943,083 Members | Top Members by Rank

Software Development > C# > Killing Hidden Processes
Ad:
  • C# Discussion Thread
  • Unsolved
  • Views: 2906
  • C# RSS
Permalink
Apr 12th, 2009
0

Killing Hidden Processes

Expand Post »
Hi there.

I'm creating a simple anti-cheat program for my game that kills most game cheating programs. (ex: WPE, Cheat Engine, etc.)

But I got stucked when trying to kill hidden processes. Say a program called "HideToolz". it can hide cheating programs from the process list, so that my anti-cheat program cannot detect it. (well, HideToolz can hide any other non-cheating related programs, too.)

And HideToolz itself is hidden from the process list in the Windows Task Manager, so that my program cannot block neither kill the process.

So, is there a way to detect and kill it? I'm using C#. but it would be okay if someone knows how to do this in C++ as I understand both languages.

Thanks.
Last edited by djzmo; Apr 12th, 2009 at 12:40 am.
Similar Threads
Reputation Points: 10
Solved Threads: 0
Newbie Poster
djzmo is offline Offline
8 posts
since Jan 2009
Permalink
Apr 12th, 2009
0

Re: Killing Hidden Processes

I don't know how HideToolz works, but can you try to get all processes with name "your process name you want to kill" and loop on their IDs and kill them using Process.Kill which in System.Diagnostics
Featured Poster
Reputation Points: 480
Solved Threads: 276
Postaholic
Ramy Mahrous is offline Offline
2,189 posts
since Aug 2006
Permalink
Apr 12th, 2009
0

Re: Killing Hidden Processes

It doesn't work. HideToolz (and programs hid by HideToolz) doesn't listed in the array. I've also tried to use some other task/process management tool, but no luck, hidetoolz still cant be seen by them.

You can get a copy of HideToolz by searching on google.
Reputation Points: 10
Solved Threads: 0
Newbie Poster
djzmo is offline Offline
8 posts
since Jan 2009
Permalink
Apr 12th, 2009
0

Re: Killing Hidden Processes

So, don't use it, and you can run process without showing its GUI to the user!
Featured Poster
Reputation Points: 480
Solved Threads: 276
Postaholic
Ramy Mahrous is offline Offline
2,189 posts
since Aug 2006
Permalink
Apr 12th, 2009
0

Re: Killing Hidden Processes

Don't use what? I'm avoiding my players from using it.
I just finding out how to detect and kill hidden processes. in this case, HideToolz.
Reputation Points: 10
Solved Threads: 0
Newbie Poster
djzmo is offline Offline
8 posts
since Jan 2009
Permalink
Apr 13th, 2009
0

Re: Killing Hidden Processes

mmmmm, I'll think in this using C++, give me sometime..
Featured Poster
Reputation Points: 480
Solved Threads: 276
Postaholic
Ramy Mahrous is offline Offline
2,189 posts
since Aug 2006
Permalink
Apr 14th, 2009
0

Re: Killing Hidden Processes

so..
solved it already?
Reputation Points: 10
Solved Threads: 0
Newbie Poster
djzmo is offline Offline
8 posts
since Jan 2009
Permalink
Apr 14th, 2009
0

Re: Killing Hidden Processes

It may help http://www.autoitscript.com/forum/in...howtopic=66397
Featured Poster
Reputation Points: 480
Solved Threads: 276
Postaholic
Ramy Mahrous is offline Offline
2,189 posts
since Aug 2006
Permalink
Apr 15th, 2009
0

Re: Killing Hidden Processes

I need the C#/C++ implementation >.< not autoit scripts
Reputation Points: 10
Solved Threads: 0
Newbie Poster
djzmo is offline Offline
8 posts
since Jan 2009
Permalink
Apr 19th, 2009
0

Re: Killing Hidden Processes

There is not much documentation about hiding processes , try searching for antirootkit sources . But i dont think someone will code it in c# .
Here is an example of a very good russian hiden process detector :
http://www.wasm.ru/pub/21/files/phunter.rar its writen in delphi. Btw , here is a tutorial how to do the same with winapi , its in russian ,but try using google translate http://www.winblog.ru/2006/07/27/27070601.html =)
Maybe u'l find something usefull.
Last edited by jen140; Apr 19th, 2009 at 7:45 pm.
Reputation Points: 11
Solved Threads: 6
Junior Poster
jen140 is offline Offline
116 posts
since Jan 2009

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
Message:
Previous Thread in C# Forum Timeline: Using If statement with a button action to stop it if information is missing
Next Thread in C# Forum Timeline: RegistryKey





About Us | Contact Us | Advertise | Acceptable Use Policy
Forum Index | Build Custom RSS Feed


Follow us on Twitter


© 2011 DaniWeb® LLC