Powershell 取得運作中的程序，Kill 掉

取得 Process，Kill 掉:

Powershell 指令:

Get-Process | Select-Object `
Name,
Id,
@{N="ExeName";E={
if ($_.Path) { Split-Path $_.Path -Leaf } else { "N/A" }
}},
@{N="FullPath";E={$_.Path}},
@{N="CPU(s)";E={$_.CPU}},
@{N="Memory(MB)";E={[Math]::Round($_.WorkingSet64/1MB,2)}},
@{N="Owner";E={
try {
(Get-CimInstance Win32_Process -Filter "ProcessId=$($_.Id)") |
Invoke-CimMethod -MethodName GetOwner |
ForEach-Object { "$($_.Domain)\$($_.User)" }
} catch {
"N/A"
}
}}

將上述指令的結果存到 $Processes 變數中:
(注意變數只會存當下查詢的結果，系統執行程式有異動時必須重新查詢)

$Processes = Get-Process | Select-Object `
Name,
Id,
@{N="ExeName";E={
if ($_.Path) { Split-Path $_.Path -Leaf } else { "N/A" }
}},
@{N="FullPath";E={$_.Path}},
@{N="CPU(s)";E={$_.CPU}},
@{N="Memory(MB)";E={[Math]::Round($_.WorkingSet64/1MB,2)}},
@{N="Owner";E={
try {
(Get-CimInstance Win32_Process -Filter "ProcessId=$($_.Id)") |
Invoke-CimMethod -MethodName GetOwner |
ForEach-Object { "$($_.Domain)\$($_.User)" }
} catch {
"N/A"
}
}}

將上述結果用表格欄位方式顯示:

$Processes | ft

殺掉 Process:

用 Process ID 刪 (請改 12345):

$Processes | where {$_.Id -eq 12345} | Stop-Process -Id <PID>

用 Process Name 刪 (請改 notepad):

$Processes | where {$_.Name -eq "notepad"} | Stop-Process -Force

$Processes | where {$_.Name -like "notepad*"} | Stop-Process -Force

用 Process 執行檔名 刪 (請改 notepad):

$Processes | where {$_.ExeName -eq "notepad"} | Stop-Process -Force

$Processes | where {$_.ExeName -like "notepad*"} | Stop-Process -Force

-Force 代表強制

如果在 CMD 模式下:

C:\> taskkill /f /pid {ProcessId}

C:\> taskkill /f /im {執行檔名稱}

/f 代表 Force 強制