Topic created on: December 4, 2007 09:35 CST by HiPPiEkiLLeR .

Hi guys,
I made a hidedebug script for Immunity Debugger, it handles many anti-debug tricks and does some poly-patches for the more common anti-debug apis (to avoid rlpack and other detection)

Patches:
    o IsDebuggerPresent           (Poly)
    o ZwQueryInformationProcess
    o CheckRemoteDebuggerPresent
    o PEB.IsDebugged
    o PEB.ProcessHeap.Flag
    o PEB.NtGlobalFlag
    o PEB.Ldr 0xFEEEFEEE filling
    o GetTickCount                (poly)
    o ZwQuerySystemInformation    
    o FindWindowA
    o FindWindowW
    o FindWindowExA
    o FindWindowExW
    o EnumWindows

For full info see:
http://forum.immunityinc.com/index.php?topic=140.msg542#msg542

Or just download from my site: http://www.PEiD.info/BobSoft/

Have fun!
BoB -> Team PEiD