Page 1 of 2
detect hidetool
Posted: Wed Nov 17, 2010 5:04 pm
by connected
dear enigmaprotector
I am very happy to use enigmaprotector, i use to protect my private server game , and its running good.
but now the player can hide their cheat programs with hidetool [look my attach].
I do not know how to detect hidetool, because hidetool undetectable in process running
I hope enigmaprotector can solve my problem, by finding the best solution
thank be 4
eko pribadi
this is link of hidetoolz
http://www.mediafire.com/?y2eqossxq3msv83
Re: detect hidetool
Posted: Wed Nov 17, 2010 5:18 pm
by Enigma
Hi Eko, I have got your emails!
Yes, there is a method to detect hidetoolz, I will try to implement it as soon as possible.
Please refer this thread, I will update it soon!
Re: detect hidetool
Posted: Wed Nov 17, 2010 5:25 pm
by connected
Enigma wrote:Hi Eko, I have got your emails!
Yes, there is a method to detect hidetoolz, I will try to implement it as soon as possible.
Please refer this thread, I will update it soon!
thank boss for fast reply
Re: detect hidetool
Posted: Wed Nov 24, 2010 10:10 am
by Enigma
Finally we have implemented a method that allows to detect hidden processes.
There is an experimental demo version for who is interesting to test new features:
http://enigmaprotector.com/assets/files ... mo_exp.exe
Some info:
There are not so much methods to detect hidden process from user mode, so there are some restrictions.
Enigma Protector can't detect a file name for hidden processes, so you have to disable checking of process file name and check it only by window text and class.
for example, to detect a HideToolz itself, you have to add an item to Executed Process checkup and:
DISABLE file name
ENABLE window text and set the text something like *hidetoolz*
DISABLE window class (or ENABLE and set to obj_form).
There is also added new feature - Treminate if hidden process found. If this option enables, and any hidden process is found, then application will not start.
Suggestions are always welcome.
Re: detect hidetool
Posted: Mon Dec 27, 2010 6:47 am
by Mulegend
Dont works, cuz HideToolz, Hide Process, Window, and protect Windows hooks..
i use this function coded by i dont know.. but works fine..
Code: Select all
void Detect()
{
DWORD dwProcId;
HWND hWnd;
ProcInfo mProc[255];
int mIdList[255];
int nCount = 0;
int nPID = 0;
int i = 0;
hWnd = FindWindow(0,0);
while( hWnd > 0)
{
if (GetParent(hWnd) == 0)
{
GetWindowThreadProcessId(hWnd, &dwProcId);
if (!OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwProcId))
{
mProc[nCount].hWnd = hWnd;
mProc[nCount].dwProcId = dwProcId ;
nCount++;
for (i = 0; i < nPID; i++)
if (dwProcId == mIdList[i])
break;
if (i == nPID)
mIdList[nPID++] = dwProcId;
}
}
hWnd = GetWindow(hWnd, GW_HWNDNEXT);
}
if (nCount > 0)
{
SendMessageA(mProc[i].hWnd, WM_CLOSE, 0, 0); // 1. Close
SendMessageA(mProc[i].hWnd, WM_QUIT, 0, 0); // 2. Quit
SendMessageA(mProc[i].hWnd, WM_DESTROY, 0, 0); // 3. Destroy
EndTask(mProc[i].hWnd, FALSE, TRUE); // 4. EndTask
}
}
Re: detect hidetool
Posted: Mon Dec 27, 2010 7:49 am
by Enigma
Hi Mulegend, Enigma is using something similar. The detection of hidetoolz and hidden processes is not implemented in the DEMO version that is located on the site. If you want, I can send you a link to the latest unofficial DEMO version, so you may test..
Re: detect hidetool
Posted: Mon Dec 27, 2010 8:06 am
by Mulegend
i test a old demo and i like it, is a good protector..
but if your oficial versionn detect hidetoolz, i will buy it...
sendme a link of a demo...
please..
Re: detect hidetool
Posted: Mon Dec 27, 2010 8:38 am
by Enigma
I've sent you a link in PM, please test!
Re: detect hidetool
Posted: Mon Dec 27, 2010 8:52 am
by Mulegend
Ok i test it works fine, i send back another PM with a details..
thanks
Re: detect hidetool
Posted: Tue May 03, 2011 7:22 am
by osa3do
i try to test a Demon Version but every time i try to open The Enigma Protector my anti virus is found virus on it trojan horse
sheu3.bxgm virus so i cant open it :S :S :S
please fixed this problem my anti virus avg internet security 2011