954,173 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Have something to say? Contribute New Article Reply to this Article
3 Years Ago
0

Killing Hidden Processes

Hi there.

I'm creating a simple anti-cheat program for my game that kills most game cheating programs. (ex: WPE, Cheat Engine, etc.)

But I got stucked when trying to kill hidden processes. Say a program called "HideToolz". it can hide cheating programs from the process list, so that my anti-cheat program cannot detect it. (well, HideToolz can hide any other non-cheating related programs, too.)

And HideToolz itself is hidden from the process list in the Windows Task Manager, so that my program cannot block neither kill the process.

So, is there a way to detect and kill it? I'm using C#. but it would be okay if someone knows how to do this in C++ as I understand both languages.

Thanks.

djzmo
Newbie Poster
8 posts since Jan 2009
Reputation Points: 10
Solved Threads: 0
 
3 Years Ago
0

I don't know how HideToolz works, but can you try to get all processes with name "your process name you want to kill" and loop on their IDs and kill them using Process.Kill which in System.Diagnostics

Ramy Mahrous
Postaholic
2,196 posts since Aug 2006
Reputation Points: 480
Solved Threads: 276
 
3 Years Ago
0

It doesn't work. HideToolz (and programs hid by HideToolz) doesn't listed in the array. I've also tried to use some other task/process management tool, but no luck, hidetoolz still cant be seen by them.

You can get a copy of HideToolz by searching on google.

djzmo
Newbie Poster
8 posts since Jan 2009
Reputation Points: 10
Solved Threads: 0
 
3 Years Ago
0

So, don't use it, and you can run process without showing its GUI to the user!

Ramy Mahrous
Postaholic
2,196 posts since Aug 2006
Reputation Points: 480
Solved Threads: 276
 
3 Years Ago
0

Don't use what? I'm avoiding my players from using it.
I just finding out how to detect and kill hidden processes. in this case, HideToolz.

djzmo
Newbie Poster
8 posts since Jan 2009
Reputation Points: 10
Solved Threads: 0
 
3 Years Ago
0

mmmmm, I'll think in this using C++, give me sometime..

Ramy Mahrous
Postaholic
2,196 posts since Aug 2006
Reputation Points: 480
Solved Threads: 276
 
3 Years Ago
0

so..
solved it already?

djzmo
Newbie Poster
8 posts since Jan 2009
Reputation Points: 10
Solved Threads: 0
 
Ramy Mahrous
Postaholic
2,196 posts since Aug 2006
Reputation Points: 480
Solved Threads: 276
 
3 Years Ago
0

I need the C#/C++ implementation >.< not autoit scripts

djzmo
Newbie Poster
8 posts since Jan 2009
Reputation Points: 10
Solved Threads: 0
 
3 Years Ago
0

There is not much documentation about hiding processes , try searching for antirootkit sources . But i dont think someone will code it in c# .
Here is an example of a very good russian hiden process detector :
http://www.wasm.ru/pub/21/files/phunter.rar its writen in delphi. Btw , here is a tutorial how to do the same with winapi , its in russian ,but try using google translate http://www.winblog.ru/2006/07/27/27070601.html =)
Maybe u'l find something usefull.

jen140
Junior Poster
117 posts since Jan 2009
Reputation Points: 11
Solved Threads: 6
 

This article has been dead for over three months

Post: Markdown Syntax: Formatting Help
You
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed