Sign in to follow this  
Followers 0
sandin

how to scan and close a hidden process?

13 posts in this topic

I play a game, MMO game, and some times it may happen that the game crashes, I loose it's window, but the process stays (if I go task manager, I see the page file is "big" ~800mb, like when the game was running), and when I try to start the game again, I can't cause it has protection, I can't start 2 game clients at once. I can't find it's process in task manager, not even when the game is running, so I asume that the game uses hidden process, so the only solution at the moment is reset my PC and then start the game again.

So, my question is: how can I scan and kill hidden processes? Are there an autoit commands for this purpose (to scan, and kill hidden process)? I just wanna bypass resseting my PC each time my game crashes.

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

Well ...u could try and figure out what exe it opens when u start it. Go to the game's install folder and look for exes dlls or something anything u think it m8 be it and test that with ProcessExists("mymmogame.exe")

Or u can get the pid of the process

#include <Process.au3>; (User Defined Function)
$pid = WinGetProcess("My MMO game window");
$mmoprocess= _ProcessGetName ( $pid );

Btw what game is it?

Edited by Tzackel

Share this post


Link to post
Share on other sites

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

p.s. the game is called "mu online"

I see ...well it must have some good protection preventing autoit from working properly

Well for one i know it should be "main.exe" :/, if not maybe u should ask them for support i have no idea :S

While running the script try not to activate the window and keep it minimized or something also while minimised try WinSetOnTop("MU","",0) and WinSetState("MU","",@SW_SHOW) see if it changes anything

Edited by Tzackel

Share this post


Link to post
Share on other sites

As its a process on the computer you must have downloaded it and installed it at the computer:)

Go to C:\Programfiles\Mu Online*\

*If that is the name of the game

And when in there look for any .exe file you can find and try to find it:) Sometimes Main.exe as Tzackel says but sometimes other processes, like Maple Story got nProtect as a protection preventing you to restart the game as when you try to kill that process you are denied access meaning you have to restart the computer if your game crashes badly.

Hope this helps:)


Never argue with an idiot, he will just bring you down to his own level and beat you with experience! :D

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

tnx for fast reply. I added:

WinSetOnTop("MU","",0)
WinSetState("MU","",@SW_SHOW)oÝ÷ ÚX¤{*.iÛâqë&zÚ¡»­ax©àyÛ-Y`zÝ7ê

but got no msgboxes, like the processes doesn't exists.

...and ya, the game is using Game Guard for protection (I guess game guard tried to hide the process, cause If a expirienced programmer could find it's process, he could read memory from inside of it, and change it, therefore use it for his advantage, but I just wanna close it, so I can run the game again)

Edited by sandin

Share this post


Link to post
Share on other sites

Ouch.. GameGuard is a cockblock tbh.... It cant be "destroyed" since it is thereto prevent hacks and such meaning it cant be closed.. They should really add a check to that bloody protection to check if that particular game is running or not:)

Your only choice is to restart the computer to remove the process:S Ill try to check for a fix for it and i will post back if i find anything.

Good luck, Roofel


Never argue with an idiot, he will just bring you down to his own level and beat you with experience! :D

Share this post


Link to post
Share on other sites

Hi.

Google gives several hits for "kill hidden process", you might try e.g. this one on top of the result list:

http://kill-hidden-process.qarchive.org/

Maybe it's possible to call it from autoit, but for your purpose I assume you just want to kill the process.

Also there are several anti malware products that can help you to find hidden (stealth) processes.

Another approach might be unlocker, used on the EXEs you have found: It can kill processes blocking files, no clue if it works with hidden processes as well.

Regards, Rudi.


Earth is flat, pigs can fly, and Nuclear Power is SAFE!

Share this post


Link to post
Share on other sites

Nope rudi.. That wont work with GameGuard:) GameGuard is built around protection a game AND itself, meaning you wont be able to kill the process. It is a current bug as they admit that the game sometimes FAILS to see if the game is still running. Meaning it is still using immense CPU and cant be terminated:S They are working on it and they hopefully find out what the issue is soon.

I play MapleStory myself when im bored and I have this issue from time to time:P

The Game itself isnt running so you cant terminate the process(The process doesnt exists) but the GameGuard still runs meaning you cant open a new game window since the GameGuard will block it for some wierd reason>.<

(Source): "In recent versions (revision 1007 and up), GameGuard fails to halt when the game ends, so GameGuard continues to use resources and inject code into processes. This is usually not noticeable to the end-user, as GameGuard masks its intense CPU usage by hooking Windows system querying APIs."

From http://en.wikipedia.org/wiki/GameGuard


Never argue with an idiot, he will just bring you down to his own level and beat you with experience! :D

Share this post


Link to post
Share on other sites

Nope rudi.. That wont work with GameGuard:) GameGuard is built around protection a game AND itself.

[snip]

The Game itself isnt running so you cant terminate the process(The process doesnt exists) but the GameGuard still runs meaning you cant open a new game...

Well, so it's GameGuard to be aimed at: As this is a hidden process as well "Hidden Process Locators" might be able to find / kill it.

But another fact we got above is interesting: The 800 Meg RAM that remains blocked propably were allocated by the game, and not by the guard. So the game might be hanging around as a zombie?

Basically: That special process stuff is out of my main focus. This are just some ideas from the "hidden process innocent" :)

Regards, Rudi.


Earth is flat, pigs can fly, and Nuclear Power is SAFE!

Share this post


Link to post
Share on other sites

I am looking for ways to detect either this maplestory.exe process or its accompanied gameguard process too..

I just need the detection scripts, just to stop all my P2P application while my kids are playing the game without the lag.

Scheduled the detection script every hour.

Conditions:

1) If the game process or guardian process active, the script would check if my P2P app is running, if so, killing it.

2) And if both Game and P2P application are not active, and the script restart the P2P app.

So far, I am unable to detect this Maplestory.exe or the GameGuard.

Any tips?

Share this post


Link to post
Share on other sites

#13 ·  Posted (edited)

well ive had problems with GayGuard before too

back when i played flyff, i disabled it by freezing the game >> renaming the gameguard.dec >> un-freeze the game (gameguard would *crash itself* but fail to crash the program, so i could go on without being detected by it... when.. doing stuff. :))

could try that

(idk if they've actually fixed this *un-disclosed exploit* by now thought)

Edited by HansHenrik

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0