Solved

Access denied issue when trying to change process priority using Visual C#

Posted on 2011-02-12
10
1,093 Views
Last Modified: 2013-12-17
There are processes like antivirus or system processes that prevents changing their priority and affinity.
Any way to override that 'Access Denied' issue?

I'm using Visual C# to change processes priority.
Any code to allow changing those processes priority and affinity?

Thanks.
0
Comment
Question by:OrenRozen
10 Comments
 
LVL 9

Expert Comment

by:s_chilkury
ID: 34877974
0
 
LVL 3

Author Comment

by:OrenRozen
ID: 34877991
Thank for the link, but I'm looking for a way to allow the change of priority/affinity on 'access denied' processes using Visual C#.
0
 
LVL 14

Expert Comment

by:systan
ID: 34879225
Just an idea, change first the uac, user account control.
or try to change your account settings to low before getting the uac.
0
 
LVL 3

Author Comment

by:OrenRozen
ID: 34879314
Thank for the idea, but I'm logged on as administrator. UAC is disabled. and the administrators are the owner of all files.It won't work even if I run my application as a service using the SYSTEM local account.

I'd appreciate any more ideas how to perform the task using Visual C#.
0
 
LVL 33

Assisted Solution

by:Todd Gerbert
Todd Gerbert earned 200 total points
ID: 34880181
You might be able to enable the SeDebugPrivilege to gain access to such a process, though you would probably need to use Windows APIs almost exclusively - which would probably be done more easily with C++.  Unless the process is "protected", in which case you're probably out of luck. http://msdn.microsoft.com/en-us/library/ms684880(VS.85).aspx

I recommend not messing with process priorities (there's a reason certain processes are protected in the manner you're describing).
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 15

Expert Comment

by:Russell_Venable
ID: 34883778
Can you take a picture of the owners of the file in question by right clicking on it and selecting security and then paste your capture here. Also what antivirus is running in parallel? There are a few ways to do this. Just need your response.
0
 
LVL 3

Author Comment

by:OrenRozen
ID: 34885761
This specific application is the agent of Bitdefender antivirus
ProcessOwner.jpg
ProcessPermissions.jpg
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 34886752
Definitely from the looks of the security settings you will have to elevate to system on boot and request request through SACL for the token ACCESS_SYSTEM_SECURITY access right. Also you will need to suspend the process launching by setting your the token for that process as   PROCESS_SUSPEND_RESUME (0x0800) required to suspend or resume a process.

It is really late right now I need to catch some sleep. Just wanted you to know I am still reading your question.

Reference:
http://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_13.html

0
 
LVL 15

Accepted Solution

by:
Russell_Venable earned 300 total points
ID: 34901360
Ok, This is a difficult task. You will be dealing with SACL. You can reference it at SACL. If you want to bypass anything on startup you will need to make a kernel module level(low level) then give the account the tokens ACCESS_SYSTEM_SECURITY,"SeDebugPrivilege", "SeShutdownPrivilege","SeSecurityPrivilege","SeTcbPrivilege","SeTakeOwnershipPrivilege";  

Also look at functions
OpenProcessToken, LookupPrivilegeValue, AdjustTokenPrivileges, RtlSetProcessIsCritical, CloseHandle

C# is out of the question I would definitely go with a C++ solution as it it is a programing language that will go low level, C# is a high level(Application layer) programming language and was developed with this in mind. I can't give you specifics about this as It would go against the rules of this forum by circumventing antivirus protection as well as help other people develop malware to defeat such a mechanism in place for yours/others protection. Usually there is not good answer for bypassing antivirus. The best I can do is point you in the right direction. Hope you understand.
0
 
LVL 3

Author Closing Comment

by:OrenRozen
ID: 34905890
The answers are good reference for a solution I still need to solve.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Need to Modify a Script I found 5 77
.Net application crashing 6 21
Round a string to two digits 12 24
XML & .net 5 21
Entity Framework is a powerful tool to help you interact with the DataBase but still doesn't help much when we have a Stored Procedure that returns more than one resultset. The solution takes some of out-of-the-box thinking; read on!
Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now