PowerShell allows for task management, including process termination, through custom scripts—a critical function for systems administrators. It’s possible to terminate any process, even those operating in the background supporting other programs. Thus, understanding each process is crucial to avoid terminating essential services.
Related post: 25 Essential PowerShell Commands
Process identification
Windows assigns a Process ID (PID) to each process that it starts up. So you need to identify the PID for the task you want to terminate.
The steps are:
Open the PowerShell environment
1. In order to open a PowerShell window, type powershell into the Start menu search field and click on Run as Administrator, which is listed as an option under the PowerShell app heading shown in the right panel of the results.
2. Windows will ask you for your permission to proceed. Click OK and the PowerShell app will open. This shows a blue background and has the PowerShell prompt at the top of it. The prompt also shows the current directory which defaults to C:\Windows\system32.
3. If you want to run your own scripts from this prompt, you can change the directory with the command cd <directory>
(substitute the directory name you want to move to for <directory>).
Get a list of running processes
All the methods available to kill a process require a PID as a parameter. The list of running processes can be long but you can move up and down the screen by using the slider bar to the right of the PowerShell Window.
To pause a full screen use the pipe (|). To continue press the Space bar.
Enter tasklist | more
to see all current processes.
The PID is the second column in the output. The first column lists the names of the processes. You will notice that a lot of the processes are called svchost.exe. This is not very helpful because if you want to stop one of these processes, it is impossible to work out which is the one that is giving you trouble.
You can get more detail on a process by using the command get-process -ID <PID> | select-object *
(put in the PID of a process instead of <PID>).
Once you have identified the process you want to terminate, you have two options to kill it: taskkill and stop-process.
Note that all methods to kill a process require a PID
Kill a process with Taskkill
Taskkill allows you to kill a process either by its PID or by the name listed for it in the tasklist output.
To stop a process by its ID, use taskkill /F /PID <PID>
, such as taskkill /F /ID 312
7 if 3127 is the PID of the process that you want to kill.
To stop a process by its name, use taskkill /IM <process-name> /F
, for example taskkill /IM mspaint.exe /F
.
Kill a process with Stop-Process
Like Taskkill, Stop-Process lets you use either the PID or process name to kill a process. The name needs to be as shown in the tasklist output.
To stop a process by its ID, use the format: Stop-Process -ID <PID> -Force
, eg. Stop-Process -ID 3127 -Force
.
To stop a process by its name, use the format: Stop-Process -Name <process-name> -Force
, eg. Stop-Process -Name mspaint.exe -Force
.
Kill a process without PowerShell
If you just want to kill a process and you aren’t interested in using a command that you can put in a script, the easiest method is through the Task Manager, which is part of Windows.
- To get Task Manager, right-click on a vacant space on the taskbar and select Task Manager from the context menu.
- In Task Manager, scroll through the list of running processes that are shown in the Process tab of the interface.
- Click on the process that you want to stop and then click on the End task button at the bottom-right of the interface.
Using Software
ManageEngine Applications Manager
ManageEngine Applications Manager is a good choice for process monitoring and it includes an option to examine and kill specific processes. The tool is able to connect to a specific server and show its performance with live throughput graphs. These include CPU activity and other essential details, such as memory usage and disk availability. The tool’s great strength is its application discovery routine that creates an application dependency map. This enables the system to identify processes that are going to face resource shortages as soon as their predictable launch occurs. This is a software package that runs on Windows Server, Linux, AWS, and Azure. ManageEngine offers Applications Manager on a 30-day free trial.
PowerShell kill process command FAQs
How do I stop a PowerShell command from running?
You can interrupt and stop a PowerShell command while it is running by pressing Control-C. A script can be stopped with the command exit. This will also close the PowerShell console.
How do I kill Windows processes from the command line?
At the command line, you can terminate a Windows process with the command taskkill. To use this command, you need to know its process ID (PID). You can get a list of all running tasks with the command tasklist. Once you know the PID, use the taskkill command in this manner: taskkill /PID <PID> /F. Type in the process ID without quotes instead of <PID>.
What is the kill PID command?
The kill command is used on Linux to terminate a running process. The format is just kill followed by the process ID. You can get a list of running processes by using the top command. The kill command doesn’t work in Windows – use taskkill instead.
Conclusion
PowerShell offers a way to manage processes programmatically with scripts. However, it can be time-consuming, and numerous pre-existing tools may perform process management more efficiently than a simple script you create.