• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

How do I kill an 'access denied' process?

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
redwraith94

redwraith94

Member
Joined
Feb 17, 2005
When I try to use taskmanager to kill certain processes, it says 'access denied'. So I would use process viewer, or pskill.exe, and for some of them it works. Some very pesky spyware that was running on a clients computer would not die at all, so is there any free utility out there, that could kill any and all processes?

IDK how it would work, but maybe it could just say "oh this process is taking up ram starting with a and ending at b" and then just overwrite that section of ram?

I know that I can boot into safe mode, and that there are other ways to delete pesky files like with recovery console, but I am looking for a desktop solution, so that I can kill the process and then delete the corresponding files.

IF YOU DON'T WANT TO READ THIS POST, Then this is my question:
1. Is there a freeware utility that can kill ANY and ALL process, I have used 'process viewer' and 'pskill.exe' but I want a utility to kill all spyware, and never give me an 'access denied' message. I am running Windows 2000 sp4.
 
for spyware killing u can use the microsoft beta spyware killer software and If i'm right u can't kill any service in teh machine cuse when y arunningthe machine some sservices are critical ones and machine won't let u kill them at all. BTw I think if u an visit www.blackviper.com web site you'll get lot more information about the windows services and what can u kill all the time to save the machine's resources.
 
the black viper link was broken :( Thanks though.

I don't really want to use MS Anti-Spyware beta. I don't really get much in the way of spyware myself. I just want a free ware prog that can kill any process.
 
There isn't. Spyware often uses 2 processes which both monitor each other. If you kill one of them, the other immediately restarts it and vice versa. THis happens much faster than you can kill them and delete the executable.
 
klingens said:
There isn't. Spyware often uses 2 processes which both monitor each other. If you kill one of them, the other immediately restarts it and vice versa. THis happens much faster than you can kill them and delete the executable.
Click to expand...

Not if you first set the ones priority to 'idle' and then kill the 2nd one's process, which I have done before. I actually have deleted the executable quickly enough before, as well since I have my recyclebin set to not confirm, and to delete instead of moving it to the recyclebin. Also why could there not be a prog that would kill two, at the same time?

What I really need to know is how these files are registered as 'protected'. Why can I not kill ZoneAlarm's process? or my AV Symantec Corporate?

This is really frustrating.

Also, why can I not delete files that are currently in use? I know that it can cause a lot more than just system instability. but how does windows protect files, as well as processes? Wouldn't it be possible to have a program that would act like a virus, it would just tell the hdd to overwrite those particular clusters, period. Is there a service that protects files / processes? Or is it even more subtle than that?
 
Last edited:
VoptXP allows you to reboot with no services at all running, but I don't think that is what you are looking for. BTW, awesome defrag program too. And does other things good too.
 
Services can't be stopped from taskmanager since the kernel says so. Also running processes can't be deleted on disk since the kernel says so. Unless you want to patch your kernel (good luck), you can't do anything about it. It's just how Windows is designed.

Of course you can write a program which accesses disk sectors directly, overwriting certain data. However, you then get inconsistencies with the other running filesystem code in the Windows OS and you better make sure your code doesn't have any bugs whatsoever or the chance of destroying your own valuabe data is very high. Also the program would still run in memory, which you then also had to edit correctly (yes that's possible too).

If you go to these lengths, I'd advise you to write your own operating system. It's easier than all this...
 
I wasn't very clear, I meant that I have succesfully set one spyware process to idle, then killed the other, and before it had a chance to restart, I deleted both files, actually the whole folder. Both files were in the same folder.

There has to be some prog out there that could just overwrite the memory space, that the process is taking up? I was under the impression that some viruses / trojans etc. were capable of this kind of thing...so how could I go about doing this, w/o patching the os in any way?

klingens said:
Services can't be stopped from taskmanager since the kernel says so. Also running processes can't be deleted on disk since the kernel says so. Unless you want to patch your kernel (good luck), you can't do anything about it. It's just how Windows is designed.
Click to expand...

The thing that I don't understand is how the permissions are set for this...can't I set the 'permissions' (or whatever they are called) to allow me to kill any process? I also have norton ghost 2003, and its 'ghoststartservice' process gives me an access denied message, when I try to kill it from taskmanager, but processviewer, and pskill.exe can both kill it with no problem. So what is the difference with the permissions there?

To sum up...I was thinking that this 'magical' :p prog could either:
1. delete the process from memory, like a virus.
2. reset the permissions for the process, so that I can kill it myself.

Any suggstions are very much appreciated.
 
Last edited:
XP has the Taskkill.exe command line utility that you can use to kill running processes, but W2K has available in the Resource Kit Kill which performs the same function. In XP, the Taskkill command line parameters are...

TASKKILL /F /PID [number of process ID]
or
TASKKILL /F /IM [name of the running process, you can use wildcards "*"]

You can download the W2K Resource Kit tools at...

http://www.petri.co.il/download_free_reskit_tools.htm

Use kill instead of 'taskkill' as the article suggests - Eg: Kill <PID>
Kill: Task Killing Utility - Use this command-line tool to end one or more tasks or processes. Use TLIST to find out the PID.
Click to expand...
You could probably write a script to kill the process also. Something along the lines of...

Code: 
[b]Public Function kill() 
  For Each Process in GetObject("winmgmts:"). _ 
      ExecQuery ("select name from Win32_Process where name= 
Process.terminate(0) 
  Next[/b]
 
Last edited:
Thanks, but it still wont kill zonealarm, or symantec, so I am fairly sure it won't kill some spyware either. Thanks for the resource kit though, I am sure I will get use out of it :thup:

edit:/ actually it did kill rtvscan.exe (real-time virus scan) but I tried about ~10 times in a row, each time it either gave me a failure or a success notice, and the process was never removed from the running list. about five minutes later symantec has an exclamation point through it, and the process has been killed? Still no luck w/ zonealarm though.
 
Last edited:
Run>type in msconfig...kill the file from started at boot...disable the service using Run>type in services.msc...if this all doesnt work...there are programs out that that let u delete files before everything else boots up....

http://www.softwarepatch.com/software/moveonboot.html this program is called: Move on Boot...it deletes any file u want before everything else in windows get started up...i havent used it myself yet but i know others who have had great success w/ it


PS...not sure if it helps but sometimes people run in Safe Mode when cleaning stuff out..it prevents certain things from running but im not sure what.
 
Thank you, that sounds very handy. I couldn't get into safemode in that instance because the customers didn't know the admin password. That, plus I wanted an easy and quicker way to kill progs, when I want 'em dead like ;)
 
Hi all,

the only way i found to terminate a protected process is using the ZeroWave:
http://www.alexmark.net/?pag=zerowave

Sorry if this page is in Italian but Google can give a not-too-bad translation of this page.

The ZWave can use three terminations: normal mode, forced mode and INSANE mode.

The last one can kill za, norton and every kind of process on Vista/Xp.

I am planning an English Translation so excuse for the language, will be fixed asap!
 
Last edited:
You must log in or register to reply here.

Similar threads

Tyerker
Screwed up an attempted dual install (kind of)
Replies
2
Views
703
Tyerker
Tyerker
S
How to use 3x360 radiators with MEG Prospect 700R (PC Case) ?
Replies
5
Views
1K
EarthDog
EarthDog
don256us
Today is the day I rule the world. Here's how you can rule the world too.
Replies
5
Views
621
Holdolin
Holdolin
ZetaRevan
How-to: Linux Gaming Explained (2023 version)
Replies
0
Views
2K
ZetaRevan
ZetaRevan
Tyerker
Your dollar can go a LOT farther these days (mostly)
Replies
3
Views
985
stompah
stompah
Back