Hi,
Does some one know how to hide a process from the taskmanager(win2000)? How to hide a process by PID?
Any source on this one??
Thanks for the replays..
Poit
Hiding process by PID
hi
hi
is it possible to hide an process by pid but the code might be bulky because you need to convert the pid to an filename.if i don't mistake they are an function in madcollection which do that.
the easiest way to hide just an exe bis the exefilename.
it is realy possible and simple.
but firstly before posting an code sample or somes informations i think
you must tell us in which purposes you use it ? it is bad for me to hide an exe in the taskamanger ?
if madshi agree i can poste the code for that or give you information.
@+
is it possible to hide an process by pid but the code might be bulky because you need to convert the pid to an filename.if i don't mistake they are an function in madcollection which do that.
the easiest way to hide just an exe bis the exefilename.
it is realy possible and simple.
but firstly before posting an code sample or somes informations i think
you must tell us in which purposes you use it ? it is bad for me to hide an exe in the taskamanger ?
if madshi agree i can poste the code for that or give you information.
@+
Reason
Hi Again,
Thanks for your reply legion! There is no exact reason to give. I have read about hiding a process by PID on the net somewhere and I just want to know how it's done. It's my hunger for information I think For what reason you don't want to give any example source? Is it dangerous for my system?
grzt Poit
Thanks for your reply legion! There is no exact reason to give. I have read about hiding a process by PID on the net somewhere and I just want to know how it's done. It's my hunger for information I think For what reason you don't want to give any example source? Is it dangerous for my system?
grzt Poit
You can hide a process by hooking NtQuerySystemInformation in the NT family and by hooking the toolhelp functions in win9x. However, the non-commercial version of madCodeHook doesn't allow that. The reason is simple: Trojans, viruses and backdoors usually try to hide themselves. But I don't want madCodeHook to be used in trojans and such software. So I've decided to not allow hooking of the process enumeration APIs in the non-commercial version. I'm sorry...