Kill Processes using Command Prompt in windows machine

Kill Processes using Command Prompt in windows machineSometimes virus issue in system creates many problem and even it won’t allow you to boot the system in safe mode or else to run any of the antivirus.
I found one work around to delete the tasks running. Which is a bit tricky to do using command prompt.
Here what I did. Opened command prompt (press Windows button + R)
1 – Disconnect from Internet if the system is connected over LAN or WIFI
2 – Type cmd then Enter.
3 – Type tasklist and press enter in the command prompt dialog box
(It will give you the all running processes list)
4 – Figure out the process name of that virus running, yes its a bit difficult to figure out still you can leave the default processes those normally runs on machine and to know detail about the process,
Click the link http://www.processlibrary.com/en/
5 – Once you find out the culprit. I mean the virus process name
Type in the command prompt taslkill /IM processname /F
Enter
i.e. taskkill /IM nvuvdie.exe /F
We can end task the process by using the PID also
i.e. taskkill /PID 2456 /F
To delete simultaneously more processes using PID
i.e. taskkill /PID 2456 4344 5456 /F
6 – Once you end task the running virus processes. Now there is a chance we can run any tool to clean the virus entries from the system else will have to do manually.
7 – To clean the virus entries manually. Go to run and type msconfig, then go to (startup tab) remove all the unwanted entries from there and also the entries in regedit and location in physical drive like in c:\program files or inside windows folder.
8 – Delete all the entries of virus from regedit and remove entries from msconfig startup tab and delete the installation folder.
9 – Now you are safe and hopefully we have deleted the all entries of virus and corresponding exe there in the machine.
10 – Download the free antimalware to do a full scan http://www.malwarebytes.org/products/malwarebytes_free/

How to enable Remote Desktop Remotely ?

Enabling Remote Desktop Remotely
It's strange but I can show you the exact path to do it. Here it goes so how do you enable remote desktop when you do not have physical access to the computer. It is all to do with the registry!
1. Open command prompt and type regedit
2. Click on file - connect to Network Registry - type the network computer name for which you want to enable remote desktop.
3. After its connected
4. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server for the registry settings for the remote computer (take care not to select your own desktop)
5. Double-click fDenyTSConnections.
6. Change the value of this setting to 0 to enable Remote Desktop or 1 to disable it, and click OK.
7. Disconnect the remote computer from the registry editor using File, Disconnect Network Registry
8. Finally, open command prompt, type mstsc when RDP dialog box open type the user name and password to go in to it. That's it

The User Profile Service failed the logon. User profile cannot be loaded

  Appears while attempting to logon in Windows Vista, 2008, 2008 R2 and 7.

Exact cause is unknown, but this issue may occur if the user profile was manually deleted by using the command prompt or Windows Explorer by a user or by some program. A profile that is manually deleted does not remove the security identifier (SID) from the user profile list in the registry. Since the SID is still present, Windows will still try to load the profile by using the ProfileImagePath that points to a nonexistent path. Therefore, the profile cannot be loaded.

This can also be a issue with the user profile entering into a backup state, or if the C:\Users\(User Name) user profile folder is manually renamed.

1. Log on to the Computer

Log on to the computer using the Administrator (or an Administrator-level) account.

If the computer is not joined to a domain, reboot it and start your computer in safe mode, then log on using the Administrator (or an Administrator-level) account.

2. Trawl through the Registry

Open the Start menu. In the Start Search area, type regedit and press Enter (if prompted by UAC, click Continue/Yes). In regedit, go to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Expand the ProfileList key and look for the SID key (named "S-1-5"...) with a long number that ends in ".bak". Click it, and look at the ProfileImagePath value in the right pane to verify that this is the user account profile that has the error.

a) If you have two SID keys with the same number (with one ending in ".bak" and one showing the affected user account in the ProfileImagePath value), continue to Step 3;

b) If you have just one SID key with the ProfileImagePath value showing the affected user account, 
proceed to Step 4...

3. Two SID keys with the same number

a) Of the two SID keys that corresponds to the affected user account, right-click the SID key that does NOT end in ".bak" and click Rename.

b) Add .bk to the end of the numbers and press Enter.

c) Right-click the other SID key that DOES end in ".bak" and click Rename.

d) Remove only .bak from the end of the numbers (so that it has the same name as the other SID key did before you renamed it) and press Enter.

e) Now go back and Rename the first one with .bk to .bak now at the end of the numbers and press Enter.

Proceed to Step 5...

4. Only one SID key ending in ".bak"

a) Right-click the SID key that corresponds to the affected user account and click Rename.

b) Remove only .bak from the end of the numbers, and press Enter.

c) In the right pane, right-click the RefCount value (if none exists, right-click the right pane and click New and DWORD (32 bit) Value, then type RefCount and press Enter), and click Modify.

d) Type 0 into the Value Data textbox and click OK.

e) In the right pane, right-click the State value and click Modify.

f) Type 0 into the Value Data textbox and click OK.

5. Try logging on again!

Close regedit and restart the computer. You should be able to logon now...

How to uninstall LibreOffice from Ubuntu?

Type the following in terminal to remove libreoffice.

sudo apt-get remove --purge libreoffice*

sudo apt-get clean

sudo apt-get autoremove

DNS TCP/IP commands from command prompt

IP address, Subnet Mask, Default Gateway, DNS and WINS addresses
What do you use to configure these things? There are various applications or utilities also available to configure TCP/IP settings and many other options.
But you can also achieve all this through command prompt! Isn't it fantastic? Many of you might be familiar with ping, tracert and ipconfig commands available in windows xp. Let us see which other commands you can use from command prompt.
With the help of these commands you can view or modify the network configuration settings of a computer that is currently running.

To get the command prompt...
Press 'WinKey + R' type CMD [ENTER]
• ping webgk.com - Test Connectivity
• tracert - Trace IP address Route
• netstat - Displays the TCP/IP protocol sessions
• route - Display Local Route
• arp - Display Resolved MAC Addresses
• hostname - Display Computer Name
• netsetup.cpl - Network Setup Wizard
• control netconnections - Network Connections
• ipconfig /all - Connection Configuration
• ipconfig /displaydns - Display DNS Cache Info
• ipconfig /flushdns - Clear DNS Cache
• ipconfig /release - Release All IP Address Connections
• ipconfig /renew - Renew All IP Address Connections
• ipconfig /registerdns - ReRegister the DNS connections
• ipconfig /showclassid - Display DHCP Class Information
• ipconfig /setclassid - Change/Modify DHCP Class ID

Knowledge of DNS, gateway and subnet mask is helpful while resolving network issues. The following questions provides you a short description of...

What is DNS?
Domain Name Service (DNS) numbers are IP addresses that a web server uses to refer to specific servers that resolve domain names to IP addresses.

What is a GateWay?
A gateway IP refers to a device on a network which sends local network traffic to other networks. In the technical language it is a hardware device or software application set up that translates between two dissimilar protocols.

What is Subnet Mask?
The subnet mask number helps to identify the relationship between the host (computers, routers, switches, etc.) and the rest of the workgroup or network. For the purpose of security and performance a subnet mask divides IP networks into two different parts.

INSTALLING HYPER-V MANAGER ON WINDOWS 7

Download and install the RSAT tools for Windows 7 from here: http://www.microsoft.com/downloads/details.aspx?FamilyID=7D2F6AD7-656B-4313-A005-4E344E43997D&displaylang=en. Install either the 32-bit or 64-bit depending on what version of Windows 7 you’re using.

Next, go to Start - Control Panel and click on Programs.

Next, you’ll see an option to Turn Window features on or off. Click on this option.

Under Remote Server Administration Tools - Role Administration Tools, find the option for Hyper-V Tools, check the checkbox and click OK. You can now type Hyper-V Manager at the Start Menu

You can now type Hyper-V Manager at the Start menu or go to Start - Administrative Tools -Hyper-V Manager.

Windows XP reports that Windows Management Instrumentation (WMI) might be corrupted?

[[You may receive any of the following error messages in Windows XP:
Unable to view network properties. Windows cannot display the properties of
connection. Windows Management Instrumentation (WMI) might be corrupted.
Unable to view System Information (MSinfo32).

If you run Windows Management Instrumentation (WMI), wmimgmt.msc, you
receive: Failed to connect to local computer due to WMI:Generic failure.

These errors will occur if the %SystemRoot%\System32\Wbem\Repository folder
is damaged.

Step - 1
To fix this problem:
1. Use the Start menu to right-click My Computer.
2. Press the Manage item.
3. Double-click Services and Applications in the left-hand pane.
4. Press Services to expand it.
5. Scroll to Windows Management Instrumentation in the right-hand pane and
right-click it.
6. Press Stop.
7. Use Windows Explorer to delete all the files in the
%SystemRoot%\System32\Wbem\Repository folder.
8. Shutdown and restart your computer. The Windows Management
Instrumentation service will start and the files will be re-created.]]
===

Step - 2
%SystemRoot%\System32\Wbem\Repository. I had to run Error Checking
(Chkdsk.exe). And then try to delete the file.
C:\WINDOWS\System32\Wbem\Repository\FS.
-------

[Windows Management Instrumentation - WinMgmt could not initialize the core
parts
Go to Start/Run/CMD and then run each of these hitting enter after each:

winmgmt /clearadap
winmgmt /kill
winmgmt /unregserver
winmgmt /regserver
winmgmt /resyncperf

This may or may not repair the repository but will re-install wmi into the
registry.]
===

WMI
[[WMIPRVSE hosts the provider that sends your events on WinXP. On WinXP
providers are out of process from the actual WMI service. You can specify
the wbemConnectFlagUseMaxWait which will cause the timeout to be 2 minutes
instead of the default DCOM one which is up to 20 minutes. What may help is
to ping the remote machine first before attempting a ConnectServer.

WMI relies on DCOM for remoting which in turn uses RPC which then uses
TCP/IP, so there could be several reasons why it isn't connecting initially.
This is a known issue. Basically, when the provider calls MSI, it doesn't
necessarily cancel the initial request and attempts to finish it so
wmiprvse.exe will still show cpu usage.

To correct permission issues:

1 - In the Management Console\Services STOP WMI and set to manual.
2 - Go to the WMI repository %Windows%system32%wbem and delete the
repository.
3 -Set the WMI service back to Automatic
4 - From %Windows%system32%wbem run "wbemtest" and connect to your
namespace.
5 - Start/Run/Regedit and navigate to: Locate current

HKEY_CURRENT_CONFIG\System\CurrentControlSet\Control\Class. Open the class
key and right click on the sub key 0000 and select permissions and make sure
that the permissions for you [administrator] are "Full".]]

--
Hope this helps. Let us know.