I'm trying to kill all Norton Security processes on my Windows 10 administrative workstation so I can run a clean network vulnerability scan from this machine without interference. I start PowerShell 5.0 Run as Administrator, but I get "access denied" when I run the following: Stop-Process -ProcessName ns.exe
I believe the problem is due to the ns.exe running owned as a system process.
Note: I never get the [ADMIN] PS C:\ prompt as shown in the help file Example as shown below:
PS C:\ Get-Process -Name "lsass" | Stop-Process
Stop-Process : Cannot stop process 'lsass (596)' because of the following error: Access is denied
Is this a personal machine or a corporate one?
If it is the latter then, it's more than likely because of your company's policy and how they have Norton deployed.
If you are not the AV admin, you can't do this at all.
There are ways to do it, non-interactively, but that is hacking and not something I or anyone should be providing on this type of forum. If you are the AV administrator, then the AV package settings provides steps to disable the services and or allow administrative overrides.
So, this is not PowerShell, but AV policies in my experience. Remember. these AV solutions often times run at the lowest level of the OS / security model in order to do what they are designed to do.
If this is a personal machine, then you have the vendor docs to show you how to disable whatever is in place.
BTW, have you already tried stopping the Norton services in Service Manager or Stop-Service -DisplayName 'Norton*' -Force
You must be logged in to reply to this topic.