Killing the Pesky Detours Marker DLL
Thursday, August 20, 2009The current version of Microsoft Detours injects a marker DLL into detoured processes. From the help docs:
The detoured.dll file is a marker that guides Microsoft technical support personnel and tools, like Windows OCA, by helping them quickly determine that a process has been altered by the Detours package.
If you're using Microsoft Detours in the context of an online poker bot or other real-time online poker tool...this can be an issue. You might as well hang a sign around your neck:
HEY! Unauthorized software being run here! Suspicious activity! Flag me!
That's not to say that every use of Microsoft Detours in an online poker context is suspicious or malicious, but generally speaking, only three kinds of poker applications require Detours-like functionality:
- Online poker bots
- Data miners
- Other real-time online poker tools
So from the perspective of an online poker site, the presence of DETOURED.DLL in a given poker client process can and should be interpreted as "suspicious". That said, earlier versions of Detours (pre-2.0) didn't include this marker DLL, and luckily the current version doesn't have to, either.
Instructions for removing the Detours marker DLL
Better yet, you can just use an equivalent open-source library like EasyHook. But whatever you do, don't make the mistake of assuming that you've "stealthed" or "cloaked" your use of API hooking by this simple expedient. You haven't; not by a long shot.
But it's a step in the right direction...
[Hat tip to Dave for the link.]
Yes! Leave a Comment. All fields are optional.
- Sneak Peek: StopLight 1.0
- A Radioactive, Search-Hardened User Name for Online Poker
- Online Poker and the Multi-Tabling Effect
- A Primer Primer
- Moonlighting with OpenTK
- BROWSE ALL POSTS
Subscribe to Coding the Wheel over email or through any RSS reader. Coding the Wheel has been published since 2008.
- How I Built a Working Online Poker Bot, Part 1, 2, 3, 4, 5, 6, 7, 8
- Summoning the Harry Potter MMORPG
- Are Commercial Databases Worth It?
- 21 and the Monty Hall Paradox
- Visualizing the Internet (48)
SEO Packages wrote: Insightful, but the internet is a lot more difficult to portray imo. - 1,326 (41)
SEO Packages wrote: So disco isn't dead yet? - Dartboard-Driven Design (52)
SEO Packages wrote: Hilarious, very creative but I wouldn't guide myself after that. 90% of the surface of my target ... - How to Display Integrated Digg.com Comments on Your Website (27)
SEO Packages wrote: Very useful article, thanks for the info - Using Internet Conveyor Belts to Drive Traffic to Your Site (23)
SEO Packages wrote: Very useful info here, I am in the SEO business myself and I've learned some now stuff from your ... - Summoning the Harry Potter MMORPG (1048)
James Lloyd wrote: Is this Real LOOKS F*ING AMAZING :) can't wait till it is made :D - The Great Poker Hand Evaluator Roundup (119)
Cheap UGG Boots wrote: fddddffffff - The Great Poker Hand Evaluator Roundup (119)
mbt kisumu white wrote: dddddddddd - The Great Poker Hand Evaluator Roundup (119)
Discount MBT Shoes wrote: mbt kisumu black sandal and mbt kisumu white ar hot saling now in our website. This Summer,the mbt ... - How I Built a Working Online Poker Bot, Part 3 (133)
mr.cool wrote: Hello! I find this review very interesting !Vibram FiveFingers - A Circular Dilemma Concluded (39)
online bollywood movies wrote: It seeks to show how rarely needed a high voltage working environment in which candidates are difficult ... - How I Built a Working Online Poker Bot, Part 3 (133)
wewr wrote: [Replica Watches][1] [1]: http://superior-replica.com/"Replica Watches" ... - How I Built a Working Online Poker Bot, Part 3 (133)
wewr wrote: Sorry i not mean spam,...just like your article,...cheers [Replica Watches][1] [1]: http://www.superior-replica.com/"Replica ... - How I Built a Working Online Poker Bot, Part 3 (133)
wewr wrote: Vibram FiveFingers - How I Built a Working Online Poker Bot, Part 3 (133)
Replica Watches wrote: Replica Watches - How I Built a Working Online Poker Bot, Part 3 (133)
Replica Watches wrote: Yeah, after a study it more deeply, I know now.Replica Watches - How I Built a Working Online Poker Bot, Part 3 (133)
Replica Watches wrote: I had not understood the purpose of this article, but after a study it more deeply, I know now. Replica ... - How I Built a Working Online Poker Bot, Part 3 (133)
Replica Watches wrote: posts that are very evocative readers like me to understand more about what is contained in this article ... - How I Built a Working Online Poker Bot, Part 7: Extracting Text from 3rd-Party Applications (318)
window cleaning wrote: Great series and I enjoyed each article very much. I hope now you've got a whole batch of articles ... - How I Built a Working Online Poker Bot, Part 3 (133)
property management wrote: fat burning furnace scam or real.
34 comment(s)
Awesome. I've been using an ancient version of Detours specifically so I don't have to deal with the marker DLL. I'll have to try this, but your EasyHook link looks even better.
JeremyX on Thursday, August 20, 2009I started using EasyHook a few months ago, actually, here are a few tips for others who may have gone this route:
That way, not only is there not a marker DLL, but there aren't any well-known symbols/APIs floating around in your binary for the poker client to detect.
Anonymous on Thursday, August 20, 2009Another option (instead of bundling Detours/EasyHook into your bot) is to just cut and paste the specific pieces of code you need to set up the detours. That way, no identifiable functions or names in your EXE.
I'm not sure if poker clients look for that sort of stuff but better safe than sorry, right?
Teddy KGB on Thursday, August 20, 2009Are you planning any more posts on stealthing in general? I really have no idea what they look for.
I've gone down the screen scraping path (which was actually pretty easy). Does that make me stealthier? Or can the poker sites easily determine that I'm taking an unusually large amount snapshots?
And what about input? I read on pokerstars.com that they allow betting macros as long as a human is making the decision. Does that mean I don't have to worry about stealthing my fake mouse clicks etc?
thewee on Thursday, August 20, 2009Yeah, tons of people use AHK macros so I can't imagine that's against the rules.
Anonymous on Friday, August 21, 2009Thanks James, I've been playing around with EasyHook for about a day and so far I love it. Better than Detours in just about every way!
Ed K. on Sunday, August 23, 2009i dont think AHK macros break any rules for poker sites
facebook poker chips on Thursday, December 10, 2009Are there new updates available for this tool ?
odds comparison script on Friday, December 25, 2009Elegantly written. It is sad to realize how little control any of has over anything when it comes right down to it... rated.logo design & website design
Alex on Wednesday, June 23, 2010I loved this post so much. This was great. Keep it up!
Tudor replica watches on Saturday, July 24, 2010PerformingGraham for sale that will create a one-wayswiss watches backlink to your website whichMaurice Lacroix watches is a good point to have. It is Patek Philippe watchesa time-consuming Tag Heuer for saleprocess even though it produces good outcomes U-boat for saleand works. You can also swiss watchespost comments on blogs alongMaurice Lacroix watches together with your link, but make sureGraham watches these blogs are do-follow, which dolce & gabbana handbagsindicates the link that youreplica coach handbags simply post will probably be replica handbagscounted by the search engines jimmy choo replicaas a backlink.There are many thingsversace replica handbags that contribute to online businessjuicy couture replica failure, and the lack of good action thomas wyldeis surely one of the deadliest business-killersdolce gabbana handbags on the net. Take action like by no means chloe handbags replicaprior to, and don’t get struck by analysis paralysisburberry replica. Your achievement lies in your rapid actionchanel replica and how well you apply numerous strategies.
replica watches on Saturday, July 24, 2010nike air jordan 2010 nike air jordan 5 nike air jordan 3 nike air jordan 11 cheap nike air jordan 2 nike air jordan 1 nike air jordan shoes discount nike air jordan shoes nike air jordan 6 wholesale nike air jordan 1 discount nike air jordan 6 nike air jordan 7 nike air jordan 8 top quality nike air jordan shoes 23 nike air jordan 21 nike air jordan 22 nike air jordan 6 rings cheap nike air jordan 22 nike air lebron james shoes nike air lebron james shoes nike air jordan 2010 nike air joredan lebron james nike air jordan 2009 discount nike air jordan 2009 nike lebron james wholesale nike air jordan 2010 cheap nike air jordan 2009 discount nike air jordan 19 cheap nike air jordan 3 discount nike air jordan 18 brand nike air jordan 12 wholesale nike air jordan 2 nike air jordan 13 nike air jordan 14 nike air jordan 6 rings discount jordan shoes7 discount jordan shoes1 jordan shoes2010 jordan shoes 6 rings cheap jordan shoes2 discountjordan shoes3 discount jordan shoes4 jordan shoes uk23 jordan shoes classic bw22 cheap jordan shoes 21 ltd discount jordan shoes20 discountjordan shoes19 jordan shoes 18 uk nike air jordan shoes 17 cheap nike air jordan shoes 16 discount air jordan shoes 15 discount air jordan shoes 14 nike air jordan shoes 3 uk nike air jordan shoes 13 cheap nike air jordan shoes 11 discount air jordan shoes 6 discount jordan shoes 10 nike air jordan shoes 8 nike air jordan shoes 7 cheap louis vuitton bags cheap kobe bryant shoes cheap lebron james shoes .
cheapjordan on Saturday, July 24, 2010Very good work here. Nice to read the post. farmville cheats
Alfred Mansour on Sunday, July 25, 2010I will keep visiting this blog very often. Blu ray ripper /
ipad converter on Sunday, July 25, 2010air max shoes is an extremely comfortable shoe that uses a large air cushioning unit that can be seen from the side. This technology combined with the design of the shoe which is meant to compliment the spinal cord makes. Air Max shoes the ideal shoe for walking, running, playing basketball, or any other sport. nike air max ,nike air max 2009, nike air max 95, nike air max 90 and so on.Nike introduced its Air Cushioning Technology in 1979. By embedding Air Cushioning in the midsoles of its running shoes, it changed the way athletes approached and reacted to athletic performance forever.
nike air max on Monday, July 26, 2010ed hardy, cheap ed hardy, ed hardy clothing, ed hardy outlet, ed hardy jeans, ed hardy bags, ed hardy swimwear, ed hardy shirts, ed hardy tee, ed hardy caps, ed hardy purse, ed hardy board shorts, ed hardy shoes, ed hardy for men, ed hardy for women, ed hardy jeans for women.
cheap ed hardy on Tuesday, July 27, 2010ed hardy, cheap ed hardy, ed hardy clothing, ed hardy outlet, ed hardy jeans, ed hardy bags, ed hardy swimwear, ed hardy shirts, ed hardy tee, ed hardy caps, ed hardy purse, ed hardy board shorts, ed hardy shoes, ed hardy for men, ed hardy for women, ed hardy jeans for women.
cheap ed hardy on Tuesday, July 27, 2010We offer ghd straighteners worldwide.You can get them with high quality but at low price from our store.ghd straighteners cheap will give you a big surprise.We sale various styles ghd hair straighteners and the most popular ones are the ghd purple and ghd precious.They are the perfect hair straighteners which you should not miss.In addition, we have numerous other ghd series.I'm sure you will get a perfect ghd hair straighteners which macthes with your taste. For most people ghd straighteners cheap is a god-given chance. In addtion, if you pay a little attention to ghd straighteners you will find that ghd loved by many celebraties who appear on the fashion magazines with new hair styles created by the hair straighteners.You may say why it is must be ghd straighteners? You know ghd is a famous brand in hair salon field. If you are lucky enough, you will find ghd straighteners cheap which is at a lower price but with the same good quality.
ghd on Wednesday, July 28, 2010ghd ghd straighteners ghd straighteners cheap
ghd on Wednesday, July 28, 2010ghd ghd straighteners ghd straighteners cheap
ghd on Wednesday, July 28, 2010It is a good timberland 6 inch boots thing that the God Who made us is not impatient with people like me with my timberland shoe company orchid. He lovingly thinks about us all the time timberland boots and he even temporarily gave up His heavenly home and his timberland traditional handsewn hold on diety to die for the sins of timberland mens custom world nearly 2,000 years ago. His death back then covered the sins of every cheap timberland boots person who will ever live. He then rose to life after three mens timberland chukka days and ever since has wanted us to accept His gracious act by loving Him and also those around us. When we do this, we will see people in a totally different timberland womens premium boots light — one that redefines what it means to be ugly or different or weird or strange. Instead, we see people with ugly timberland shoes store problems in whom God is working so they can bloom beautifully — just like I now see in my orchids whether they are “lumps” or blossoms! On a certain timberland work shoes day at a certain hour, we will pull into the station. Bands will be playing and flags waving. Once we get there, so many wonderful dreams will come true and the pieces of our timberland wheat shoes lives will fit together like a completed jigsaw puzzle. How restlessly we pace the aisles, *ing the minutes for timberland for you loitering --waiting, waiting, waiting for the station.
discount timberland boots on Wednesday, July 28, 2010Buy Replica Louis vuitton please come here, we are lowest price Louis vuitton online Replica Watches,Best Breitling,Rolex,Omega Replica Watch .
we offer cheap and best Louis vuitton Belt. ... All Categories, Louis vuitton outlet Stephen Sprouse Collection ...
Reviews and Articles on Top 10 Handbags Lists for Best Louis vuitton,Louis vuitton,Best Hermes.
louisvuitton4 on Thursday, July 29, 2010Life will change what you are but not who you are;
Blu-ray Ripper on Thursday, July 29, 2010Marry a person who likes talking; because when you get old, you’ll find that chatting to be a great advantage
blu-ray ripper on Thursday, July 29, 2010Your article is very appealing to me.I like this article, this article that i learned a lot of knowledge.
Video Converter on Thursday, July 29, 2010Wholesale NFL Jerseys
Cheap NFL Jerseys
NFL Jerseys
NFL Football Jerseys
Women NFL Jerseys
Kid NFL Jerseys
Super Bowl Jerseys
Super Bowl NFL Jerseys
Throwback Jerseys
Throwback NFL Jerseys
Cheap Throwback Jerseys
Wholesale Throwback Jerseys
Cheap Super Bowl Jerseys
Wholesale Super Bowl Jerseys
youth nfl jerseys wholesale
youth nfl jerseys cheap
nfl youth jerseys
Baltimore Ravens Jerseys
Chicago Bears Jerseys
Cincinnati Bengals Jerseys
Denver Broncos Jerseys
Dallas Cowboys Jerseys
Green Bay Packers Jerseys
Indianapolis Colts Jerseys
Minnesota Vikings Jerseys
New England Patriots Jerseys
New Orleans Saints Jerseys
New York Jets Jerseys
Arizona Cardinals Jerseys
Buffalo Bills Jerseys
Atlanta Falcons Jerseys
Carolina Panthers Jerseys
Cleveland Browns Jerseys
Houston Texans Jerseys
Detroit Lions Jerseys
Jacksonville Jaguars Jerseys
Kansas City Chiefs Jerseys
Miami Dolphins Jerseys
New York Giants Jerseys
Philadelphia Eagles Jerseys
San Francisco 49ers Jerseys
Oakland Raiders Jerseys
Seattle Seahawks Jerseys
Pittsburgh Steelers Jerseys
St Louis Rams Jerseys
San Diego Chargers Jerseys
Tampa Bay Buccaneers Jerseys
Tennessee Titans Jerseys
Washington Redskins Jerseys
Ray Lewis Jerseys
Ed Reed Jerseys
Joe Flacco Jerseys
Terrell Suggs Jerseys
Dick Butkus Jerseys
Greg Olsen Jerseys
Matt Forte Jerseys
Devin Hester Jerseys
Walter Payton Jerseys
Brian Urlacher Jerseys
Lance Briggs Jerseys
Jay Cutler Jerseys
Carson Palmer Jerseys
Rey Maualuga Jerseys
Chad Johnson Jerseys
Demarcus Ware Jerseys
Jason Witten Jerseys
Terrell Owens Jerseys
Felix Jones Jerseys
Marion Barber Navy Jerseys
Marion Barber Jerseys
Emmitt Smith Jerseys
Miles Austin Jerseys
Roger Staubach Jerseys
Troy Aikman Jerseys
Tony Romo Jerseys
Eddie Royal Jerseys
Brandon Marshall Jerseys
Aaron Rodgers Jerseys
A.J. Hawk Jerseys
Donald Driver Jerseys
Greg Jennings Jerseys
Peyton Manning Jerseys
Dallas Clark Jerseys
Robert Mathis Jerseys
Marvin Harrison Jerseys
Drew Brees Jerseys
Marques Colston Jerseys
Pierre Thomas Jerseys
Reggie Bush Jerseys
Jeremy Shockey Jerseys
Tarvaris Jackson Jerseys
Adrian Peterson Jerseys
Jared Allen Jerseys
Mark Sanchez Jerseys
Thomas Jones Jerseys
Leon Washington Jerseys
Brett Favre Jerseys
buynflshop on Thursday, July 29, 2010sale4louisvuitton.com Supply Cheap Fake Handbags, fashion designer Replica Louis vuitton, All Kinds of Bags,Purse,Wallet at low
price.You will get the best quality
Below we have compiled a list of 8 of the best louis shop under $1000!
Luxury Designer Handbags Online-Show you best handbags-up to 70% . lv bag M95545-Mahina Large-CamelTo.
Our stylish affordable designer products and other accessories are the best value for your money. lv outlet and replica Louis
vuitton .
louis vuitton on Thursday, July 29, 2010Wholesale Cell Phones GSM Cell Phones Smart Cell Phones TV Cell Phones Dual Card Cell Phones WiFi Cell Phones 3G cell phones Touch Screen Cell Phones
Wholesale electronics on Thursday, July 29, 2010Choosing the right tiffany jewelry accessory will turn an ordinary outfit into a fashion statement before you buy it from one mall or others, you can budget from our mall; christian louboutin as being beautiful and making us feel sexy Italian research has shown that a good pair of heels can help tone the body, condition muscles and improve the wearer's sex life, buy it please click the link; Look for ed hardy clothing, just click the link and you will have a great surprise; Finding beautiful cartier jewelry as gifts, we provide different styles for your reference; Choose the different links of london jewellery from our site, enjoy free and fast shopping worldwide; If you plan on shopping for NFL jerseys, you can purchase nfl jerseys online at our mall. We will do our best to serve for you. Welcome you!
tiffany jewelry on Friday, July 30, 2010Pool Temperature Madera Jobs Madera Pest Control Madera Dentist Merced Dentist Visalia Dentist Modesto Dentist Fresno Limousine Fresno Granite briefcases leather leather briefcases prospect solution | prospect solutions | prospectsolution | prospectsolutions | prospectsolution.com prospect solution | prospect solutions | prospectsolution | prospectsolutions | prospectsolution.com prospect solution | prospect solutions | prospectsolution | prospectsolutions | prospectsolution.com
carmi on Friday, July 30, 2010essay essay writing essay writing service essay writing service uk
jane on Friday, July 30, 20102010 chanel handbags hot sale on buybury.com, you can discover all kinds of fashion chanel handbags in free shipping worldwide, and buybury.com provide chanel bags are all 70% discount, that attracted numerous chanel funs, and you can place an order for cheap chanel handbags will have the same discount. If you are looking for chanel handbags now, do not hesitate, chanel hobos on our site is really noble but cheaper. All chanel bags really are wonderful.
chanel handbags on Friday, July 30, 2010Replica miu miu handbags are not just beautiful and elegant, but it is also at excellent quality and similar design as the real. You will like it once you see it. Now attention please, at our shop, we are holding a promotion. You can buy replica miu miu bags of high quality with the lowest price. Meanwhile, miu miu handbags buying from here you can enjoy free and fast delivery shipping. Welcome to our shop!
miu miu bags on Friday, July 30, 2010Want to get Ed hardy at home? No hesitation, get them at with big discount. We are promise you that all the ed hardy clothing are good in qualities. Meanwhile, buying ed hardy clothing online, that’s never a bad idea. By the way, whenever and wherever you need us, we will be there for you. Ed Hardy T-Shirts are waiting for you now, welcome you!
ed hardy on Friday, July 30, 2010