Kill Task in Windows
TaskKill and Tasklist in DOS
My computer was compromised by a computer virus which disables task manager. Most of windows users have the knowledge on how to kill process using task manager. But what if I was hit by a computer virus that disables the task manager? There a free product available online with same functionality as task manager that is the process explore by sysiternals or you if you have internet connections you can run the Sysinternals Live in command prompt by typing \\live.sysinternals.com\tools\<toolname> for example if you want to run Autoruns then you can do \\live.sysinternals.com\tools\Autoruns. But what if you don’t have the internet connection? Fortunately, our friend Microsoft has had a default utility in the heart of OS command prompt or DOS prompt the TaskKill and TaskList command. “This method is quite effective killing process in command prompt provide much more control and the ability to end multiple processes at once”. Please bear in mind that you need to have an elevated account or Administrative level for this process to be effective. Since this is a command prompt there is no GUI available only text based and you have to know the exact command to run. TaskKill goes hand in hand with tasklist. Let us begin by opening the command prompt and run the tasklist to see all the running process.
Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
System 4 Services 0 916 K
smss.exe 336 Services 0 72 K
csrss.exe 488 Services 0 1,760 K
VsTskMgr.exe 1388 Services 0 2,160 K
audiodg.exe 5196 Services 0 16,060 K
taskeng.exe 7148 Console 1 4,640 K
tasklist.exe 6360 Console 1 4,696 K
To display the list of available commands Run the taskKill /? In command prompt
1) Wildcard '*' for /IM switch is accepted only when a filter is applied.
2) Termination of remote processes will always be done forcefully (/F).
3) "WINDOWTITLE" and "STATUS" filters are not considered when a remote machine is specified.
Remember we can kill the process by process ID (PID) or by image name (the equivalent exe filename)
So to kill the process taskeng.exe we can
C:\> taskkill /IM taskeng.exe /F
C:\> taskkill /PID 7148 /F
The /F switch is to kill the process forcefully. Failure to do so shall result in sometimes nothing is happening particularly if the process is very important to OS.
We can also use the filtering options that allows us to use the following variables and operators
ne (not equal)
gt (greater than)
lt (less than)
ge (greater than or equal)
le (less than or equal)
"*" is the wildcard.