
    Posts
    3,438
    Thanks
    174
    Thanked
    362 times in 279 posts
    • b0redom's system
      • Motherboard:
      • Some iMac thingy
      • CPU:
      • 3.4Ghz Quad Core i7
      • Memory:
      • 24GB
      • Storage:
      • 3TB Fusion Drive
      • Graphics card(s):
      • nViidia GTX 680MX
      • PSU:
      • Some iMac thingy
      • Case:
      • Late 2012 pointlessly thin iMac enclosure
      • Operating System:
      • OSX 10.8 / Win 7 Pro
      • Monitor(s):
      • Dell 2713H
      • Internet:
      • Be+
    Thanks for all the help so far.

    I've just been told, however, that I need to make this work under NT4. Is this even possible? I've got a copy of the pstools kit:

    http://www.microsoft.com/technet/sys...s/pstools.mspx

    doesn't seem to like displaying subprocesses in tree view at all on NT 4.

    I know it's a big ask, but anyone have any ideas?

    Cheers....

    Tom (currently working with the most cutting edge OSes!)

  7. #7
    Vampire
    Join Date
    Jul 2003
    Location
    London
    Posts
    1,705
    Thanks
    2
    Thanked
    11 times in 11 posts
    MS process explorer displays the parent processes with subprocesses from that one. It allows you to kill parent+child processes or individual child processes.

    It also gives a lot of other useful information which I needed to track down some dodgy processes on my laptop which used 100% cpu whenever it decided to start up and then I couldnt kill the process and it would just jam up the next program I started with the same behaviour. This was finally tracked down to one of the Creative processes which was associated with the built in Audify sound card.

  8. #8
    bored out of my tiny mind malfunction's Avatar
    Join Date
    Jul 2003
    Location
    Lurking
    Posts
    3,923
    Thanks
    191
    Thanked
    187 times in 163 posts
    • malfunction's system
      • Motherboard:
      • Gigabyte G1.Sniper (with daft heatsinks and annoying Killer NIC)
      • CPU:
      • Xeon X5670 (6 core LGA 1366) @ 4.4GHz
      • Memory:
      • 48GB DDR3 1600 (6 * 8GB)
      • Storage:
      • 1TB 840 Evo + 1TB 850 Evo
      • Graphics card(s):
      • 290X
      • PSU:
      • Antec True Power New 750W
      • Case:
      • Cooltek W2
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Dell U2715H
    Anything you can get using WMI? / WQL?

  9. #9
    mush-mushroom b0redom's Avatar
    Join Date
    Oct 2005
    Location
    Middlesex
    Posts
    3,438
    Thanks
    174
    Thanked
    362 times in 279 posts
    • b0redom's system
      • Motherboard:
      • Some iMac thingy
      • CPU:
      • 3.4Ghz Quad Core i7
      • Memory:
      • 24GB
      • Storage:
      • 3TB Fusion Drive
      • Graphics card(s):
      • nViidia GTX 680MX
      • PSU:
      • Some iMac thingy
      • Case:
      • Late 2012 pointlessly thin iMac enclosure
      • Operating System:
      • OSX 10.8 / Win 7 Pro
      • Monitor(s):
      • Dell 2713H
      • Internet:
      • Be+
    Hi Sinizter,
    Looks like MS Process explorer isn't command line driven. Basically the requirement is to do this from a script if it's possible. Thanks anyway :-)

    Malfunction - looks a bit complicated, but it's a definite possibility!

    Cheers...

    Tom

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Windows - boot process & simple troubleshooting
    By Paul Adams in forum Software
    Replies: 30
    Last Post: 17-11-2010, 04:38 AM
  2. Replies: 5
    Last Post: 28-10-2004, 06:32 PM
  3. Windows Installation Fatal Error
    By Weng in forum Software
    Replies: 23
    Last Post: 16-10-2004, 02:57 PM
  4. Problems all round... what to do with windows??
    By MurphmanL in forum Software
    Replies: 7
    Last Post: 08-02-2004, 08:20 PM
  5. Replies: 21
    Last Post: 24-09-2003, 11:26 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •