DaniWeb IT Discussion Community

DaniWeb IT Discussion Community (http://www.daniweb.com/forums/index.php)
-   C# (http://www.daniweb.com/forums/forum61.html)
-   -   Killing Hidden Processes (http://www.daniweb.com/forums/thread186247.html)

djzmo Apr 12th, 2009 12:36 am
Killing Hidden Processes
 
Hi there.

I'm creating a simple anti-cheat program for my game that kills most game cheating programs. (ex: WPE, Cheat Engine, etc.)

But I got stucked when trying to kill hidden processes. Say a program called "HideToolz". it can hide cheating programs from the process list, so that my anti-cheat program cannot detect it. (well, HideToolz can hide any other non-cheating related programs, too.)

And HideToolz itself is hidden from the process list in the Windows Task Manager, so that my program cannot block neither kill the process.

So, is there a way to detect and kill it? I'm using C#. but it would be okay if someone knows how to do this in C++ as I understand both languages.

Thanks.

Ramy Mahrous Apr 12th, 2009 6:31 am
Re: Killing Hidden Processes
 
I don't know how HideToolz works, but can you try to get all processes with name "your process name you want to kill" and loop on their IDs and kill them using Process.Kill which in System.Diagnostics

djzmo Apr 12th, 2009 9:02 am
Re: Killing Hidden Processes
 
It doesn't work. HideToolz (and programs hid by HideToolz) doesn't listed in the array. I've also tried to use some other task/process management tool, but no luck, hidetoolz still cant be seen by them.

You can get a copy of HideToolz by searching on google.

Ramy Mahrous Apr 12th, 2009 11:44 am
Re: Killing Hidden Processes
 
So, don't use it, and you can run process without showing its GUI to the user!

djzmo Apr 12th, 2009 1:14 pm
Re: Killing Hidden Processes
 
Don't use what? I'm avoiding my players from using it.
I just finding out how to detect and kill hidden processes. in this case, HideToolz.

Ramy Mahrous Apr 13th, 2009 5:06 am
Re: Killing Hidden Processes
 
mmmmm, I'll think in this using C++, give me sometime..

djzmo Apr 14th, 2009 6:34 am
Re: Killing Hidden Processes
 
so..
solved it already?

Ramy Mahrous Apr 14th, 2009 7:42 am
Re: Killing Hidden Processes
 
It may help http://www.autoitscript.com/forum/in...howtopic=66397

djzmo Apr 15th, 2009 2:43 pm
Re: Killing Hidden Processes
 
I need the C#/C++ implementation >.< not autoit scripts

jen140 Apr 19th, 2009 7:43 pm
Re: Killing Hidden Processes
 
There is not much documentation about hiding processes , try searching for antirootkit sources . But i dont think someone will code it in c# .
Here is an example of a very good russian hiden process detector :
http://www.wasm.ru/pub/21/files/phunter.rar its writen in delphi. Btw , here is a tutorial how to do the same with winapi , its in russian ,but try using google translate http://www.winblog.ru/2006/07/27/27070601.html =)
Maybe u'l find something usefull.


All times are GMT -4. The time now is 11:56 am.

Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC