How to Kill Process on Remote Computer Using PowerShell
As a system administrator, you may need to kill a process on a remote computer using PowerShell for several reasons, as follows:
Troubleshooting: Sometimes, a process can become unresponsive or consume too many resources on a remote computer, causing the system to slow down or even crash. In such cases, killing the process may be necessary to restore the system’s performance and stability.
Security: Malware and other malicious software may run in the background without the user’s knowledge, consuming system resources and compromising the system’s security. As a system administrator, you may need to kill these processes to prevent further damage.
Maintenance: During system maintenance or upgrades, some processes may need to be stopped to ensure a smooth transition. Killing processes remotely using PowerShell can be an efficient way to manage this process.
In this blog post, we will walk you through how to kill process on remote computer using PowerShell.
To connect to remote computer, we can create interactive session using
In this context, we have two computers named
vm2 respectively. The client will be
vm1 and we want to kill MS Edge processess in
Since the computers are not in the same domain and we don’t use domain administrator account that typically has privilege to access other computers in the domain, we need to complete some prerequisites. Otherwise, we can jump to how to use Enter-PSSession section.
- Enable Windows Remote Management (WinRM) service for both computers
Set-Service -Name WinRM -Status Running -StartupType Automatic
- Add servers we want to connect to
TrustedHostslist on client computer
Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value 'vm2'
- Enable firewall rule for WinRM to allow other IPs to connect
Set-NetFirewallRule -Name 'WINRM-HTTP-In-TCP' -RemoteAddress Any Enable-NetFirewallRule -Name 'WINRM-HTTP-In-TCP'
Or you can also do it manually:
1. Open Windows Defender Firewall with Advanced Security 2. Click Inbound Rules 3. Double-click Windows Remote Management (HTTP-In) for the Public profile 4. Click the Scope tab 5. Under Remote IP address, set it to `Any IP Address` 6. Enable Rule
Connect to remote computer using Enter-PSSession cmdlet
To create session to remote computer, we can use
Enter-PSSession and specify the computer name we want to connect as well as the credential (username and password).
To close the session, we can use
Enter-PSSession vm2 -Credential (Get-Credential) Stop-Process -Name 'msedge' Exit-PSSession
To kill process on remote computer, we can create session to remote computer using
Enter-PSSession. Then, we can use
Stop-Process cmdlet to kill the process. Lastly, to close the session we can use