Cainiao must learn Tasklist command

Source: Internet
Author: User

 
In Windows XP, press Ctrl + Alt + Del to go to Windows Task Manager. On the process tab, you can view the complete process list of the local machine, in addition, you can manually customize the process list to obtain more process information, such as the session ID and user name. Unfortunately, we cannot see which system services these processes provide. In fact, the new command line tool named tasklist.exe in Windows XP can implement the above functions.
The Tasklist command is used to display all processes running on a local or remote computer with multiple execution parameters. Format:

Tasklist [/S system [/U username [/P [password] [/M [module] |/SVC |/V] [/FI filter [/FO format] [/NH]

Parameter description:

/S ystem specifies the remote system to connect.
/U [omain] user specifies which user to use to execute this command.
/P [password] specifies the password for the specified user.
/M [module] lists all processes that call the specified DLL module. If no module name is specified, all modules loaded by each process are displayed.
/SVC displays the services in each process.
/V displays details.
/FI filter displays a series of processes that match the filter.
/FO format specifies the output format. Valid values: TABLE, LIST, and CSV.
/NH specifies that the output does not display the topic title. Valid only for TABLE and CSV formats.

Next, let's take a look at the application instance of the Tasklist command.

1. View local processes

Enter the Tasklist command in the "command prompt" to display all processes on the local machine (figure 1 ). The display result of the local machine is composed of five parts: image name (process name), PID, session name, session # And memory usage.



Figure 1
 
2. view the process of the remote system

Enter "Tasklist/s 218.22.123.26/u jtdd/p 12345678" (excluding quotation marks) at the command prompt to view the process of the remote system with the IP address 218.22.123.26 (figure 2 ). "218.22.123.26" after the/s parameter indicates the IP address of the remote system to be viewed, and "jtdd" after the/u indicates the user account used by the Tasklist command, it must be a valid account on the remote system, and "12345678" after/p indicates the password of the jtdd account.

Figure 2
Note: When you use the Tasklist command to view the processes in the remote system, you must support the remote machine's RPC service. Otherwise, the command cannot be used normally.


3. view the services provided by System Processes

The Tasklist command can not only view system processes, but also view the services provided by each process. For example, to view the services provided by the local process SVCHOST. EXE, enter the "Tasklist/svc" command at the command prompt (Figure 3 ). You will be surprised to find that there are four SVCHOST. EXE processes, and a total of more than 20 services use this process.

Figure 3

For remote systems, it is also very easy to view system services. Use the "Tasklist/s 218.22.123.26/u jtdd/p 12345678/svc" command, you can view the services provided by remote system processes whose IP address is 218.22.123.26.

4. view the process list of calling the DLL module File

To view which processes in the Local System Call the shell32.dll module File, you only need to enter "Tasklist/m shell32.dll" at the command prompt to display the list of these processes.

5. Use a filter to find the specified process

Enter "TASKLIST/FI" USERNAME ne nt authoritysystem "/FI" STATUS eq running "at the command prompt to list all processes running in non-SYSTEM state in the SYSTEM. "/FI" is the filter parameter, and "ne" and "eq" are the Relational operators "not equal" and "equal ".

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.