View Code? Open in Web Editor
NEW
This project forked from sg-first/process-prevent-killed
some way to prevent process be killed
C++ 78.55%
C 21.28%
Makefile 0.17%
process-prevent-killed's Introduction
- Modify the program's process to the system process
- Principles and the code is simple, it can prevent the Taskmgr to kill the process
- Valid only in XP.Prevent kill limited, can’t protective ice sword
- Reference
Hook NtQuerySystemInformation
- hook NtQuerySystemInformation to hidden processes(ring 3 level)
- it can prevent the Task Manager to kill the process
- Valid only in NT2000. Not universal
Detours lib prevent killed
- Principle is similar with HookNtQuerySystemInformation,hook OpenProcess to prevent kille.
- Valid in NT2000,xp and NT2003
- use detourslib,can't prevent some processes tools
- Hook Taskmgr,use CBT hook block end process message.
- Valid in and windows version(As of 2009)
- Only for the Taskmgr
- Two processes monitoring each other, found another prevent killed, start it.
- Versatile, protection capability, can protect Windows service program.
- Not really prevent killed, just rebooted.
- use drive’s ZwQuerySystemInformation hook,to do hide or prevent killed process.
- Strong ability, can protective ice sword
- Complex, right to drive will be identified as Trojan by anti-virus software
process-prevent-killed's People
Contributors
Watchers
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent