Link to home
Start Free TrialLog in
Avatar of davizinx
davizinxFlag for Brazil

asked on

Not allow the process of my program is finalized by mananger process of windows.

if a malware or the user try to finalize my programa by process i want to not allow this operation.
any solution ?
Avatar of Geert G
Geert G
Flag of Belgium image

what do you mean with finalize ?
Avatar of davizinx

ASKER

i want know about if an virus type this command: "taskkill -f /im myprogram.exe"

if somebody try to close my program by process its not allow.
run the program with the system account using runas
or automatically restart the program using some other program

or rename the taskkill program

what about if the user wants to restart the pc ?



No!
 You know when we try to finish the winlogon.exe and manager displays a message denying the operation?
 then I want to do the same with my program, do not let it be done by the Task Manager as well as many anti virus use the same technique! (avast, nod32, Avira etc. ..)
Avatar of swiatlo
swiatlo

if this program has a window you could catch and interpret windows messgeses passed to it: WM_CLOSE, WM_QUIT etc, but this is just an idea.

http://tds.diamondcs.com.au/advancedseries/processkilltechniques.php
One of a techniques:
A  hook is a mechanism that allows for the interception (and even behaviour modification) of a function or section of code. For example, a trojan might hook the TerminateProcess function so that whenever that function is called the trojan can examine which process is being terminated and thus prevent itself from being terminated.
ASKER CERTIFIED SOLUTION
Avatar of davizinx
davizinx
Flag of Brazil image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I dont have an example, sorry. I canot write one. You must google the topic youself.
You may find a few hooks egzamples for keybord key press This should be very similar aproach. I didn;t find any terminate process  - but I did not look a lot.
if somebody leads you in a direction to a solution that is help too...
no wonder nobody helps you, if you don't accept their help

please read the EE guidelines