As the title says can anti virus kill or delete a Malware that made itself critical? I'm writing a Monero miner service and I've added BSOD protection to it and I know that it'll be known as Malware about a week after release (as all miner programs are).
The question is will anti virus be able to kill it if it detects a a malware I can make it critical and again make it none critical by knowing it's native handle in C# so AV will be able to do it.
My question is does these AV program that we have do this kind of thing
If not it means that we are not safe against other real malwares (like tojons(mostly rats)) and ransomeware that use it's kind of protection.
i make the program critical with this code (one comment said to write the code) on this page http://www.codingvision.net/tips-and-tricks/c-make-a-critical-process-bsod-if-killed example on the page for c# it uses ntdll.dll
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
public class CriticalProcess
{
[DllImport("ntdll.dll", SetLastError = true)]
private static extern int NtSetInformationProcess(IntPtr hProcess, int processInformationClass, ref int processInformation, int processInformationLength);
static void Main(string[] args)
{
int isCritical = 1; // we want this to be a Critical Process
int BreakOnTermination = 0x1D; // value for BreakOnTermination (flag)
Process.EnterDebugMode(); //acquire Debug Privileges
// setting the BreakOnTermination = 1 for the current process
NtSetInformationProcess(Process.GetCurrentProcess().Handle, BreakOnTermination, ref isCritical, sizeof(int));
}
}
