Add cheat engine for analysis_tools_process

LordNoteworthy · Sep 29, 2023 · 4fe418a · 4fe418a
1 parent 124f9c9
commit 4fe418a
Showing 1 changed file with 34 additions and 31 deletions.
diff --git a/al-khaser/AntiAnalysis/process.cpp b/al-khaser/AntiAnalysis/process.cpp
@@ -9,37 +9,40 @@ Check for process list
 VOID analysis_tools_process()
 {
  const TCHAR *szProcesses[] = {
- _T("ollydbg.exe"), // OllyDebug debugger
- _T("ProcessHacker.exe"), // Process Hacker
- _T("tcpview.exe"), // Part of Sysinternals Suite
- _T("autoruns.exe"), // Part of Sysinternals Suite
- _T("autorunsc.exe"), // Part of Sysinternals Suite
- _T("filemon.exe"), // Part of Sysinternals Suite
- _T("procmon.exe"), // Part of Sysinternals Suite
- _T("regmon.exe"), // Part of Sysinternals Suite
- _T("procexp.exe"), // Part of Sysinternals Suite
- _T("idaq.exe"), // IDA Pro Interactive Disassembler
- _T("idaq64.exe"), // IDA Pro Interactive Disassembler
- _T("ImmunityDebugger.exe"), // ImmunityDebugger
- _T("Wireshark.exe"), // Wireshark packet sniffer
- _T("dumpcap.exe"), // Network traffic dump tool
- _T("HookExplorer.exe"), // Find various types of runtime hooks
- _T("ImportREC.exe"), // Import Reconstructor
- _T("PETools.exe"), // PE Tool
- _T("LordPE.exe"), // LordPE
- _T("SysInspector.exe"), // ESET SysInspector
- _T("proc_analyzer.exe"), // Part of SysAnalyzer iDefense
- _T("sysAnalyzer.exe"), // Part of SysAnalyzer iDefense
- _T("sniff_hit.exe"), // Part of SysAnalyzer iDefense
- _T("windbg.exe"), // Microsoft WinDbg
- _T("joeboxcontrol.exe"), // Part of Joe Sandbox
- _T("joeboxserver.exe"), // Part of Joe Sandbox
- _T("joeboxserver.exe"), // Part of Joe Sandbox
- _T("ResourceHacker.exe"), // Resource Hacker
- _T("x32dbg.exe"), // x32dbg
- _T("x64dbg.exe"), // x64dbg
- _T("Fiddler.exe"), // Fiddler
- _T("httpdebugger.exe"), // Http Debugger
+ _T("ollydbg.exe"), // OllyDebug debugger
+ _T("ProcessHacker.exe"), // Process Hacker
+ _T("tcpview.exe"), // Part of Sysinternals Suite
+ _T("autoruns.exe"), // Part of Sysinternals Suite
+ _T("autorunsc.exe"), // Part of Sysinternals Suite
+ _T("filemon.exe"), // Part of Sysinternals Suite
+ _T("procmon.exe"), // Part of Sysinternals Suite
+ _T("regmon.exe"), // Part of Sysinternals Suite
+ _T("procexp.exe"), // Part of Sysinternals Suite
+ _T("idaq.exe"), // IDA Pro Interactive Disassembler
+ _T("idaq64.exe"), // IDA Pro Interactive Disassembler
+ _T("ImmunityDebugger.exe"), // ImmunityDebugger
+ _T("Wireshark.exe"), // Wireshark packet sniffer
+ _T("dumpcap.exe"), // Network traffic dump tool
+ _T("HookExplorer.exe"), // Find various types of runtime hooks
+ _T("ImportREC.exe"), // Import Reconstructor
+ _T("PETools.exe"), // PE Tool
+ _T("LordPE.exe"), // LordPE
+ _T("SysInspector.exe"), // ESET SysInspector
+ _T("proc_analyzer.exe"), // Part of SysAnalyzer iDefense
+ _T("sysAnalyzer.exe"), // Part of SysAnalyzer iDefense
+ _T("sniff_hit.exe"), // Part of SysAnalyzer iDefense
+ _T("windbg.exe"), // Microsoft WinDbg
+ _T("joeboxcontrol.exe"), // Part of Joe Sandbox
+ _T("joeboxserver.exe"), // Part of Joe Sandbox
+ _T("joeboxserver.exe"), // Part of Joe Sandbox
+ _T("ResourceHacker.exe"), // Resource Hacker
+ _T("x32dbg.exe"), // x32dbg
+ _T("x64dbg.exe"), // x64dbg
+ _T("Fiddler.exe"), // Fiddler
+ _T("httpdebugger.exe"), // Http Debugger
+ _T("cheatengine-i386.exe"), // Cheat Engine
+ _T("cheatengine-x86_64.exe"), // Cheat Engine
+ _T("cheatengine-x86_64-SSE4-AVX2.exe"), // Cheat Engine
  };
 
  WORD iLength = sizeof(szProcesses) / sizeof(szProcesses[0]);