Remote shutting down computer over WiFi with cmd - windows

Remote shutting down Windows computer with cmd. Possible?
I have searched over the internet, and I have found many solutions for this problem,
BUT
No one has worked. I don't have got the password for the other computer, or permission to shutdown it, I get everytime: Access denied. (5) So my quetions are:
Is there any software tool to do that?
Is it possible at all?
Can I make it in Windows on both computers?
Not exactly needed cmd, but must be shutted down by remotely, without installing any software on the second computer.
Many thanks for help

I found the solution for you.
RUN secpol.msc in CMD (on the computer u want to enable the remote shutdown)
Go to Local Policies -> User Rights Assignment and search for "Force shutdown from a remote system"
Double click it and then "Add User or Group..." and type "Everyone" and then add it.
This SHOULD work! I've set this configuration on my computer and then executed this command on my brother's PC while we are on the same LAN network and i've got the shutdown message AND the computer did restart.
shutdown -m \\mypcname -r -c "this pc will shutdown in 60 secs" -t 60
Be sure that u can see the computer u want to shutdown trought net view. But u already see it, because u are getting the Access denied. (5).
Report back to the question if it works!
Kind Regards

Look at:
http://www.wikihow.com/Do-a-Remote-Shutdown-for-a-PC-on-a-LAN
quote:
"At your local command prompt type in shutdown -m \computername, replacing "computername" with the name of the computer you wish to shutdown or the computer's IP address."
Or from within a remote session:
shutdown /s /t 0
(meaning: shut down in 0 seconds)

Open cmd
Write net view
Find the computer you want to kick form your wifi or turn off
Write ping ex: USER
Find ip address
Write shutdown -I

Related

Window opened via psexec is blank when using PowerShell Direct, but is OK when psexec starts locally

I am trying to build a simple environment to take screenshots automatically. I have several Hyper-V VMs and I need to use PowerShell Direct to run commands on them in a special sequence. When I run psexec to open notepad.exe via PowerShell Direct, Notepad's window opens, but it is blank. I can blindly click controls on the window (e.g., on the toolbar) and it appears that they work, but nothing is actually displayed besides a blank window.
The only simple option to open Windows in an existing session I see now is to run psexec (any other suggestions would be greatly appreciated because my attempts to stick to PowerShell-only approach hits a roadblock, see Starting a GUI application on a guest VM with PowerShell Direct).
I run psexec on one of the virtual machines to start notepad.exe in session 2. This PowerShell snippet runs on a host VM, it contacts guest VM via PowerShell Direct.
Invoke-Command -VMName 'client1.example.com' -Credential $credential -ScriptBlock {
C:\bin\psexec.exe \\client1.example.com -i 2 "notepad.exe"
}
notepad.exe starts, but the window is blank. Is this a bug in psexec?
Please see the screenshot:
The problem does not occur when I run psexec directly in a guest VM.
C:\bin\psexec.exe \\client1.example.com -i 2 "notepad.exe"
Solved by adding the -s option. I don't understand why the problem occurs in the first place and how running it "in the system account" helps.
-s Run the remote process in the System account.
The problem does not occur when I start explorer.exe, BTW.

Remotely execute `shutdown /sg`

I'm using a raspberry pi to shut down my Windows 10 Computer.
My RPI uses SSH with a private key to execute a shutdown /s /t 30 command on my computer.
But, for optimization reasons, I want to use the shutdown /sg command; by doing so my applications will open automatically before I unlock my session.
However, shutdown /sg needs to be executed on a Desktop Session.
How I can execute a script on my desktop from command communicated over SSH?
Thanks for your help.
I tried to use Invoke-Command but Powershell is not my cup of tea.
But, I find a solution :
I created a Task (named ShutdownSG_over_SSH_from_RPI) in Task Manager which execute shutdown \sg command.
From my RPI, I execute this command over SSH :
powershell -command "Start-ScheduledTask -TaskPath '\MyTaskPath\' -TaskName 'ShutdownSG_over_SSH_from_RPI'"
I know it isn't the best solution but it works.
If you have PowerShell 6.0, support for SSH connection has been added to New-PSSession, Enter-PSSession and Invoke-Command
This requires software to be installed on both your Raspberry PI and your computer.
Microsoft have provided a nice article explaining how to achieve this:
https://learn.microsoft.com/en-us/powershell/scripting/learn/remoting/ssh-remoting-in-powershell-core?view=powershell-6
You should also look at the documentation for Invoke-Command, as that's the easiest way to execute commands and scripts remotely:
https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/invoke-command?view=powershell-6

Typepref command gives no valid counters when running remote command

I am stuck badly into this.
I am trying to execute following batch command which runs successfully on my system present on same network as remote server,
typeperf "\192.168.1.247\Processor(_Total)\% Processor Time" -sc 2
But if I try to run the same command on another remote server present on same network,
typeperf "\192.168.1.241\Processor(_Total)\% Processor Time" -sc 2
this gives me Error: No valid counters.
Please let me know what could be the issue and what could be the possible solution to this.
Regards,
Suvojit
Try refreshing WMI with this command:
winmgmt /resyncperf & wmiadap /f
Make sure that the WMI service is running, or restart it:
net start winmgmt
Run this command to ensure that the disable key doesnt exist, or its value is 0 if it exists.
REG query HKLM\SYSTEM\CurrentControlSet\Services\PerfProc\Performance /v "Disable Performance Counters"
Try rebuilding the performance registry with the LODCTR /R command.
If nothing else works, you can try to manually rebuild Performance Counter library values as a last resort.

How can I check if there is a Windows UAC Elevation Administrator Prompt awaiting for confirmation?

I would like to programmatically know if my Windows 7 system is stopped in the UAC elevation prompt, awaiting for the user to press "Yes".
Is there any running process that appears only in this case and disappear when the user accepts elevation? That would be a good solution, because I could check it via tasklist.
I have checked (during UAC prompt stopped and waiting) for these patterns:
uac
admin
prompt
elev
req
cacl
cscript
...with no luck (all of them case insensitive).
I have found it via remote SSH:
c:\>tasklist | find "consent" -i
consent.exe 5700 Console 1 14.784 KB
It keeps running while your desktop is on UAC.

Really killing a process in Windows

Occasionally a program on a Windows machine goes crazy and just hangs. So I'll call up the task manager and hit the "End Process" button for it. However, this doesn't always work; if I try it enough times then it'll usually die eventually, but I'd really like to be able to just kill it immediately. On Linux I could just kill -9 to guarantee that a process will die.
This also could be used for writing batch scripts and writing batch scripts is programming.
Is there some program or command that comes with Windows that will always kill a process? A free third-party app would be fine, although I'd prefer to be able to do this on machines I sit down at for the first time.
"End Process" on the Processes-Tab calls TerminateProcess which is the most ultimate way Windows knows to kill a process.
If it doesn't go away, it's currently locked waiting on some kernel resource (probably a buggy driver) and there is nothing (short of a reboot) you could do to make the process go away.
Have a look at this blog-entry from wayback when: http://blogs.technet.com/markrussinovich/archive/2005/08/17/unkillable-processes.aspx
Unix based systems like Linux also have that problem where processes could survive a kill -9 if they are in what's known as "Uninterruptible sleep" (shown by top and ps as state D) at which point the processes sleep so well that they can't process incoming signals (which is what kill does - sending signals).
Normally, Uninterruptible sleep should not last long, but as under Windows, broken drivers or broken userpace programs (vfork without exec) can end up sleeping in D forever.
taskkill /im myprocess.exe /f
The "/f" is for "force".
If you know the PID, then you can specify that, as in:
taskkill /pid 1234 /f
Lots of other options are possible, just type taskkill /? for all of them. The "/t" option kills a process and any child processes; that may be useful to you.
Process Hacker has numerous ways of killing a process.
(Right-click the process, then go to Miscellaneous->Terminator.)
JosepStyons is right. Open cmd.exe and run
taskkill /im processname.exe /f
If there is an error saying,
ERROR: The process "process.exe" with PID 1234 could not be
terminated.
Reason: Access is denied.
then try running cmd.exe as administrator.
Get process explorer from sysinternals (now Microsoft)
Process Explorer - Windows Sysinternals | Microsoft Docs
One trick that works well is to attach a debugger and then quit the debugger.
On XP or Windows 2003 you can do this using ntsd that ships out of the box:
ntsd -pn myapp.exe
ntsd will open up a new window. Just type 'q' in the window to quit the debugger and take out the process.
I've known this to work even when task manager doesn't seem able to kill a process.
Unfortunately ntsd was removed from Vista and you have to install the (free) debbugging tools for windows to get a suitable debugger.
setup an AT command to run task manager or process explorer as SYSTEM.
AT 12:34 /interactive "C:/procexp.exe"
If process explorer was in your root C drive then this would open it as SYSTEM and you could kill any process without getting any access denied errors. Set this for like a minute in the future, then it will pop up for you.
FYI you can sometimes use SYSTEM or Trustedinstaller to kill tasks ;)
google quickkill_3_0.bat
sc config TrustedInstaller binPath= "cmd /c TASKKILL /F /IM notepad.exe
sc start "TrustedInstaller"
I had this issue too, here is how I solved it.
1/ Open the « task manager « 
2/ Locate the application name in the list
3/ Once found, right click on its name then click on « properties »
4/ In the properties interface, click on « security « 
5/ Click on « edit » to change permissions
6/ « Deny » all permissions for all users, click on «  apply » then « ok »
7/ click on « advanced » for special permissions settings
8/ Remove permissions for all users
9/ click on «  apply » then « ok »
10/ click on «  apply » then « ok » again
11/ you can now kill the process on task manager as well as uninstall the app of you want to.
When ntsd access is denied, try:
ZeroWave was designed to be a simple tool that will provide a multilevel termination of any kind of process.
ZeroWave is also a easy-to-use program due to its simple installation and its very friendly graphical interface.
ZeroWave has three termination modes and with the "INSANE" mode can terminate any kind of process that can run on Windows.
It seems that ZeroWave can't kill avp.exe
wmic process where processid="11008" call terminate

Resources