Killing a process in Windows 7 command line

Taskkill /?
Taskkill: As the name of the utility ?taskkill? suggests that it is simply used to see the running processes and to kill one or more processes either by using its PID i.e. ProcessID or by using its Image name i.e. by which it is present in system and being executed. We can also filter the results on the basis of user name, PID, image name, CPU time, memory usage etc at the time of killing or terminating a process. Syntax: taskkill [/s [/u [\] [/p []]]] {[/fi ] [...] [/pid /im ]} [/f] [/t] Parameters description: /s :- To provide IP specification or name of the remote computer; if not provided local computer is considered. Do not use backslashes in the value of the parameter. /u \ :- To provide UserName or Domain\UserName under whose permission command should execute. If not provided then command run under the permission of person who is logged on. Option /u can be used only if /s is specified. /p :- For the password of that user account which is provided with /u parameter. Password is prompted in case this field is omitted. /fi :- To apply filter to select a set of tasks. Wildcard character (*) can be used for specifying all tasks or image names. Filter names are provided after parameter description. /pid >ProcessID> :- For specifying PID of the process to be killed. /im :- For providing image name of the process to be terminated. Also Wildcard character (*) can be used to specify all image names. /t :- To terminate the whole tree of the process including all child processes started by it. /f :- For forceful termination of process. It is not omitted in case of remote process as they are terminated forcefully in default. Filters description: Filters are provided to filter the result. This filtering is based on some Filter names which are checked with some relational operators. You will observe that the filter names are the column names which comes in task manager. Filter Name Valid Operators Valid Values STATUS eq,ne RUNNINGNOT RESPONDINGUNKNOWN IMAGENAME eq, ne Name of image PID eq, ne, gt, lt, ge, le ProcessID number SESSION eq, ne, gt, lt, ge, le Session number CPUTIME eq, ne, gt, lt, ge, le CPU time in the format HH:MM:SS, where MM and SS are between 0 and 59 and HH is any unsigned number MEMUSAGE eq, ne, gt, lt, ge, le Memory usage(in KB) USERNAME eq, ne Any valid user name (User or Domain\User) SERVICES eq, ne Service name WINDOWTITLE eq, ne Window title MODULES eq, ne DLL name where eq, ne, gt, lt, ge & le are meant for equal to, not equal to, greater than, less than, greater than equal to and less than equal to respectively. Points to be noted: In case of remote process WINDOWTITLE and STATUS filters are not supported. Wildcard (*) character is accepted for /im option only when filter is applied. Not necessary that /f is specified in case of remote process termination as in default that is terminated forcefully. Don?t specify computer name to HOSTNAME filter as it will result in a shutdown and all processes are stopped. For specifying ProcessID (PID) tasklist command can be used. Examples: To terminate a process with PID 3276 use parameter /pid. ?taskkill /pid 3276 To terminate more than one process with pid as 2001, 2224, 4083. ?taskkill /pid 2001 /pid 2224 /pid 4083 To terminate a process with its image name like wmplayer.exe for Windows Media Player use /im parameter. ?taskkill /im wmplayer.exe To terminate a process and all its child process i.e. to end process tree in task manager use /t parameter. ?taskkill /f /im explorer.exe /t To terminate all those processes which have PID greater than or equal to 1500 without considering their image names use filter ge with wildcard character. ?taskkill /f /fi ?PID ge 1500? /im * To terminate the process tree with PID 2521 which is started by account name admin. ?taskkill /pid 2521 /t /fi ?USERNAME eq admin? To terminate all process beginning with note on a remote system named serverpc under user name ?administrator? having its password as ?qu@dc()r3?. ?taskkill /s serverpc /u administrator /p qu@dc()r3 /fi ?IMAGENAME eq note*? /im * To terminate a process with its windows title as ?paint? ?taskkill /f /fi ?WINDOWTITLE eq paint? Source:
Sample Output
Taskkill /PID 4064 /F
SUCCESS: The process with PID 4064 has been terminated.

These Might Interest You

  • This command kills all processes with 'SomeCommand' in the process name. There are other more elegant ways to extract the process names from ps but they are hard to remember and not portable across platforms. Use this command with caution as you could accidentally kill other matching processes! xargs is particularly handy in this case because it makes it easy to feed the process IDs to kill and it also ensures that you don't try to feed too many PIDs to kill at once and overflow the command-line buffer. Note that if you are attempting to kill many thousands of runaway processes at once you should use 'kill -9'. Otherwise the system will try to bring each process into memory before killing it and you could run out of memory. Typically when you want to kill many processes at once it is because you are already in a low memory situation so if you don't 'kill -9' you will make things worse

    ps axww | grep SomeCommand | awk '{ print $1 }' | xargs kill
    philiph · 2009-02-28 17:48:51 5
  • This will save your open windows to a file (~/.windows). To start those applications: cat ~/.windows | while read line; do $line &; done Should work on any EWMH/NetWM compatible X Window Manager. If you use DWM or another Window Manager not using EWMH or NetWM try this: xwininfo -root -children | grep '^ ' | grep -v children | grep -v '<unknown>' | sed -n 's/^ *\(0x[0-9a-f]*\) .*/\1/p' | uniq | while read line; do xprop -id $line _NET_WM_PID | sed -n 's/.* = \([0-9]*\)$/\1/p'; done | uniq -u | grep -v '^$' | while read line; do ps -o cmd= $line; done > ~/.windows Show Sample Output

    wmctrl -l -p | while read line; do ps -o cmd= "$(echo "$line" | awk '$0=$3')"; done > ~/.windows
    matthewbauer · 2010-07-04 22:11:24 2
  • whowatch is a interactive, ncurses-based, process and users monitoring tool, which updates information in real time. This is a perfect tool for local and remote servers. It displays information about the users currently logged on to the machine, in real-time. Besides standard information (login name, tty, host, user's process), the type of the connection (ie. telnet or ssh) is shown. Display of users command line can be switch to tty idle time. Certain user can be selected and his processes tree may be viewed as well as tree of all system processes. Tree may be displayed with additional column that shows owner of each process. In the process tree mode SIGINT and SIGKILL signals can be sent to the selected process. Killing processes is just as simple and fun as deleting lines on the screen.

    cryptema · 2011-06-30 22:45:39 1
  • Tested on Windows 8 w/SSH, Cygwin - it can be tricky to quote if you dont use the $(..) syntax to echo it back out Show Sample Output

    ssh <user>@<ip address> $(echo wmic process where \"name like \'%<process to kill>%\'\" delete)
    adanisch · 2014-07-02 04:41:05 0

What do you think?

Any thoughts on this command? Does it work on your machine? Can you do the same thing with only 14 characters?

You must be signed in to comment.

What's this? is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.


Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: