Hello OP,Hackshield works like every real time monitoring program out there, including your Anti-Virus & Internet Security software. (eg. Nortons 360)These (Including your AV/ISsecurity) programs are commonly known as a rootkit since it operates in the lowest (or highest depends on how you want to look at it) software layer closest to the hardware BIOS layer (Basic Input Output System).Hackshield has been around for a good many years as has its main rival punkbuster.Hackshield website/Operational Overview (Pictorial form) >The features are patented, here is a quick list >PunkBuster, Hackshields main rival in the market (Or used to be in the early days) >I won't bother with warden that WoW used as that is quite a simple signature detection engine only.Many have tried to hack/bypass/emulate responses/kill of hackshield process in the past, even using very unconventional means. These have all lead to failure due to the way Hackshield works, Trion are teamed up with XL games who are teamed up with Hackshield for live monitoring of the game publishers game clients (You). You can see how this works in this picture .... http://hackshield.ahnlab.com/hs/site...performance.do Ok, since people are wondering more on how it works, it works very much like your AV/Internet security based products, these are all rootkits as well, eg. Symantec, McAfee, ZoneAlarm etc and all operate in the highest (or lowest if you want to look at it that way) tier of software kernel base-run code which have the highest permissions to execute tasks/code.Here is an analysis of Hackshield by a hacker hobbyist some years ago, bare with him his english is not the best, but it gives you a brief basic pictorial of how it works > http://www.progamercity.net/anti-che...-analysis.html People complaining about Hackshield who run an anti-virus or internet security based software suite should be shot and rightly so as these software packages are the same as Hackshield being a worldwide respected hacker/exploiter detection and live monitoring program to ban cheaters (3rd party program users and those who afk and do unattended botting using mechanical methods, eg. Coins jammed in keyboard or toothpicks etc)Never the less, fear not, it is unwarranted, see above pic ( http://hackshield.ahnlab.com/hs/site...performance.do ) on hackshield on how they monitor any cheating activity (Including Hueristic methods ( http://en.wikipedia.org/wiki/Heuristic ) to detect possibe newly developed cheat/exploits (Can result in false positives as nothing is perfect, this feature is necessary to combat the build a better wall then the hacker/exploiting attacker builds a better weapon to destroy that wall modus operandi).I would not tamper with the software launching (preventing it to launch) as the game client also does its reporting with having that driver installed and not detecting it via a hash check can result in a permaban for client software modification (ie. Hackshield is an integrated part of the game client, not something that "entirely" runs seperately that is not check on by the game client also.)Here is another good overview on GameForge's implementation of Hackshield. The 3rd stage relating to what I posted above .... http://liquiron.com/8553-Gameforge_B...nal_Stage.html " ... malicious players could simply "roll their own" clients that do not have HackShield attached, and play without issue.This is where HackShield's 3rd stage comes into play. HackShield stage 3 has server-side elements that ensure validation. Players who failed any HackShield checks won't be able to connect. Players who have modified their clients will not be able to play. Players who try to connect with a custom, non-protected client now shouldn't be able to connect or play. And while connected, players attempting to inject malicious code into the client, modify its memory, send illegitimate packets or multiple other methods of attacking, should be caught by frequent server client communication and validation."Take Care,Sparkz