Home Programming Windows Windows: find processes and kill them

Windows: find processes and kill them

I’m a Linux guy so I want to kill processes from the command line. Here are a few commands that can be good to know when Windows processes not are behaving (the way you want).

To display help and all the available parameters for a command, use the /? parameter.

netstat

This command displays protocol statistics and current TCP/IP network connections. Use netstat /? to see all parameters. It can be used to find a process that is occupying a port you want to use. To do that, I use netstat -ano which displays the PID (process id). Example:

[simterm]
C:\>netstat -ano | findstr 8080
TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 9260
[/simterm]

PID in the example is in the rightmost column (9260). I’m using findstr to filter the output

tasklist

This tool displays a list of currently running processes on either a local or remote machine. Use tasklist /? to see all parameters.

For example to see which process is occupying port 8080 (from the example above, PID=9260) I can use the /FI (filter) parameter:

[simterm]
C:\>tasklist /FI “PID eq 9260”
Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
ApplicationWebServer.exe 9260 Services 0 2 296 K
[/simterm]

I usually can’t remember the exact syntax for the filter, so I use findstr instead:

[simterm]
C:\>tasklist | findstr 9260
ApplicationWebServer.exe 9260 Services 0 2?296 K
[/simterm]

A good thing with the filter is that you for example can list processes that not are responding (see taskkill below how to kill it):

[simterm]
C:\>tasklist /FI “status eq not responding”
Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
jusched.exe 12308 Console 1 11 644 K
[/simterm]

taskkill

This command can kill processes on either a local or remote machine. Use tasklist/? to display the parameters. For example kill by PID:

[simterm]
C:\>taskkill /F /PID 9260
SUCCESS: The process with PID 9260 has been terminated.
[/simterm]

Or by IM:

[simterm]
C:\>taskkill /F /IM ApplicationWebServer.exe
SUCCESS: The process “ApplicationWebServer.exe” with PID 9260 has been terminated.
[/simterm]

With the /FI (filter) parameter, you can kill all processes that not are responding:

[simterm]
C:\>taskkill /F /FI “status eq not responding”
SUCCESS: The process with PID 12308 has been terminated.
[/simterm]

Comments are closed.