PTool is a handy utility designed to provide a way to manage running processes from the command line or from shell scripts.
PTool accepts several arguments. Running PTool with no arguments will list all running processes and exit. Arguments are not case-sensitive. Arguments follow the pattern: (modifier) (action) (target). 'Modifier' modifies the default behavior of PTool, for example the 'silent' modifier.
The 'action' parameter specifies what action, for example 'kill' or 'find', should be taken. 'Target' is the search string or process ID which matches the process(es) to be affected.
When passing a name instead of a process ID number, PTool will match against all processes whose executable file's name contains the passed string. For example, if there are five processes running named Notepad.exe, explorer.exe, mote.exe, slotest.exe, and dwm.exe, then this: ptool kill ote Would match Notepad.exe, mote.exe, and slotest.exe
Matching against window titles follows the same principle as matching against executable names. All operations which modify a process ask for confirmation before proceeding unless you use the 'silent' argument. 'silent' supresses all output and assumes YES to all confirmations. Use the 'silent' argument with caution since even error messages are suppressed.
PTool will fail to modify a process if it cannot access it. In this event, an error will be printed telling you why access was not granted. The two most common reasons are:
Access Is Denied: PTool does not have sufficient access rights to modify the process. Note that you will get this error even if you are running as an Administrator since Windows protects certain critical processes. PTool will inherit the access rights of the user who runs it.
The Parameter Was Incorrect: Generally means that the process being modified does not exist. It may have terminated before PTool attempted to access it. Many security programs such as antivirus applications take steps to prevent their processes from being tampered with. The error returned will depend on how they accomplished the protection.
The duplicate feature is NOT analogous to a fork function in that an entirely new instance of the process is created using the ShellExecute API. As such, arguments passed to the initial process are not passed to the duplicated instance.
Care should be taken when using PTool against a search string instead of a process ID number: confirm that the matched processes are indeed the processes you wish to modify before confirming! for WindowsAll
