Solved

Access denied issue when trying to change process priority using Visual C#

Posted on 2011-02-12
10
1,096 Views
Last Modified: 2013-12-17
There are processes like antivirus or system processes that prevents changing their priority and affinity.
Any way to override that 'Access Denied' issue?

I'm using Visual C# to change processes priority.
Any code to allow changing those processes priority and affinity?

Thanks.
0
Comment
Question by:OrenRozen
10 Comments
 
LVL 9

Expert Comment

by:s_chilkury
ID: 34877974
0
 
LVL 3

Author Comment

by:OrenRozen
ID: 34877991
Thank for the link, but I'm looking for a way to allow the change of priority/affinity on 'access denied' processes using Visual C#.
0
 
LVL 14

Expert Comment

by:systan
ID: 34879225
Just an idea, change first the uac, user account control.
or try to change your account settings to low before getting the uac.
0
 
LVL 3

Author Comment

by:OrenRozen
ID: 34879314
Thank for the idea, but I'm logged on as administrator. UAC is disabled. and the administrators are the owner of all files.It won't work even if I run my application as a service using the SYSTEM local account.

I'd appreciate any more ideas how to perform the task using Visual C#.
0
 
LVL 33

Assisted Solution

by:Todd Gerbert
Todd Gerbert earned 200 total points
ID: 34880181
You might be able to enable the SeDebugPrivilege to gain access to such a process, though you would probably need to use Windows APIs almost exclusively - which would probably be done more easily with C++.  Unless the process is "protected", in which case you're probably out of luck. http://msdn.microsoft.com/en-us/library/ms684880(VS.85).aspx

I recommend not messing with process priorities (there's a reason certain processes are protected in the manner you're describing).
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 15

Expert Comment

by:Russell_Venable
ID: 34883778
Can you take a picture of the owners of the file in question by right clicking on it and selecting security and then paste your capture here. Also what antivirus is running in parallel? There are a few ways to do this. Just need your response.
0
 
LVL 3

Author Comment

by:OrenRozen
ID: 34885761
This specific application is the agent of Bitdefender antivirus
ProcessOwner.jpg
ProcessPermissions.jpg
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 34886752
Definitely from the looks of the security settings you will have to elevate to system on boot and request request through SACL for the token ACCESS_SYSTEM_SECURITY access right. Also you will need to suspend the process launching by setting your the token for that process as   PROCESS_SUSPEND_RESUME (0x0800) required to suspend or resume a process.

It is really late right now I need to catch some sleep. Just wanted you to know I am still reading your question.

Reference:
http://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_13.html

0
 
LVL 15

Accepted Solution

by:
Russell_Venable earned 300 total points
ID: 34901360
Ok, This is a difficult task. You will be dealing with SACL. You can reference it at SACL. If you want to bypass anything on startup you will need to make a kernel module level(low level) then give the account the tokens ACCESS_SYSTEM_SECURITY,"SeDebugPrivilege", "SeShutdownPrivilege","SeSecurityPrivilege","SeTcbPrivilege","SeTakeOwnershipPrivilege";  

Also look at functions
OpenProcessToken, LookupPrivilegeValue, AdjustTokenPrivileges, RtlSetProcessIsCritical, CloseHandle

C# is out of the question I would definitely go with a C++ solution as it it is a programing language that will go low level, C# is a high level(Application layer) programming language and was developed with this in mind. I can't give you specifics about this as It would go against the rules of this forum by circumventing antivirus protection as well as help other people develop malware to defeat such a mechanism in place for yours/others protection. Usually there is not good answer for bypassing antivirus. The best I can do is point you in the right direction. Hope you understand.
0
 
LVL 3

Author Closing Comment

by:OrenRozen
ID: 34905890
The answers are good reference for a solution I still need to solve.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us here at EE write code. Many of us write exceptional code; just as many of us write exception-prone code. As we all should know, exceptions are a mechanism for handling errors which are typically out of our control. From database errors, t…
Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
This is a video that shows how the OnPage alerts system integrates into ConnectWise, how a trigger is set, how a page is sent via the trigger, and how the SENT, DELIVERED, READ & REPLIED receipts get entered into the internal tab of the ConnectWise …

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now