How to brutally kill a process in Windows environment

Today we’ll go over the various methods to kill a process. Can be useful especially if the process is stuck somehow and you’re having trouble closing/killing it.

Kill process with WMI queries

Open cmd.exe and run command:

wmic process where name='myprocessname.exe' delete

Batch kill in command prompt

Open cmd.exe and run command:

taskkill /IM "myprocessname" /T /F

/IM is required to pick process, but the extra parameters /T and /F are optional. They’re quite useful though:

/T = also kills child processes
/F = force termination of your process

Kill it the powerful way

Indeed. You can also kill it using Powershell, but you need to find the process ID first. Open Powershell prompt and simply type

Get-Process myprocessname | Select -expand id
# use the id returned in the next command:
kill -id id

Kill process using graphical user interface

You’re probably familiar with Task Manager. Open it by right-clicking on the taskbar and click on “Task Manager”. If that fails, or if you need to run it as another user, you can browse to %windir%\system32\ and run the executable file, taskmgr.exe.

If you’re lucky you can just kill the process and get on with your life. But, if you want to figure out what’s wrong, then a great tip is to open the Resource Monitor and Filter by process. This will show you all disk I/O file handles related to your process so you might actually see what exactly is hanging.

Telnet alternative to check if port is open on host

Many people still use telnet (client) for checking if port is open on remote host.
The Powershell cmdlet Test-NetConnection is the new and improved tool for this and by creating a function alias in your profile settings you can have it easily available at any time without remembering the syntax.

1) Open Powershell profile
notepad $profile

2) Add script
function open([string]$arg1, [int]$arg2)
     Test-NetConnection -ComputerName $arg1 -Port $arg2 -InformationLevel Detailed

3) Save file and close/reopen the Powershell window

4) Test it in your powershell prompt by writing open 80

Uninstall KB update on remote computer in domain using WUSA and PsExec

Step 1 – Check if the KB update is installed

Run the following Powershell script to make sure the KB update actually is installed. It will also show the install date.

Get-Hotfix -computername $hostname | Select HotfixID, InstalledOn | Where-Object { $_.HotfixID -eq $kb } | Sort-Object InstalledOn

Replace $hostname and $kb with the respective hostname and KB number. If you wish, the command can be simplified to:

Get-Hotfix -computername $hostname | Where-Object { $_.HotfixID -eq $kb }

Screenshot Powershell output

Step 2 – Download PsExec

You can download it here:

Step 3 – Uninstall KB update

psexec.exe -s \\hostname wusa.exe /uninstall /kb:2952664 /quiet /norestart

Again, remember to change hostname and KB number. If everything went OK it should say wusa.exe exited on $hostname with error code 3010.

Error code 3010 is correct, it means ERROR_SUCCESS_REBOOT_REQUIRED: “The requested operation is successful. Changes will not be effective until the system is rebooted.”


Powershell Snippets

List local user accounts

Get-WmiObject -Class Win32_UserAccount -Filter "LocalAccount='True'"

List local user accounts and parse array

$local_users = Get-WmiObject -Class Win32_UserAccount -Filter "LocalAccount='True'" | findstr "Caption";
for ($i = 0; $i -lt $local_users.Count; $i++) {
    Write-Host $local_users[$i].split("\\")[1];

List all installed Windows updates

Get-Hotfix-computername <hostname>Select HotfixID, InstalledOn |Sort-Object InstalledOn
Output will look something like:

tail equivalent in Powershell

Get-Content filename.txt -Tail 30

List all AD groups for user

Save the following code to a script called getgroups.ps1:

(New-Object System.DirectoryServices.DirectorySearcher(

Run the script from powershell and enter username as parameter, like this:

.\getgroups.ps1 johndoe

Add custom scripts to Powershell user scope

Today I had to google how to find out my Powershell version. How fucked up is that. Luckily 1680 other people wondered the same and appreciated this answer:

Turns out the command is: (ignore PS C:\>, that’s just to indicate a Powershell)

PS C:\> $PSVersionTable.PSVersion

No way I’m going to remember that. Luckily, StackOverflow user @ADTC mentioned he made a function to output the version.
Open notepad and write the function to the file specified from the $profile path.

PS C:\> notepad $profile

Insert the function:

function psver { 

Reload Powershell by running

PS C:\> . $profile

Now you can enter psver to output the version. Beautiful!

If you got an error when running notepad $profile that the file can’t be found, then simply enter $profile in your Powershell window to output the path and create the file manually in Windows Explorer.

List members of AD group


Open the Powershell shell (pun intended) on your domain controller and run the following command:
Get-ADGroupMember 'groupname'

This will list all members of the ‘groupname’ group in your shell. List pipe it into a text file instead:
Get-ADGroupMember 'groupname' > list.txt

We don’t need those unecessary columns though, so let’s just list the NAME column and nothing else:
Get-ADGroupMember 'groupname' | select name > list.txt


Run the shell as admin…