Preferably a command line tool to do this...
I understand that there is a program called tasklist.exe in Windows systems, and it has many powerful features to view processes currently running on the system.
Unfortunately it does not have the functionality to view the path of the .exe file that created or spawned the process in the first place.
I finally decided to take a tour of my system and I've noticed some shady looking processes and I want to check if they live in equally shady looking places on my system.
Any ideas?
You can use PowerShell.
Click Start -> Run, and type powershell to invoke Power Shell.
View all processes currently:
tasklist
Show full path of .exe file (Example command for Notepad++):
Get-Process notepad++ | Select-Object Path
You will see output:
Path
C:\Program Files (x86)\Notepad++\notepad++.exe
I'm building a lightweight version of the ncurses library. So far, it works pretty well with VT100-compatible terminals, but win32 console fails to recognise the \033 code as the beginning of an escape sequence:
# include <stdio.h>
# include "term.h"
int main(void) {
puts(BOLD COLOR(FG, RED) "Bold text" NOT_BOLD " is cool!" CLEAR);
return 0;
}
What needs to be done on the C code level, in order that the ANSI.SYS driver is loaded and the ANSI/VT100 escape sequences recognized?
[UPDATE] For latest Windows 10 please read useful contribution by #brainslugs83, just below in the comments to this answer.
While for versions before Windows 10 Anniversary Update:
ANSI.SYS has a restriction that it can run only in the context of the MS-DOS sub-system under Windows 95-Vista.
Microsoft KB101875 explains how to enable ANSI.SYS in a command window, but it does not apply to Windows NT. According to the article: we all love colors, modern versions of Windows do not have this nice ANSI support.
Instead, Microsoft created a lot of functions, but this is far from your need to operate ANSI/VT100 escape sequence.
For a more detailed explanation, see the Wikipedia article:
ANSI.SYS also works in NT-derived systems for 16-bit legacy programs executing under the NTVDM.
The Win32 console does not natively support ANSI escape sequences at all. Software such as Ansicon can however act as a wrapper around the standard Win32 console and add support for ANSI escape sequences.
So I think ANSICON by Jason Hood is your solution. It is written in C, supports 32-bit and 64-bit versions of Windows, and the source is available.
Also I found some other similar question or post which ultimately have been answered to use ANSICON:
How to load ANSI escape codes or get coloured file listing in WinXP cmd shell?
how to use ansi.sys in windows 7
How can I get cmd.exe to display ANSI color escape sequences?
ansi color in windows shells
enable ansi colors in windows command prompt
Starting from Windows 10 TH2 (v1511), conhost.exe and cmd.exe support ANSI and VT100 Escape Sequences out of the box (although they have to be enabled).
See my answer over at superuser for more details.
Base on #BrainSlugs83 you can activate on the current Windows 10 version via register, with this command line:
REG ADD HKCU\CONSOLE /f /v VirtualTerminalLevel /t REG_DWORD /d 1
For Python 2.7 the following script works for me fine with Windows 10 (v1607)
import os
print '\033[35m'+'color-test'+'\033[39m'+" test end"
os.system('') #enable VT100 Escape Sequence for WINDOWS 10 Ver. 1607
print '\033[35m'+'color-test'+'\033[39m'+" test end"
Result should be:
[35mcolor-test[39m test end
color-test test end
Starting from Windows 10, you can use ENABLE_VIRTUAL_TERMINAL_PROCESSING to enable ANSI escape sequences:
https://msdn.microsoft.com/en-us/library/windows/desktop/mt638032(v=vs.85).aspx
If ANSICON is not acceptable since it requires you to install something on the system, a more lightweight solution that parses and translates the ANSI codes into the relevant Win32 API console functions such as SetConsoleTextAttribute.
https://github.com/mattn/ansicolor-w32.c
For coloring the cmd you need Windows.h and use SetConsoleTextAttribute() more details can be found in http://msdn.microsoft.com/en-us/library/windows/desktop/ms686047%28v=vs.85%29.aspx
In lastest win10, it can be done by SetConsoleMode(originMode | ENABLE_VIRTUAL_TERMINAL_PROCESSING). See https://learn.microsoft.com/en-us/windows/console/console-virtual-terminal-sequences#example
Maybe ANSICON can help u
Just download and extract files, depending on your windows os: 32bit or 64bit
Install it with: ansicon -i
I personally like clink. It not only processes ANSI codes, it also adds many other features so Windows Console behaves like bash (history, reverse history search, keyboard shortcuts, etc.):
The same line editing as Bash (from GNU's Readline library).
History persistence between sessions.
Context sensitive completion;
Executables (and aliases).
Directory commands.
Environment variables
Thirdparty tools; Git, Mercurial, SVN, Go, and P4.
New keyboard shortcuts;
Paste from clipboard (Ctrl-V).
Incremental history search (Ctrl-R/Ctrl-S).
Powerful completion (TAB).
Undo (Ctrl-Z).
Automatic "cd .." (Ctrl-PgUp).
Environment variable expansion (Ctrl-Alt-E).
(press Alt-H for many more...)
Scriptable completion with Lua.
Coloured and scriptable prompt.
Auto-answering of the "Terminate batch job?" prompt.
Ansi.sys (in the system32 folder) is an "MSDOS driver" provided as part of Windows XP, 2000, and earlier versions of NT. In 2000 and XP, it is located in the system32 folder (I don't remember the structure of earlier versions of NT). Programs that run in the DOS subsystem and use standard output can use ANSI.SYS just as they could running over MSDOS.
To load ansi.sys, you must use the device= or devicehigh= command in config, just as you would in MSDOS. On Windows NT 5 (2K & XP), each copy of the DOS subsystem can be given a separate config file in the pif/shortcut (use the "advanced" button), and there is a default file called CONFIG.NT (also in the system32 folder), which is used if the pif/shortcut does not specify a special config file.
When ansi.sys is loaded correctly, mem /d will report that it is loaded. On earlier versions of NT, you can and must load a proper DOS environment to load ansi.sys, and ansi art will work at the prompt. On Win 2K and XP, loading ansi.sys will have no effect on your "CMD prompt" because CMD is not a DOS program: it is a 32 bit Windows console program. For some reason that I do not understand, on WinXP, even if you load a fixed copy of command.com using "command.com /p", the command prompt will not be ansi enabled: perhaps when you do it that way it only emulates loading command.com?
In any case, when you use an actual DOS version of command.com, ansi is enabled after being loaded: you can demonstrate it's use with a bit of ansi art like this:
command /c type ansiart.ans
(here is an example: http://artscene.textfiles.com/ansi/artwork/beastie.ans)
CONFIG.NT (in the system32 folder) contains an example of the syntax for loading device drivers. You will need to be an Administrator to edit that default file, or you can make a copy of it.
On Win 2K and XP, the default "shortcut" for MSDOS is a .PIF file, not a .LNK file. If you create a .lnk file to CMD, you won't be able to set special config and autoexec files, it will use the default CONFIG.NT. If you want to use a special config file for just one DOS application, you can make a copy of the "MSDOS shortcut", or you can make a copy of "_default.pif", found in your Windows folder.
I found this tool to be working for my end.
Microsoft Color Tool from GitHub
Unzip the compressed file then open CMD with Administration permission.
Go to the folder where you unzip the file in CMD.
Then execute this command "colortool -b scheme-name"
The scheme-name needs to be replaced with any of these options below:
campbell.ini
campbell-legacy.ini
cmd-legacy.ini
deuternopia.itermcolors
OneHalfDark.itermcolors
OneHalfLight.itermcolors
solarized_dark.itermcolors
solarized_light.itermcolors
In my case, the command would be like this "colortool -b solarized_dark.itermcolors"
Click right on the console window and select Properties.
You don't need to change any value just click "OK" to save the setting. (You will notice that your font already contains colors).
Console Property
Then restart your cmd or powerShell.
The ANSI color should be enabled and working with the color scheme you chose before.
Had the same issue. I installed ConEmu and that one solved my problem.
Somehow in Windows you just need to call any shell command first, rather call the system function. Just in start of your main method put system("");, and don't forget to include stdlib.h.
I noticed this when I looked at some of my old programs that also used ANSI codes to understand why they work, but my new code is not
I am in a small bind. The program in question can be installed in the program files directory (64bit) or X86 path. The program is already installed in over 200 machines. I am fairly certain the default install path was X86 as that's the default. I am not certain and must cover both scenarios. The original sys admin that installed this didn't use an .msi so I'm left with what I've found as ""C:\Program Files\InstallShield Installation Information{78AC336D-25F6-4916-A711-2EA2F69E0319}\setup.exe" as the command provided by one utility to remotely uninstall said application I found. Didn't work and I cannot attempt to push this out in hopes it'll work.
Given this problem, is there a way to uninstall this program via a script that would check both program files and X86 paths and uninstall depending on location? OR, is there a script that will just flat out uninstall the program regardless without the concern for the X86/program original install location. I just need to uninstall it period across all of these machines. The install .bat is good to go. What I cannot do is just get window to uninstall X application via a script for 32 or 64 bit machines.
I've tried MsiExec.exe /X{78AC336D-25F6-4916-A711-2EA2F69E0319} /quiet with no go. I can try to install the .msi this time around but am lost and my knowledge is limited with scripting or any uninstall scripts for telling "end users" without confusing them to just click here. I could tell them to go to control panel, etc..but they'll be lost....typical.
Any ideas on how to script this uninstall given it wasn't an original .msi and I am not sure how to get something working? I'm open to anything. I have two days to get this fixed and I'm in panic mode...
Any ideas or help on code would be greatly appreciated.
Regards,
Brian
wmic can call an uninstaller. I haven't tried this, but I think it might work.
wmic /node:computername /user:adminuser /password:password product where name="name of application" call uninstall
If you don't know exactly what the program calls itself, do
wmic product get name | sort
and look for it. You can also uninstall using SQL-ish wildcards.
wmic /node:computername /user:adminuser /password:password product where "name like '%j2se%'" call uninstall
... for example would perform a case-insensitive search for *j2se* and uninstall "J2SE Runtime Environment 5.0 Update 12". (Note that in the example above, %j2se% is not an environment variable, but simply the word "j2se" with a SQL-ish wildcard on each end. If your search string could conflict with an environment or script variable, use double percents to specify literal percent signs, like %%j2se%%.)
If wmic prompts for y/n confirmation before completing the uninstall, try this:
echo y | wmic /node:computername /user:adminuser /password:password product where name="whatever" call uninstall
... to pass a y to it before it even asks.
I haven't tested this, but it's worth a shot anyway. If it works on one computer, then you can just loop through a text file containing all the computer names within your organization using a for loop, or put it in a domain policy logon script.
Further reading on wmic
More reading on wmic
Assuming you're dealing with Windows 7 x64 and something that was previously installed with some sort of an installer, you can open regedit and search the keys under
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall
(which references 32-bit programs) for part of the name of the program, or
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
(if it actually was a 64-bit program).
If you find something that matches your program in one of those, the contents of UninstallString in that key usually give you the exact command you are looking for (that you can run in a script).
If you don't find anything relevant in those registry locations, then it may have been "installed" by unzipping a file. Because you mentioned removing it by the Control Panel, I gather this likely isn't then case; if it's in the list of programs there, it should be in one of the registry keys I mentioned.
Then in a .bat script you can do
if exist "c:\program files\whatever\program.exe" (place UninstallString contents here)
if exist "c:\program files (x86)\whatever\program.exe" (place UninstallString contents here)
In my experience, to use wmic in a script, you need to get the nested quoting right:
wmic product where "name = 'Windows Azure Authoring Tools - v2.3'" call uninstall /nointeractive
quoting both the query and the name. But wmic will only uninstall things installed via windows installer.
What is the powershell equivalent of 'less'?
I see 'more', but it lacks some of the features I rely on (e.g. searching through the file)
I seek a pager (equivalent of 'less') which allows searching (match or ignore case), multiple files at once, etc.
Some of our servers run windows 2008 and I lack admin privileges to install cygwin
I had heard windows 2008, MSFT got their act together and provided some easy-for-admins tools.
Update:
I should give some context:
I know little about power shell
New servers have 2008 on them
While I affection for many tools of yore, the dos prompt is not one of them
I was hoping that Powershell had the equivalent of grep,ls,less, xargs, et
I understood that powershell gave us those tools
I fired off my question quickly.
thanks
It reads like you know you can do this:
gc logfile.log | more
(GC is an alias for Get-Content).
You may be able to do the filtering etc.. with this more information can be found by running these commands:
Get-Help Get-Content Get-Help
Get-Content -Examples
(Get-Help gc would work fine as well).
And the bits you may be interested in are limit\filter etc...
Get-Help gc -Parameter * | more
I just use the GOW version of less, works fine.
I don't know of any direct analogue for less in powershell that you can implement easily. Your best bet is to get a windows implementation of less that is outside of cygwin, that way you can just drop in the binary somewhere accessible to your account.
to get grep/vim/wget and other Linux like commands in powershell I suggest running.
iex (new-object net.webclient).downloadstring(‘https://get.scoop.sh’)
then
scoop install grep
scoop install perl
scoop install vim
and to get a list of all of them
scoop search
In Windows 10 PowerShell + Cygwin I use:
gc .\myfile.log | less
Previously I was trying to use cygwin directly:
less .\myfile.log
but it shows binary file because of invalid charset setting between 32b-bit and 64-bit.
I was hoping that Powershell had the equivalent of grep,ls,less, xargs, et
In the case you missed this question (top voted) you might enjoy this answer.
I would like to find a replacement for list.com, specifically the ability to accept piped input. For example:
p4 sync -n | list
which accepts the output of the perforce command and displays the results in the viewer/editor for manipulation or saving. I know that I would send the output to a file and then open the file in the viewer/editor but I use it for temporary results.
List.com doesn't work on 64 bit Windows 7.
A good 32-bit Windows-based alternative to Vern Buerg's List is Charles Prineas' "V". Find it at http://www.fileviewer.com.
I believe someone is working on a replacment. See http://mysite.verizon.net/yellowspoon
The less utility can display text read from standard input. You can download 32-bit Windows binaries of the program, and Microsoft claims most programs designed for a computer running a 32-bit version of Windows will work on a computer running 64-bit versions of Windows.
You can simulate list.com file browsing and viewing features with vifm and less.
They are both freely available for windows.
After vifm installation just customize the "vi command" in the configuration file, and replace it with "less" (set vicmd = less \ -C)
You can also have a single pane display if you prefer so (with the "only" option).
Finally you can create a list.bat which calls vifm and changes the current directory on exit. This is the batch file content.
#echo off
for / f "delims =" %% i in ('vifm --choose-dir -% 1') do IF "%%i" NEQ "" (cd %%i)
More details in list.com lives on my blog