If you are a Windows IT Administrator there will come a day when you find a computer is locked up in some way and you need to at least try and fix it, before you give up and power cycle it.  Fortunately there are few easy commands and methods to help with this.

1 – USE WINDOWS GUI TO CONTROL A DIFFERENT COMPUTER

If you want to use the Windows GUI to control another machine you can use the Windows Admin Center if you have already got it installed, but if you don’t you can still use the integrated Windows apps to connect remotely.  The most useful one of these tools is usually the SERVICES app:

  1. use services to connect to a different computerClick the START button, type SERVICES and press ENTER
  2. RIGHT CLICK on the SERVICES (LOCAL)
  3. CONNECT TO ANOTHER COMPUTER
  4. Either type the name of the computer you want to control, or click the BROWSE button to find the exact name
  5. Click OK
  6. Wait a few seconds for it to connect

At this point you can STOP or START services on the remote computer on demand.

2 – USE COMMAND LINE TO CONTROL ANOTHER COMPUTER

A slightly more complicated way to control another Windows computer, is to use a command line utility that is built into Windows name TASKLIST.

  1. Make sure you are logged into a machine on the same LAN using an account that has full administrator permissions on the machine you want to connect to (i.e. Domain Admin)
  2. Launch a Command Prompt as an administrator
  3. Type tasklist /s <host-name-of-remote-computer>

list tasks on remote computerFrom this list you can see what is running, if the apps are running through an RDP session (which you may want to force log off -see THIS article) or they are services or… but most importantly you can see their PID numbers which are very useful for some commands

In my case I need to kill an install that was stuck, so I ran:

taskkill /f /t /s ABM04 /im msiexec.exe

which remotely END TASK on a dozen MSIEXEC’s that were running.

If I needed to just kill the one task, I would need the PID number.  For instance, from the screenshot above I can see that the PATCHMYPC-SERVICE.EXE is PID 8496 so if had a bunch of PATCHMYPC-SERVICE.EXE running but I only needed to END TASK on the the one in the screen shot, I would use:

taskkill /PID 8496 /f /t /s ABM04

To be complete, here is the full list of details and options for the TASKKILL command:


PS C:\Users\calga> taskkill /?

TASKKILL [/S system [/U username [/P [password]]]]
{ [/FI filter] [/PID processid | /IM imagename] } [/T] [/F]

Description:
This tool is used to terminate tasks by process id (PID) or image name.

Parameter List:
/S system Specifies the remote system to connect to.

/U [domain\]user Specifies the user context under which the
command should execute.

/P [password] Specifies the password for the given user
context. Prompts for input if omitted.

/FI filter Applies a filter to select a set of tasks.
Allows “*” to be used. ex. imagename eq acme*

/PID processid Specifies the PID of the process to be terminated.
Use TaskList to get the PID.

/IM imagename Specifies the image name of the process
to be terminated. Wildcard ‘*’ can be used
to specify all tasks or image names.

/T Terminates the specified process and any
child processes which were started by it.

/F Specifies to forcefully terminate the process(es).

/? Displays this help message.

Filters:
Filter Name Valid Operators Valid Value(s)
———– ————— ————————-
STATUS eq, ne RUNNING |
NOT RESPONDING | UNKNOWN
IMAGENAME eq, ne Image name
PID eq, ne, gt, lt, ge, le PID value
SESSION eq, ne, gt, lt, ge, le Session number.
CPUTIME eq, ne, gt, lt, ge, le CPU time in the format
of hh:mm:ss.
hh – hours,
mm – minutes, ss – seconds
MEMUSAGE eq, ne, gt, lt, ge, le Memory usage in KB
USERNAME eq, ne User name in [domain\]user
format
MODULES eq, ne DLL name
SERVICES eq, ne Service name
WINDOWTITLE eq, ne Window title

NOTE
—-
1) Wildcard ‘*’ for /IM switch is accepted only when a filter is applied.
2) Termination of remote processes will always be done forcefully (/F).
3) “WINDOWTITLE” and “STATUS” filters are not considered when a remote
machine is specified.

Examples:
TASKKILL /IM notepad.exe
TASKKILL /PID 1230 /PID 1241 /PID 1253 /T
TASKKILL /F /IM cmd.exe /T
TASKKILL /F /FI “PID ge 1000” /FI “WINDOWTITLE ne untitle*”
TASKKILL /F /FI “USERNAME eq NT AUTHORITY\SYSTEM” /IM notepad.exe
TASKKILL /S system /U domain\username /FI “USERNAME ne NT*” /IM *
TASKKILL /S system /U username /P password /FI “IMAGENAME eq note*”

 


 


0 Comments

Questions or Comments?