NT/2000 Process Control
We’re going to briefly look at four different ways to deal with process control on NT/2000 because each of these approaches opens up a door to interesting functionality outside the scope of our discussion. We’re primarily going to concentrate on two tasks: finding all of the running processes and killing select processes.
Using the Microsoft Resource Kit Binaries
As we’ve mentioned in Chapter 3, the NT Resource Kit is a wonderful source of scripts and information. The two programs we are going to use from the resource kit are pulist.exe and kill.exe. The former lists processes, the second nukes them. There is another utility in the resource kit similar to pulist.exe called tlist.exe that can list processes in a pleasant tree format, but it but lacks some features of pulist.exe. For instance, pulist.exe can list processes on other machines besides the current one.
Here’s an excerpt from some pulist output:
Process PID User TAPISRV.EXE 119 NT AUTHORITY\SYSTEM TpChrSrv.exe 125 NT AUTHORITY\SYSTEM RASMAN.EXE 131 NT AUTHORITY\SYSTEM mstask.exe 137 NT AUTHORITY\SYSTEM mxserver.exe 147 NT AUTHORITY\SYSTEM PSTORES.EXE 154 NT AUTHORITY\SYSTEM NDDEAGNT.EXE 46 OMPHALOSKEPSIS\Administrator explorer.exe 179 OMPHALOSKEPSIS\Administrator SYSTRAY.EXE 74 OMPHALOSKEPSIS\Administrator cardview.exe 184 OMPHALOSKEPSIS\Administrator ltmsg.exe 167 OMPHALOSKEPSIS\Administrator daemon.exe 185 OMPHALOSKEPSIS\Administrator
Using pulist.exe from Perl is trivial. Here’s one way to do ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access