madshi.net

Hi,

Does some one know how to hide a process from the taskmanager(win2000)? How to hide a process by PID?

Any source on this one??

Thanks for the replays..

Poit

hi

is it possible to hide an process by pid but the code might be bulky because you need to convert the pid to an filename.if i don't mistake they are an function in madcollection which do that.
the easiest way to hide just an exe bis the exefilename.
it is realy possible and simple.

but firstly before posting an code sample or somes informations i think
you must tell us in which purposes you use it ? it is bad for me to hide an exe in the taskamanger ?
if madshi agree i can poste the code for that or give you information.

@+

Hi Again,

Thanks for your reply legion! There is no exact reason to give. I have read about hiding a process by PID on the net somewhere and I just want to know how it's done. It's my hunger for information I think For what reason you don't want to give any example source? Is it dangerous for my system?

grzt Poit

Is there any problem why someone should not give me any examplecode for hiding a process by PID?

Grtz Poit

You can hide a process by hooking NtQuerySystemInformation in the NT family and by hooking the toolhelp functions in win9x. However, the non-commercial version of madCodeHook doesn't allow that. The reason is simple: Trojans, viruses and backdoors usually try to hide themselves. But I don't want madCodeHook to be used in trojans and such software. So I've decided to not allow hooking of the process enumeration APIs in the non-commercial version. I'm sorry...

Hi,

I understand what you mean. Trojans and virii use these methods too. Thanks for your reply Madshi.

Grtz Poit