11 replies to this topic

[Eldmannen]

Text output of running processes
If you open up the "Command Prompt" and type "tasklist" then it lists tasks on the system.

C:\>tasklist

Image Name				   PID Session Name	 Session#	Mem Usage
========================= ====== ================ ======== ============
System Idle Process			0 Console				 0		 16 K
System						 4 Console				 0		224 K
SMSS.EXE					 388 Console				 0		372 K
CSRSS.EXE					460 Console				 0	  2 828 K
WINLOGON.EXE				 580 Console				 0	  6 448 K
SERVICES.EXE				 632 Console				 0	  4 168 K
LSASS.EXE					644 Console				 0	  1 256 K
SVCHOST.EXE				  824 Console				 0	  4 456 K
SVCHOST.EXE				  892 Console				 0	  3 824 K
SVCHOST.EXE				  964 Console				 0	 18 512 K
SVCHOST.EXE				 1128 Console				 0	  3 104 K
EXPLORER.EXE				1168 Console				 0	  9 268 K
SVCHOST.EXE				  776 Console				 0	  4 024 K
cmd.exe					 1404 Console				 0	  2 460 K
tasklist.exe				 988 Console				 0	  3 968 K
wmiprvse.exe				 560 Console				 0	  5 376 K

Kinda like the Windows Task Manager, but from the console with data that can you copy and paste, write on forums, etc.

I wonder why the Windows Task Manager doesn't have any "Export to data to text file" option.

More detailed information in Windows Task Manager
Open the Windows Task Manager, select the "Processes" tab, select the "View" menu, then choose "Select Columns...", from here you can choose to enable more columns that present more data about the processes that are running on your operating system.

Which process runs what services?
Open "Command Prompt", type "tasklist /SVC".

C:\>tasklist /SVC

Image Name				   PID Services
========================= ====== =============================================
System Idle Process			0 N/A
System						 4 N/A
SMSS.EXE					 388 N/A
CSRSS.EXE					460 N/A
WINLOGON.EXE				 580 N/A
SERVICES.EXE				 632 Eventlog, PlugPlay
LSASS.EXE					644 ProtectedStorage, SamSs
SVCHOST.EXE				  824 DcomLaunch, TermService
SVCHOST.EXE				  892 RpcSs
SVCHOST.EXE				  964 AudioSrv, CryptSvc, Dhcp, dmserver,
								 EventSystem, Netman, Nla, RasMan, Schedule,
								 seclogon, SENS, SharedAccess,
								 ShellHWDetection, srservice, TapiSrv,
								 winmgmt, wscsvc, wuauserv
SVCHOST.EXE				 1128 Dnscache
EXPLORER.EXE				1168 N/A
FIREFOX.EXE				 1108 N/A
SVCHOST.EXE				  776 stisvc
cmd.exe					  952 N/A
tasklist.exe				 816 N/A
wmiprvse.exe				1340 N/A

[Andavari]

This may be helpful for people who maintain a collection of HOSTS files.

I use three rather large hosts files; my homemade hosts file, hpHOSTS, and MVPS and to combine all of them, and install them, and reboot Windows (although I use my own written restart program), I do this via a command prompt:
This is just how to combine them:
copy "my hosts file.txt"+"hpHOSTS file.txt"+"MVPS hosts file.txt" "HOSTS"

This of course works with other files as well, e.g.;
copy "text file a.txt"+"text file b.txt" "text file.txt"

I believe it also works on mp3's according to some old audio forum discussion from years ago, but immediately afterwords you'd have to rebuild the mp3 header information in something like foobar2000 or vbrfix.

[zaphirer]

The second one, tasklist /svc is my favorite

[hazelnut]

Tasklist.exe is installed by default in windows xp pro, not the home edition.
XP home edition users can download it here.
http://www.computerh...nload/winxp.htm 2nd one down.

Place in your window/system32 folder, do a comand prompt (cmd.exe) and type in
tasklist /m > tasklist.rtf ( note the spaces) and press enter, and an .rtf list of .dlls on your computer will be generated in documents and settings /username. Here is some of my list. This function could be useful for spotting ones that have been put there by nasties.



svchost.exe 1188 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, ShimEng.dll, AcGenral.DLL,
USER32.dll, GDI32.dll, WINMM.dll, ole32.dll,
msvcrt.dll, OLEAUT32.dll, MSACM32.dll,
VERSION.dll, SHELL32.dll, SHLWAPI.dll,
USERENV.dll, UxTheme.dll, IMM32.DLL,
LPK.DLL, USP10.dll, comctl32.dll,
comctl32.dll, NTMARTA.DLL, WLDAP32.dll,
SAMLIB.dll, rpcss.dll, Secur32.dll,
WS2_32.dll, WS2HELP.dll, xpsp2res.dll,
termsrv.dll, ICAAPI.dll, SETUPAPI.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
IMAGEHLP.dll, AUTHZ.dll, mstlsapi.dll,
ACTIVEDS.dll, adsldpc.dll, NETAPI32.dll,
ATL.DLL, REGAPI.dll, rsaenh.dll,
CLBCATQ.DLL, COMRes.dll, Apphelp.dll,
WTSAPI32.dll, WINSTA.dll, msv1_0.dll,
iphlpapi.dll
svchost.exe 1484 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, ShimEng.dll, AcGenral.DLL,
USER32.dll, GDI32.dll, WINMM.dll, ole32.dll,
msvcrt.dll, OLEAUT32.dll, MSACM32.dll,
VERSION.dll, SHELL32.dll, SHLWAPI.dll,
USERENV.dll, UxTheme.dll, IMM32.DLL,
LPK.DLL, USP10.dll, comctl32.dll,
comctl32.dll, rpcss.dll, Secur32.dll,
WS2_32.dll, WS2HELP.dll, xpsp2res.dll,
rsaenh.dll, mswsock.dll, VetRedir.dll,
hnetcfg.dll, ISafeIf.dll, wshtcpip.dll,
DNSAPI.dll, iphlpapi.dll, winrnr.dll,
WLDAP32.dll, wshbth.dll, SETUPAPI.dll,
rasadhlp.dll, CLBCATQ.DLL, COMRes.dll

[JohnDemolition]

the second thing tip: you need to select the Processes tab in order to do that.

[Humpty]

Ever changed your AV or uninstalled some other security app.

More than likely they have left behind ghost drivers that can't be seen even with show hidden devices ticked.

Still had Vet,ZAP,Nod32 and a few other ghost drivers here.

Some greyed out ones are MS default and won't be deleted.

Two types of devices are hidden in Device Manager: non-plug and play devices and ghosted devices (nonpresent).

Right click My Computer and click Properties.

From the Hardware tab, click Device Manager. Select Show Hidden Devices from the View menu.

Forcing Device Manager to show ghosted devices requires a little more work.

Right click My Computer and click Properties. From the Advanced tab, click Environment Variables. Under System Variables, click the New button.

Type "devmgr_show_nonpresent_devices" - no quotes - for the Variable Name. Under Variable Value, type “1” and click OK. Click OK twice more to apply your changes and exit the System Properties dialog box.

Now open Device Manager again and from the View menu, click Show Hidden Devices.

Right click any belonging to any apps that you know you have got rid of and uninstall.

[hazelnut]

Two little tips I use are,
1. If I am posting in a thread and I need to look back at another ccleaner page for info, I press Ctrl + N this brings up another ccleaner page where I can look back without losing my post on the original one ( applies to all web pages)

2. When surfing and I find a page I want to save to favourites, I just click, hold and drag the little blue icon in front of the address in the address bar, and drop it in favourites just above to the right.
I use Internet Explorer.

[Humpty]

hazelnut, on Aug 12 2006, 06:06 PM, said:

Two little tips I use are,
1. If I am posting in a thread and I need to look back at another ccleaner page for info, I press Ctrl + N this brings up another ccleaner page where I can look back without losing my post on the original one ( applies to all web pages)

With FF you can also middle click Ccleaners tab which will put two Ccleaner page tabs side by side making it easy to navigate between the two.

If you want to search for a word or phrase from a site instead of copy and paste you can left click to highlight then right click and "search google for".

I use that quite often in help forums for error messages or codes.

I think the extension "tab mix plus" adds 10 or so search engines to the left click highlight, right click search function.

[lokoike]

lokoike Tip #1:

Never pet a burning dog.

[Andavari]

hazelnut, on Aug 12 2006, 01:06 PM, said:

2. When surfing and I find a page I want to save to favourites, I just click, hold and drag the little blue icon in front of the address in the address bar, and drop it in favourites just above to the right.
I use Internet Explorer.

I didn't know that! Hey it works in Firefox too.

[JohnDemolition]

works in Opera as well. but i don't use the bookmarks toolbar so...

[burtman]

lokoike, on Aug 13 2006, 06:05 AM, said:

lokoike Tip #1:

Never pet a burning dog.

Or, ...

Never Burn a Pet Dog