Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1221
  • Last Modified:

Access denied issue when trying to change process priority using Visual C#

There are processes like antivirus or system processes that prevents changing their priority and affinity.
Any way to override that 'Access Denied' issue?

I'm using Visual C# to change processes priority.
Any code to allow changing those processes priority and affinity?

Thanks.
0
OrenRozen
Asked:
OrenRozen
2 Solutions
 
OrenRozenAuthor Commented:
Thank for the link, but I'm looking for a way to allow the change of priority/affinity on 'access denied' processes using Visual C#.
0
 
systanCommented:
Just an idea, change first the uac, user account control.
or try to change your account settings to low before getting the uac.
0
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

 
OrenRozenAuthor Commented:
Thank for the idea, but I'm logged on as administrator. UAC is disabled. and the administrators are the owner of all files.It won't work even if I run my application as a service using the SYSTEM local account.

I'd appreciate any more ideas how to perform the task using Visual C#.
0
 
Todd GerbertIT ConsultantCommented:
You might be able to enable the SeDebugPrivilege to gain access to such a process, though you would probably need to use Windows APIs almost exclusively - which would probably be done more easily with C++.  Unless the process is "protected", in which case you're probably out of luck. http://msdn.microsoft.com/en-us/library/ms684880(VS.85).aspx

I recommend not messing with process priorities (there's a reason certain processes are protected in the manner you're describing).
0
 
Russell_VenableCommented:
Can you take a picture of the owners of the file in question by right clicking on it and selecting security and then paste your capture here. Also what antivirus is running in parallel? There are a few ways to do this. Just need your response.
0
 
OrenRozenAuthor Commented:
This specific application is the agent of Bitdefender antivirus
ProcessOwner.jpg
ProcessPermissions.jpg
0
 
Russell_VenableCommented:
Definitely from the looks of the security settings you will have to elevate to system on boot and request request through SACL for the token ACCESS_SYSTEM_SECURITY access right. Also you will need to suspend the process launching by setting your the token for that process as   PROCESS_SUSPEND_RESUME (0x0800) required to suspend or resume a process.

It is really late right now I need to catch some sleep. Just wanted you to know I am still reading your question.

Reference:
http://www.installsetupconfig.com/win32programming/windowsthreadsprocessapis7_13.html

0
 
Russell_VenableCommented:
Ok, This is a difficult task. You will be dealing with SACL. You can reference it at SACL. If you want to bypass anything on startup you will need to make a kernel module level(low level) then give the account the tokens ACCESS_SYSTEM_SECURITY,"SeDebugPrivilege", "SeShutdownPrivilege","SeSecurityPrivilege","SeTcbPrivilege","SeTakeOwnershipPrivilege";  

Also look at functions
OpenProcessToken, LookupPrivilegeValue, AdjustTokenPrivileges, RtlSetProcessIsCritical, CloseHandle

C# is out of the question I would definitely go with a C++ solution as it it is a programing language that will go low level, C# is a high level(Application layer) programming language and was developed with this in mind. I can't give you specifics about this as It would go against the rules of this forum by circumventing antivirus protection as well as help other people develop malware to defeat such a mechanism in place for yours/others protection. Usually there is not good answer for bypassing antivirus. The best I can do is point you in the right direction. Hope you understand.
0
 
OrenRozenAuthor Commented:
The answers are good reference for a solution I still need to solve.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now