Wednesday, April 16, 2014

Kill Processes using Command Prompt in windows machine

Kill Processes using Command Prompt in windows machineSometimes virus issue in system creates many problem and even it won’t allow you to boot the system in safe mode or else to run any of the antivirus.
I found one work around to delete the tasks running. Which is a bit tricky to do using command prompt.
Here what I did. Opened command prompt (press Windows button + R)
1 – Disconnect from Internet if the system is connected over LAN or WIFI
2 – Type cmd then Enter.
3 – Type tasklist and press enter in the command prompt dialog box

(It will give you the all running processes list)
4 – Figure out the process name of that virus running, yes its a bit difficult to figure out still you can leave the default processes those normally runs on machine and to know detail about the process,
Click the link

5 – Once you find out the culprit. I mean the virus process name
Type in the command prompt taslkill /IM processname /F
i.e. taskkill /IM nvuvdie.exe /F

We can end task the process by using the PID also
i.e. taskkill /PID 2456 /F

To delete simultaneously more processes using PID
i.e. taskkill /PID 2456 4344 5456 /F
6 – Once you end task the running virus processes. Now there is a chance we can run any tool to clean the virus entries from the system else will have to do manually.
7 – To clean the virus entries manually. Go to run and type msconfig, then go to (startup tab) remove all the unwanted entries from there and also the entries in regedit and location in physical drive like in c:\program files or inside windows folder.
8 – Delete all the entries of virus from regedit and remove entries from msconfig startup tab and delete the installation folder.

9 – Now you are safe and hopefully we have deleted the all entries of virus and corresponding exe there in the machine.
10 – Download the free antimalware to do a full scan

How to enable Remote Desktop Remotely ?

Enabling Remote Desktop Remotely
It's strange but I can show you the exact path to do it. Here it goes so how do you enable remote desktop when you do not have physical access to the computer. It is all to do with the registry!
1. Open command prompt and type regedit
2. Click on file - connect to Network Registry - type the network computer name for which you want to enable remote desktop.
3. After its connected
4. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server for the registry settings for the remote computer (take care not to select your own desktop)
5. Double-click fDenyTSConnections.
6. Change the value of this setting to 0 to enable Remote Desktop or 1 to disable it, and click OK.
7. Disconnect the remote computer from the registry editor using File, Disconnect Network Registry
8. Finally, open command prompt, type mstsc when RDP dialog box open type the user name and password to go in to it. That's it