Windows - Kill All Non-Essential Running Processes

3

2

I'm trying to fight viruses on extremely badly-infected machines. These are Windows 8 machines running 10-20 processes that need to be forced to quit.

Unfortunately, because the viruses auto-execute at login, they force the machine into 'not responding' so frequently that almost all interaction with the UI (such as task manager) is impossible.

I know I can use taskkill via Command Prompt to kill a single process, forcefully. I can even make it kill multiple iterations of the same executable.

But what I want is something that can kill ALL running processes, except those which are essential to Windows (E.g. the ones that say 'Access is Denied' when you try to force them to quit)

Any ideas would be very welcome.

David Shortall

Posted 2015-08-19T10:02:24.683

Reputation: 63

Question was closed 2015-09-15T09:40:59.380

1My usual trick is to get the drive out, put in a USB enclosure & plug it into a Mac. Then you can fix it at your leisure. – Tetsujin – 2015-08-19T10:09:46.480

1Or just boot from a live USB of linux... No removal of drives, no macs. – Jack – 2015-08-19T10:11:44.880

1Forgive me if this is a stupid question, but I wonder if your life would be made easier if you wiped the whole thing clean and started with a fresh install of windows? – aparente001 – 2015-08-19T11:45:56.073

Some viruses/malware patch critical Windows System files so disabling all but essential processes may not work. – Moab – 2015-08-19T14:36:44.717

Answers

1

I want is something that can kill ALL running processes

Try the following batch file:

@echo off
setlocal
setlocal EnableDelayedExpansion
for /f "tokens=2 skip=4" %%a in ('tasklist')  do (
  echo taskkill /pid %%a
  )
endlocal

Notes:

  • Remove echo when you are happy with what it will do.

  • You might have to run it multiple times as:

    • The batch file itself may be terminated before all processes are killed
    • Even if it isn't you wan't to catch the respawned processes (respawning may happen faster than you can kill them)
  • Try adding /f (forcefully terminate the processes) if necessary

Further Reading

  • An A-Z Index of the Windows CMD command line - An excellent reference for all things Windows cmd line related.
  • for /f - Loop command against the results of another command.
  • taskkill - End one or more processes (by process id or image name).
  • tasklist - TaskList displays all running applications and services with their Process ID (PID) This can be run on either a local or a remote computer.

DavidPostill

Posted 2015-08-19T10:02:24.683

Reputation: 118 938

0

On another computer download CCleaner copy it to USB stick. Boot to safe mode, install CCleaner and run it. Also go to Tools -> Startup disable any software you don't recognize, especially in the scheduled tasks.

Disconnect PC from network. This prevents virus from accessing Internet and causing slowdowns. Reboot in standard mode. Rerun CCleaner and again disable apps in Startup. You should now be able to kill tasks with less worry about respawning virus.

GeekyDaddy

Posted 2015-08-19T10:02:24.683

Reputation: 400

Asked: 2015-08-19T10:02:24.683

Viewed: 4 499 times

Active: 2015-08-19T19:56:38.853