PowerShell gives you the possibility of managing tasks by writing your own scripts. One of the key responsibilities of a systems administrator is keeping a server working efficiently. Sometimes, in order to properly manage a server, you need to kill a process. This is an easy task to perform in PowerShell and if you are able to write your own PowerShell scripts, you can include process termination procedures in one.
It is possible to kill any process, including those operating in the background that provide services to other programs. So, it is important that you know exactly what each process is for and ensure that you aren’t terminating a process that provides essential services to user-facing apps.
The task of identifying which processes are essential and which are abandoned and need to be cleaned out is a topic for another day. Right now, we are just going to look at how PowerShell can be used to terminate a process.
You probably wouldn’t want to issue a command in the operating system that terminates all processes. That means that in order to kill a single process you need to know how it is identified. Windows assigns a Process ID (PID) to each process that it starts up.
In this guide, we will show you how you can monitor processes through the PowerShell interface because that will enable you to work out which process that you want to stop.
Open the PowerShell environment
1. In order to open a PowerShell window, type powershell into the Start menu search field and click on Run as Administrator, which is listed as an option under the PowerShell app heading shown in the right panel of the results.
2. Windows will ask you for your permission to proceed. Click OK and the PowerShell app will open. This shows a blue background and has the PowerShell prompt at the top of it. The prompt also shows the current directory. It defaults to C:\Windows\system32.
3. If you want to run your own scripts from this prompt, you can change the directory with the command
cd <directory> (substitute the directory name you want to move to for <directory>).
Get a list of running processes
All the methods available to kill a process require a PID as a parameter. The list of running processes can be long and will scroll off the screen. You can move up and down the screen by using the slider bar to the right of the PowerShell Window. Another option is to pipe the output of the process listing utility to more, which will pause the display when a full screen has been shown until you press the space bar. Enter
tasklist | more to see all current processes.
The PID is the second column in the output. The first column lists the names of the processes. You will notice that a lot of the processes are called svchost.exe – which isn’t very helpful because if you want to stop one of these processes, it is impossible to work out which is the one that is giving you trouble.
You can get more detail on a process by using the command
get-process -ID <PID> | select-object * (put in the PID of a process instead of <PID>).
Once you have identified the process you want to terminate, you have two options to kill it: taskkill and stop-process.
Kill a process with Taskkill
Taskkill allows you to kill a process either by its PID or by the name listed for it in the tasklist output.
To stop a process by its ID, use
taskkill /F /PID <PID>, such as
taskkill /F /ID 3127 if 3127 is the PID of the process that you want to kill.
To stop a process by its name, use
taskkill /IM <process-name> /F, for example
taskkill /ID mspaint.exe /F.
Kill a process with Stop-Process
Like Taskkill, Stop-Process lets you use either the PID or process name to kill a process. The name needs to be as shown in the tasklist output.
To stop a process by its ID, use the format:
Stop-Process -ID <PID> -Force, eg.
Stop-Process -ID 3127 -Force.
To stop a process by its name, use the format:
Stop-Process -Name <process-name> -Force, eg.
Stop-Process -Name mspaint.exe -Force.
Kill a process without PowerShell
If you just want to kill a process and you aren’t interested in using a command that you can put in a script, the easiest method is through the Task Manager, which is part of the Windows GUI environment.
To get Task Manager, right-click on a vacant space on the taskbar and select Task Manager from the context menu.
In Task Manager, scroll through the list of running processes that are shown in the Process tab of the interface. Click on the process that you want to stop and then click on the End task button at the bottom-right of the interface.
There are many ways to kill a task and using PowerShell lets you work out a way to manage processes programmatically by writing a script. Creating such as system would be time-consuming, though and there are plenty of pre-written tools out there that do a much better job of managing processes than a small script that you could put together.
Take a look at the SolarWinds Server & Application Monitor. This tool includes process management. This has a screen that shows all running processes and also includes a kill button. This utility can be set to look for specific conditions, such as a process that runs longer than a given time or one that seems to be inactive. Under these circumstances, you can set the system to send you an alert, so you don’t have to sit looking at the screen all day in order to keep track of problematic processes. SolarWinds offers the Server & Application Monitor on a 30-day free trial.