Process Hacker and Windows discussion

 
kakoo

Terminating a protected process from command line

15 Apr 2017, 20:11

I beg my pardon. After searching the forum in all directions, I could not find any answers why Process Hacker can terminate a protected process via its GUI but not from the command line using its own syntax:

ProcessHacker.exe -c -ctype process -cobject UpdaterUI.exe -caction terminate

I always get "Access denied" error despite the fact I am running this command from an elevated command prompt and I am an administrator on this Win7 x64 machine.
However, If I run Process Explorer GUI, select UpdaterUI.exe and hit Delete -- viola -- the process is gone. I used the latest Process Hacker Installer, I also enabled kernel-level driver in its settings.

UpdaterUI.exe is a McAfee related process. I want to automate killing it via a batch file. I cannot disable McAfee self-defense feature due to company policies and restrictions. Looks like I am missing something here. No matter what command line options I tried -- nothing helps. Is it a known restriction of Process Hacker or an intention not to let users terminate protected process from command line?
 
User avatar
dmex
Admin
Posts: 1328
Location: Australia

Re: Terminating a protected process from command line

16 Apr 2017, 13:07

kakoo wrote:
15 Apr 2017, 20:11
Is it a known restriction of Process Hacker or an intention not to let users terminate protected process from command line?
Yes

User interaction is mandatory for critical features such as that one, if you were able to terminate protected processes via the command line then it would be abused by malicious software.

Who is online

Users browsing this forum: No registered users and 2 guests