Jackbox
Active Member
- Jan 2, 2016
- 197
- 96
- 74
Launch CMD as admin.
This could be helpful, to find other sessions.
If something besides System Idle Process is running, probably scream and figure shit out quickly. Could also swap this to eq Domain1\Username1
Search for Realtek drivers running?
Any unresponsive processes? Kill 'em perhaps.
Find some early processes?
If you run a regular Command Prompt and then one as an Administrator, you will see the difference with this filter.
Find all processes running as an Administrator:
Any console apps running?
Any non-console apps running?
Anything running not a console nor a service?
Get output in a csv view.
Find what is using the "iexproxy" dll?
Longest running app? Launch PowerShell as admin.
Code:
tasklist /fi "memusage gt 50000" | sort /r /+65This could be helpful, to find other sessions.
Code:
tasklist /v /FI "Session gt 0"
Code:
tasklist /v /FI "Username eq N/A"
Code:
tasklist /v /FI "Username ne N/A"If something besides System Idle Process is running, probably scream and figure shit out quickly. Could also swap this to eq Domain1\Username1
Code:
tasklist /v /FI "Username eq NT AUTHORITY\SYSTEM"Search for Realtek drivers running?
Code:
tasklist /v /FI "Windowtitle eq Real*"Any unresponsive processes? Kill 'em perhaps.
Code:
tasklist /v /FI "Status eq Not Responding"Find some early processes?
Code:
tasklist /v /FI "pid lt 1000"If you run a regular Command Prompt and then one as an Administrator, you will see the difference with this filter.
Code:
tasklist /v /FI "Imagename eq cmd*"Find all processes running as an Administrator:
Code:
tasklist /v | findstr "Admin"
tasklist /v /FI "Windowtitle eq Admin*"Any console apps running?
Code:
tasklist /v /FI "Sessionname eq Console"Any non-console apps running?
Code:
tasklist /v /FI "Sessionname ne Console"Anything running not a console nor a service?
Code:
tasklist /v /FI "Sessionname ne Console" /FI "Sessionname ne Services"Get output in a csv view.
Code:
tasklist /v /FI "Imagename eq d*" /fo csvFind what is using the "iexproxy" dll?
Code:
tasklist /M /fo csv | findstr "ieproxy"Longest running app? Launch PowerShell as admin.
Code:
get-wmiobject Win32_PerfFormattedData_PerfProc_Process | Select -Property PercentProcessorTime, Name, ElapsedTime | Sort-Object -Property ElapsedTime | Format-Table ElapsedTime, Name, PercentProcessorTime
Code:
get-wmiobject Win32_PerfFormattedData_PerfProc_Process | Select -Property PercentProcessorTime, Name, ElapsedTime, Threadcount | Sort-Object -Property Threadcount
Code:
get-wmiobject Win32_PerfFormattedData_PerfProc_Process | Select -Property CreatingProcessID, Name | Sort-Object -Property CreatingProcessID | Format-List CreatingProcessID, Name
Last edited: