How to protect my virus.exe from Anti-virus with Kernel-Mode Rootkit

system — Mon, 16 Mar 2020 07:02:29 +0000

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Read full topic

How to protect my virus.exe from Anti-virus with Kernel-Mode Rootkit

skipsbiceps — Fri, 13 Mar 2020 07:01:02 +0000

Okay, I will try the NtSetInformationFile Hook method to protect Virus.exe from being deleted.

Read full topic

How to protect my virus.exe from Anti-virus with Kernel-Mode Rootkit

skipsbiceps — Thu, 12 Mar 2020 13:46:13 +0000

I can successfully load Virus.exe to kernel, but must to be started Virus.exe,

If virus.exe is started in the user mode, the anti-virus detects this.

Is there a method that I can protect Virus.exe from anti-viruses?

Algorithm :

Every Boot ->

Start virus.exe user mode in the background // failed because anti virusses detect it.

load virus.exe process to kernel = finish // success not detect.

edit : I thought of starting Virus.exe directly from kernel mode, but it will be detected when a virus scan is done on the computer even if it is not started from user mode.

Please suggest something I’m in trouble.

Read full topic