I found out that some programs can hook the TerminateProcess API such that you cannot actually use any piece of code that calls the API. What other way can one kill such a process using C#? Something similar to advanced process manipulat开发者_如何学运维or.
You can just bypass the hook. You know, acquire the load address of the dll, look up the function in the exports table, and invoke it directly.
Alternatively, you could write a device driver that removes the process from the OS list of processes. This will prevent it from being scheduled.
On a more serious note, consider the fact that .NET is not well-suited for antivirus software development. You'd have to step into lower levels of software so often that I don't think .NET would be beneficial. It could serve as a front-end for an AV core, but that's all I would use it for.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论