I was searching around in regards how to prevent an application from being killed but haven't really found an answer that describes how it works for antivirus applications for example.
What I am looking forward to do is a tool (similar to Gameguard, xTrap) to prevent cheating on my a simple online game I made on XNA.
In the process of doing features to prevent the user to cheat on my game I was wondering how AVG, Norton and others antivirus application work in harmony with the OS not allowing admin users to close their application but yet shutting down gracefully ?
With out using a second application to watch my anticheat application is it possible to catch kill events on it so I can atleast close my game when that happens ?
I was also considering using my game as a watcher for my anticheat and viceversa to whenever 1 of them goes off the other goes as well but I would like to understand the above as well.
From what I have seen people easyly bypass these kinda of things with simple detours on those calls so maybe having my game as watcher for the anticheater wouldn't be so efficient either ...
Would love some answers, advices, piece of codes related to what I could improve as security for my game and anticheat application.
Also information preventing debuggers such as olly and the such to attach to it.
Only way i can think of is by hooking/injecting code/dll into task manager or kernel32.
Each process killing ends up with call to "TerminateProcess".
Start point: http://www.codeproject.com/KB/vista/api-hooks.aspx
Try to google on: TerminateProcess hook