What are the particular ways to block a process to get terminated by TerminateProcess and in return blocks another process from reading from that certain application.?? VirtualProtectEx?
It has to do with access tokens, and removing them. Word Of Warcraft does this to make life harder for botmakers etc.
How would you define access tokens?
Answer to TerminateProcess() part: You cannot.
Raymond Chen of MS explained the reason in his blog some time ago. But, you don't need to search his blog for the explanation. Just think about it. If it is allowed, it is even possible that the OS kernel cannot shut down a process, and the machine will be in "permanent hang" state.
Raymond Chen of MS explained the reason in his blog some time ago. But, you don't need to search his blog for the explanation. Just think about it. If it is allowed, it is even possible that the OS kernel cannot shut down a process, and the machine will be in "permanent hang" state.
Well there is a plugin for the Debugger Ollydbg which disallows the process from being terminated via TerminateProcess api... I tried using ReadProcessmemory on ollydbg .... It didn't return a value even for the handle( it returned an invalid handle when plugin was on)>