PowerShell Kill a Process from the Command Line
Let’s see how we can use the command line, including command prompt commands and PowerShell to kill processes.
Table of contents
Task Manager may not be the best tool
The classic Windows Task Manager is the go-to for many when it comes to process management. However, launching Task Manager might not always be the best solution, especially in cases where processes need to be ended on remote computers or the tool won’t launch for whatever reason.
Task manager has long been the tool in Windows to kill processes.
For that, we need to use the command line, including the classic command prompt, and we can also use PowerShell to kill a process.
Tasklist and Taskkill
Let’s first look at how to use the traditional command line to find and kill processes using tasklist and taskkill.
Each running process in a Windows environment is assigned a unique process id (PID). This identification and the image name make it easier for users to single out specific processes. The process name and the PID are essential when deciding which process to terminate.
Before killing a process using taskkill, you often use tasklist to identify the running processes.
tasklistYou can use the “/?” parameter to view the command help.
Killing a Process Using its Name (Image Name)
The /IM switch allows you to specify the image name (essentially the process name) of the process you want to terminate.
taskkill /IM notepad.exe /FKilling a Process Using its PID
Using the /PID switch, you can target a specific process using its Process ID.
taskkill /PID 1234 /FKilling Processes Based on Session Name or Session Number
This is particularly useful in a terminal server environment.
taskkill /FI "SESSION eq 1" /FKilling Processes Based on Status
For example, you might want to terminate all not responding processes.
taskkill /FI "STATUS eq NOT RESPONDING" /FKilling Processes on Remote Machines
If you have the necessary permissions, taskkill also allows you to terminate processes on remote systems.
taskkill /S RemotePC1 /U username /P password /IM notepad.exe /FREM Kill all instances of Notepad on a remote computer named 'RemotePC1' Killing Multiple Processes Simultaneously
You can specify multiple image names separated by space or comma to stop one or more processes found in the process objects:
taskkill /IM notepad.exe,calc.exe /FPowerShell kill a process
PowerShell is a new scripting language from Microsoft that provides a noun-verb construct for entering commands that is very intuitive and powerful. It allows easy managing Windows environments and can easily be used for automation scripts that can automate repetitive tasks.
Aside from automation, it enables interacting with Windows, including managing running processes and much more. Using PowerShell’s verb-noun construct, we can take the process object and end the specified process using PowerShell’s object-oriented language.
Identifying Running Processes with PowerShell and Killing them
The first step in managing a process is process identification. With the get process command, one can easily list all running processes. The tasklist command can also be employed from the command prompt to achieve similar results.
Before you can kill a process, you often need to identify it. Open a PowerShell Window and type the “Get-Process” cmdlet.
# List all running processes
Get-Process
Filtering Processes by Name
You can filter by name if you’re interested in a specific process or a set of processes.
# List all instances of Notepad
Get-Process -Name notepad
Filtering Processes by Process ID (PID)
Each running process has a unique Process ID (PID). This allows for precise identification.
# List process with a specific PID (e.g., 1234)
Get-Process -Id 1234
PowerShellโs Stop Process Cmdlet
An alternative to the taskkill command is the stop process command in PowerShell. Combined with the where object cmdlet, this cmdlet lets users filter out processes by various criteria and then terminate them. You can kill it using its name once you’ve identified a rogue process.
# Kill all instances of Notepad
Stop-Process -Name notepad -ForceKilling a Process Using its PID
For a more targeted approach, especially if multiple instances of a process are running, use the PID.
# Kill process with PID 1234
Stop-Process -Id 1234 -Force
Advanced Filtering Using Where-Object Cmdlet
You might want to kill processes based on specific conditions. The Where-Object cmdlet is perfect for this.
# Kill all processes consuming more than 1GB of memory
Get-Process | Where-Object {$_.WS -gt 1GB} | Stop-Process -ForceBelow, I queried first for 1GB and there were no processes taking that amount of memory. Next, I tried 512MB and again nothing. Then I lowered down to 100MB and you can see the processes returned.
Killing Processes on Remote Machines
Sometimes, processes may be running on remote servers or machines. With Windows Management Instrumentation capabilities, Windows PowerShell allows users to manage processes on their local computers and remote systems.
# Kill all instances of Notepad on a remote computer named 'RemotePC1'
Invoke-Command -ComputerName RemotePC1 -ScriptBlock { Stop-Process -Name notepad -Force }Batch Termination of Processes
If you want to terminate multiple processes at the same time, you could use the following as an example:
# Kill all instances of Notepad and Calculator
Get-Process | Where-Object { $_.Name -in "notepad", "calc" } | Stop-Process -ForceThe Force Switch and Risky Processes
While most processes can be halted gracefully, some may resist standard termination methods. You can use the force switch to end processes forcefully. However, be careful doing this, as it might lead to data loss or instability.
# Forcefully kill all instances of Notepad
Stop-Process -Name notepad -ForceWrapping up
As we’ve seen, PowerShell provides an excellent set of tools for handling all types of processes, from a simple notepad process to more complex Windows processes. The command line and using PowerShell are the best ways to manage and stop processes at scale using automation.
As shown, you can even use PowerShell to kill a process remotely. The next time you have a hung process, use PowerShell instead of the Task Manager, and you will be surprised at the ease with which you can stop processes from the PowerShell terminal.
wonderful! thank you Brandon