The TSKILL command can be executed via the command line to end processes by a particular name or process id. The usage of this command is as follows:
tskill ProcessID | ProcessName [/server:ServerName] [/id:SessionID | /a] [/v]
ProcessID – The ID of the process you wish to terminate.
ProcessName – The name of the process you wish to terminate.
/server:ServerName – Used to specify a remote terminal service to issue the command against.
/id:SessionID – Specifies the session in which the process you want to end resides
/a – Ends all processes by the specified name or ID running in all sessions on a server
/v – Displays information about the actions performed
**NOTE: /server:ServerName must be used in conjunction with /id:SessionID or /a
**NOTE: You can use the “query process” command to find the name and id of a process
This command can come in handy especially when trying to fight a virus or spyware outbreak within your enterprise. By simply including this command in a batch file within a GPO you can effectively terminate the malicious process when a user logs in.
***
Chris Sanders is the network administrator for one of the largest public school systems in the state of Kentucky. Chris’s specialties include general network administration, windows server 2003, wireless networking, and security. You can view Chris’ personal website at www.chrissanders.org.
