How To Manage Windows Processes And Services Remotely

You may need to manage a Windows service or a process on a remote computer if you are a sysadmin. One of the common remote tasks is restarting a service, a process, or the computer itself.

A remote computer may be at another location, on the cloud, or simply in another room. It is convenient to manage it remotely rather than physically accessing it.

There are a bunch of methods that can be used to manage Windows processes or services remotely, as long as the remote computer is on the same network as yours, or joined to the same domain. These include both command-line methods and GUI-based consoles.

Today, we will be showing you how to manage a Windows process or a service on a remote computer using both Windows-native and aftermarket tools.

List, Kill, Start, or Restart Windows Processes and Services Remotely

Just like on your local PC, you can view all the processes running on a remote computer, kill a process, start a process/task, or even restart a service. Most of the method shared in this post are performed through the Windows Command Line Interface (CLI), which include both the Command Prompt and PowerShell.

The tasklist cmdlet can be used with parameters to view the processes and tasks running on a remote PC. Similarly, the PsList.exe tool, which is a part of Sysinternals PsTool, also lists the same information as tasklist.

Alternatively, you can also use the two aforementioned tools in combination to view and list the processes on a remote computer; where the PsExec tool is used to connect to the remote computer’s Command Prompt, and then other command-line tools can be used to list the processes, like tasklist, Get-Process, etc.

Likewise, you can control and manage the different Windows services of a remote computer. This can be done through the command line as well as the Services console.

Before we get into the details of using these tools to manage remote services and processes, there are a few conditions that the remote computer should meet:

• The remote PC must be on the same network as yours, or the same domain.
• You need to use an administrative computer account to manage the remote computer’s services and processes, complete with a username and password.
• Remote connection should be allowed through the firewall, or the firewall must be turned off (not recommended).
• The User Access Control (UAC) Remote Restrictions must be turned off.

If these conditions are not met, you will not be able to use many of the tools discussed above to manage processes and services on a remote PC.

Allow Remote Connection through Windows Firewall

Use the following steps to allow remote connection through the firewall, if not already enabled:

1. Open the Windows Firewall applet by typing in “firewall.cpl” in the Run Command box.

   

2. Click “Allow an app or feature through Windows Defender Firewall” on the left.

   

3. Click “Change settings.”

   

4. Scroll down and allow “Remote Desktop” through the available network profiles, and then click “Ok.”

   

These steps will allow you to use the command-line and GUI-based tools to connect remotely to the other computer. Now, you must also disable the UAC Remote Restrictions on the remote computer.

Disable UAC Remote Restrictions

The UAC Remote Restrictions can be removed both remotely and physically on the computer as well. Below are the steps used to disable the feature and allow a remote connection if you are physically preset on the PC. Note that this method involves manual changes to the Windows Registry.

Note: To enable the remote desktop connection remotely, refer to this guide.

1. Open the Registry Editor by typing in “regedit” in the Run Command box.

   

2. Paste the following in the navigation bar for quick navigation:

   Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

   

3. Right-click the System key, expand New, and click “DWORD (32-bit Value).” Name the DWORD “LocalAccountTokenFilterPolicy.”

   

4. Set the “LocalAccountTokenFilterPolicy” Value Data to “1.”

   

5. Close the Registry Editor.

You are now set to use different tools to manage Windows services and processes remotely.

List, View all Processes on Remote Computer

List all Processes Remotely using Tasklist

Tasklist is a command-line tool you can use to view the details of the processes running on the remote computer. This lists different information regarding the processes, such as their Process ID (PID), memory usage, etc.

Note that if you use the method below first when the remote connection is not allowed through Windows Firewall or the UAC Remote Restrictions are still enabled, you will see the following error message:

ERROR: The user name or password is incorrect

To avoid this error, we suggest that you first use the steps given above to allow RDC through the firewall and disable UAC Remote Restrictions, then continue to use the steps below:

1. Launch an elevated Command Prompt.

2. Use the following syntax to obtain information on the processes running on the remote PC:

   Replace [ComputerName] with the name of the remote computer, [Username] with an administrative user account on the remote PC, and [Password] with the correct password for the associated username.

   tasklist.exe /S [ComputerName] /U [Username] /P [Password]

   

As you can see in the image above, all running tasks on the remote computer are now listed inside the Command Prompt.

Query Processes Remotely using PsList

As mentioned earlier, PsList is part of the PsTools utility by SysInternals. This can also be used to display a list of processes running on the remote computer. It gives more detailed information about a process when compared to the tasklist method, such as the time the process has been running, the number of threads and handles, etc.

1. Start by downloading the PsTools.

   

2. Extract the contents of the PsTool file.

   

3. Now launch an elevated Command Prompt and then use the CD cmdlet to change your directory to the extract PsTools folders.

   CD [PathToPsTools]

   

4. Now use the following cmdlet to list all the running processes on the remote computer while replacing [ComputerName] with the name of the remote PC:

   PsList \\[ComputerName]

   

Alternatively, you can also use the “-t” switch in the following syntax to show the process tree instruction:

PsList \\[ComputerName] -t

List all Processes Remotely using Get-Process (PowerShell)

The Get-Process is a PowerShell cmdlet that lists all the running processes as well as their relevant information, like PID, handles, etc. It can be used alone to obtain a list of processes and tasks on the local computer, or together with switching to obtain a list of processes running on a remote computer.

1. Launch an elevated PowerShell instance.

2. Use the following cmdlet while replacing [ComputerName] with the name of the remote PC:

   Get-Process -ComputerName [ComputerName]

   

Other methods to View All Processes Remotely

You can also use other methods to obtain a list of processes on a remote computer. For instance, you can connect to a remote computer’s Command Prompt using the PsExec tool and run cmdlets that list the local process details. This includes the Tasklist cmdlet, as well as others, like WMIC.

Here are the steps to connect to the remote computer’s Command Prompt:

1. Start by downloading the PsTools.

   

2. Extract the contents of the PsTool file.

   

3. Now launch an elevated Command Prompt and then use the CD cmdlet to change your directory to the extract PsTools folders.

   CD [PathToPsTools]

   

4. Now use the following cmdlet to connect to the remote computer’s Command Prompt while replacing [ComputerName] with the name of the remote PC:

   PsExec \\[ComputerName] CMD

   

   As you will observe, your directory will now change. This means that the computer has successfully connected to the remote computer’s Command Prompt.

Now that you have successfully established a remote cmd connection, you can use any of the following cmdlets to list the processes and their details:

Tasklist
WMIC Process

These are all the methods to view and list all the processes on a remote computer. Let us now see how to kill a process.

How to Kill a Process Remotely

The methods shared below to kill a process require the name or PID of a process that you want to kill, which can be done using the methods listed above to list/query the processes on a remote computer.

Kill Process Remotely using Taskkill

Like Tasklist, the Taskkill tool is a Windows-native command-line tool that can be used to kill tasks and processes on a remote computer. To kill a process on a remote computer, use the following steps:

1. Launch an elevated Command Prompt.

2. Now use either of the following commands to kill a process remotely using its PID or process name.

   Remember to replace [ComputerName] with the name of the remote PC, [Processname] with the name of the process, and [PID] with the process ID that you want to kill.

   Taskkill /s [ComputerName] /IM [ProcessName]
   Taskkill /s [ComputerName] /PID [PID]

   

3. Now enter the password for the user account.

   

   The process will now be terminated successfully.

Kill Process Remotely using PsKill

PsKill comes with the SysInternals PsTool suite. It can also be used to kill a process on a remote computer. Here is how:

1. Start by downloading the PsTools.

   

2. Extract the contents of the PsTool file.

   

3. Now launch an elevated Command Prompt and then use the CD cmdlet to change your directory to the extract PsTools folders.

   CD [PathToPsTools]

   

4. Now use the following cmdlet to kill a process using its name or PID:

   Replace [ComputerName] with the name of the remote PC, [Username] with the user account to connect with, [Password] with the password of the associated username, and [ProcessNameOrID] with either the name of the process that you wish to terminate or its PID.

   PsKill \\[ComputerName] -U [Username] -P [Password] [ProcessNameOrID]

   

   The selected process will now be terminated on the remote computer.

Kill Process Remotely using Stop-Process (PowerShell)

Similar to the methods above, you can also kill a process using Windows PowerShell. This can be done using the Stop-Process cmdlet. One caveat of this command is that you cannot provide the name of the remote computer directly. However, it can be achieved using the Invoke-Command cmdlet and providing the credentials initially to connect to the remote PC.

Invoke-Command allows you to run commands on other computers.

Use the following steps to kill a process remotely using PowerShell:

1. Launch an elevated PowerShell instance.

2. Run the following command to invoke a request to save the credentials:

   $Credentials=Get-Credential

3. Now enter the credentials for the remote computer and click Ok.

   

4. Now use the following command to terminate a process remotely:

   Replace [ComputerName] with the name of the remote PC, and [ProcessName] with the name of the process that you want to kill without its file extension.

   Invoke-Command -ComputerName [CompuetrName] -Credential $credentials {Stop-Process -name "[ProcessName]"}

   

   Note: If you experience any connectivity errors when running this command, make sure that the “Windows Remote Management” service is running on the remote computer.

The selected process will now be terminated on the remote computer. This concludes our discussion on managing the different tasks and processes on a remote Windows computer.

Manage Windows Services Remotely

Like the processes, you can also manage Windows services remotely. This section covers both the command-line methods and the GUI-based method to start, stop, or restart Windows services remotely.

Let us start with the GUI method that involves using the local Windows Services Console.

Start, Stop, Restart Windows Services Remotely using Services Console

If you have prior experience with the Service Console, you would know that it is used to manage the various Windows services, and can be used to start, stop, restart, and disable Windows services on the local computer. Today, we are going to tell you that it can also be used to manage the services on other computers on your network.

The Services Console can connect to other computers directly and manage them as well.

Here are the steps to use the built-in Services Console to manage Windows services remotely:

1. Open the Services Console by typing in “services.msc” in the Run Command box.

   

2. Click “Action” from the ribbon menu and then click “Connect to another computer.”

   

3. Select “Another computer,” enter the name of the remote PC, and click Ok.

   

4. Ensure that the Services Console has successfully connected to the remote computer.

   

5. You may now continue to Start, Stop, or Restart a service simply by right-clicking it.

   

If you would rather use the command line to manage Windows services remotely, refer to the remaining methods down below.

Start, Stop, Restart Windows Services Remotely using SC.exe

“sc.exe” is a Windows-native command-line tool used to manage Windows services. It is also capable of controlling the services on another PC on the network.

You can use either of the following syntaxes to start or stop a service remotely on another computer using an elevated Command Prompt:

SC \\[ComputerName] Start [ServiceName]
SC \\[ComputerName] Stop [ServiceName]

Start, Stop, Restart Windows Services Remotely using PsService

Like PsExec, PsList, and PsKill, PsService is another tool part of the Sysinternals PsTools suite used to manage Windows services remotely. Use the following steps to use PsService to start or stop a Windows service on a remote PC:

1. Start by downloading the PsTools.

   

2. Extract the contents of the PsTool file.

   

3. Now launch an elevated Command Prompt and then use the CD cmdlet to change your directory to the extract PsTools folders.

   CD [PathToPsTools]

   

4. Now use the following cmdlets to start or stop a Windows process on the remote computer:

   Replace [ComputerName] with the name of the remote PC, [ServiceName] with the name of the service, and [Action] with either “Start”, “Stop”, or “Restart”, depending on what you want to do with the service.

   PsService \\[ComputerName] [Action] [ServiceName]

   

Final Verdict

This article lists the various methods that can be used to manage Windows services and processes remotely, so you do not need to have physical access to a server/computer.

As you may notice, most of the methods discussed are using the command-line interfaces on Windows OS. This is because the command line usually provides more options to better control and manage the various Windows components when compared to the regular GUI-based interface.

If you are a sysadmin, then surely this article is worth a read.