Any questions? Ask us:



Executed Processes

Executed Processes

Use checkup of executed processes - checking executed processes. This feature allows you to make your own list of the "black" programs that can not be executed together with the protected module. There you may define a list of the software that should not be executed while the protected module is working. How does it work? While the protected file is working and starting, the Enigma loader is enumerating all the executed processes and checking if there is any software blocked by the function. If blocked software is found, the protected module is immediately terminated. For example, this feature allows you to get protection against OllyDbg (software debugger), SnagIt (screen capture tool), file and registry monitors. You can define checkup parameters (click on the columns to edit):

column "Action" - you will see the list of available checkups for the processes, the common ones are:

  • Delete process from the list
  • File Name - checkup of the file name of the executed process
  • Window Text - checkup of the name of the process window (Warning: the window text may be changed while the application is working)
  • Window Class - checkup of a window class.

column "File Name" - define a file name of the process to search.

column "Window Text" - the text of the window to search. If you want to search the window text by mask, you can enter the text quoted with an asterisk (*) symbol. For example, entered text *OllyDbg* will search any window which text (any part of text) contains OllyDbg word.

column "Window Class " - the class of the window to search.

Add Process - press this button to add a process(es) into the list. Note: you may add any process to the list and then edit it as you want. The appeared window shows you all the processes with their windows that are currently executed in your system.

Check Executed Processes every X second(s) - it enables runtime checkup of executed processes while the protected application is working. Set up the optimal number of seconds delay between the checkups (if you have many items, for example, greater than 50, to checkup in the list, we recommend setting number of seconds greater than 10 to avoid high CPU loading on slow PCs). If this feature is disabled, the Enigma will check executed processes only once upon the application startup.

Show message before termination - if the Enigma checks that there is an executed process that matches the criteria, it will show a message and will be terminated. To edit the warning message, press "Design Message" button.