Page 1 of 1

Detect process suspend & anti-speedhack

PostPosted: Tue Jun 24, 2014 11:00 am
by Unc3nZureD
Hi guys!
I would like to introduce my simple, but really well working plugin. It is NOT developed by enigma, it is NOT related to enigma (except that you can use it with his product). It's just a custom plugin which I made.

What can this plugin do?
- It will detect if the protected process had been suspended. I have to tell, that there is NO method from usermode to prevent suspending, but you can detect it. With this plugin the protected process will detect if it had been resumed from a suspension.
- All in one, it will even detect if something tries to manipulate the speed of an application. For example the Cheat Engine's speedhack.

Here's a recorded proof how it works:
http://s28.postimg.org/5kfdthxqz/rec.gif - Suspending it with Process Hacker
http://s16.postimg.org/eot8okztf/rec.gif - Suspending with Process Hacker experimental features
http://s10.postimg.org/y9friq93r/rec.gif - Suspending process with ollydbg & hardest plugin options

If you want, you can get the protected demo file here:
http://www56.zippyshare.com/v/63477988/file.html (Size is too big to upload here /1Mb/)

Compatibility:
- Theoretically: Windows XP - 8.1 - both x86 & x64
- Practically: I tried on WinXP x86, Win7 x86 and Win8.1 x64
If needed I can test on other OSes

(It's possible that it works on other OSes, but I tested on these)

How to get the plugin?
I'm not willing to give it for free.
If you are interested, PM me here, or use my email: unc3nzured@gmail.com. You can even access me on Skype at: Unc3nZureD contact address.

Of course if needed I will sell the source too, but that will cost more. BTC payment is preferred!

What if I can find a bug?
Of course If it's possible (some things can depend on enigma) I will update the plugin and send an e-mail to all the users whose bought it. (If you want, you can give me your e-mail for such cases, so I will inform you about new versions). If you already bought the plugin, updates won't cost anything.

Thank your for reading!
~Unc3nZureD

Re: Detect process suspend & anti-speedhack

PostPosted: Mon Jul 14, 2014 6:07 pm
by XParaDoxX
This Plugin Can By Bypassed so easily i have tried this plugin and i was able to suspend the process and resume it again

there is a method to bypass the plugins system in the enigma itself 8-)