CMD tasklist and tskill manage Windows System Processes

Command: Tasklist

Function: A command is used to display all processes running on a local computer or a remote computer. It can monitor user operations.

Command Format:

Tasklist [/S system [/u username [/P [Password] [/M [module] |/svc |/V] [/FI filter] [/FO format] [/NH]

Parameter description

/S system specifies the remote system to connect.

/U [domain \] User specifies which user to use to execute this command.

/P [Password] specifies the password for the specified user.

/M [module] lists all processes that call the specified DLL module. If no module name is specified, all modules loaded by each process are displayed.

/Svc displays the services in each process.

/V displays details.

Instance analysis:

If you only want to view the process information of the local host, run the command directly. The following instance is used to remotely view the time history of a host in the Intranet from the client.

Suppose we have a server:

Intranet address: 192.168.0.1,

Administrator Account: Administrator

Administrator Password: Password

In the CMD window, enter:

Tasklist/s 192.168.0.1/u administrator/P Password

This command allows us to conveniently view the running status of the remote host, provided that the RPC service is started properly.

Command:Tskill

Function: used to disable the process

Command Format:

Tskill processid | processname [/Server: servername] [/ID: sessionid |/A] [/V]

Parameter description

The process ID of the process whose processid is to end.

The name of the process whose processname is to end.

/Server: the server whose servername contains processid (the default value is the current value ).

When using the process name and/server, you must specify

/ID or/

/ID: sessionid ends the process running in the specified session.

/A ends the processes running in all sessions.

/V displays the information of the operation being executed.

This tskill is easy to use. Simply enter the tskill image name or PID.

If you encounter a process that cannot be terminated by tskill, you can also try the ntsd command,

Format: ntsd-C q-PN {process name}

Parameter description:

-C indicates executing the DEBUG command;

Q indicates that the execution is terminated;

-P indicates that the PID corresponding to the process to be completed is followed;

-PN indicates that the name of the process to be completed is followed;