How To Find and Kill Processes on Remote Windows Computers

Windows provides several methods to view processes remotely on another computer. Terminal Server is one way or you can use the command line utility pslist from Microsoft Sysinternals site. While both options are good alternatives, Windows XP and Vista provides a built-in utility for viewing and killing a process on remote Computers using Tasklist and Taskkill commands.

Both tasklist.exe and taskkill,exe can be found in %SYSTEMROOT%\System32 (typically C:\Windows\System32) directory.

To view processes on a remote Computer in your home, you will need to know the username and password on the Computer you want to view the processes. Once you have the user account information, the syntax for using tasklist follows:

tasklist.exe /S SYSTEM /U USERNAME /P PASSWORD

(To view all tasklist options, type tasklist /? at the command prompt)

To execute, click on Start \ Run… and in the run window type cmd to open a command prompt. Then type the tasklist command, substituting SYSTEM for the remote computer you want to view processes, USERNAME and PASSWORD with an account/password on the remote Computer.

(NOTE: if you are in a Domain environment and have Administrator rights to the remote Computer, you will not need to specify a Username and Password)

Now if there was a process that needed to be killed, you can use the taskill command. As with tasklist, you will also need the Username and Password on the remote Computer. The syntax for using taskkill is

taskkill.exe/S SYSTEM /U USERNAME /P PASSWORD /IM PROCESS

(To view all taskkill options, type taskkill /? at the command prompt)

Where SYSTEM, USERNAME, PASSWORD is the same as above for the tasklist command, and IM is the process image name you want to kill. In the above screenshot we will kill firefox.exe by typing the following at the command prompt:

taskkill.exe /S wtn1 /U joe /P ddd1234 /IM firefox.exe
SUCCESS: The process “firefox.exe” with PID 196 has been terminated

You can also kill a process using the PID (Process ID) of the process. In the above example the PID for firefox.exe is 196:

taskkill.exe /S wtn1 /U joe /P ddd1234 /PID 196

If the process does not terminate, you can use /F to forcefully terminate the process.

taskkill.exe /S wtn1 /U joe /P ddd1234 /PID 196 /F

Related posts

The Future of Mobile Security: Emerging Threats and Countermeasures

From Concept to Launch: Ensuring Cybersecurity in Product Development

What Exactly is Telematics? The Technology That’s Changing How We Drive