[q7x]

Process Hider is a tool designed to hide your process in windows task manager and tasklist .
this is a powerful tool to hide trojans

<<< GUI Version And Only For Test >>>

Programer :Q7X ( Nima Salehi )
Special Tanx To My Best Friends Behrooz_ice And ActionSpider

Attached File(s)

•  Process_Hider.zip (81.51K)
  Number of downloads: 1225

[apoc_neo]

Interesting applications, why gui tho? Have you made a dos version? If so please post it :)

[JaG]

I tested it in vmware, and it put a rootkit infected file into a driver folder...so beware.

system32/drivers/rundll32.exe

rootkit.win32.agent.x

[q7x]

hi
this GUI version is only for test
i will write binder for use this method and hide trojan ;)

[LittleHacker]

Hi Nima
nice 2 c u again.
If I were you I'd do it with CLI abilities (as foundstone sometimes does).
you may add some extra feactures too. such as converting a simple process to a service (look illwill's stuff)
anyway thanks for progi & keep good workin ...

[GhostShell]

Quote

Process Magic V1.0 By WinEggDrop

rundll32 -List          ----> List Processes And Show Hidden Processes
rundll32 -Hide PID      ----> Hide A Process

lol you could atleast give props to wineggdrop or give all credit to them...
look in "%windir%\system32\drivers\rundll32.exe"
this is just a GUI for pm.exe...kinda like that GUI of upx for skiddies
other than that nice job...
I just dont know why you didnt give any credit to wineggdrop

[LittleHacker]

@ Q7X
This is not a process hider! this is a task/window hider! if you hide a process it would not be shown in process list. something like rootkit's do. or you may do a process injection to hide a process (in another one)
this progi just make a visible window to invisible one ...

@ GhostShell
there are many process manager and pm is not the only one.
nothing undocumented here and there are many source codes too that do di in several ways (giving PID,giving ProcessImage, Clickin on the window , ...).
anyway rundll is located in %systemroot%\system32 and do not accept parameters you said... you may renamed pm to %windir%\system32\drivers\rundll32.exe
you don't need any extra progi on win xp & later. just run tasklist in console.

[[R]]

what a shit...

got only a warning by the AV...

[GhostShell]

LittleHacker, on Aug 28 2005, 08:16 AM, said:

@  Q7X
This is not a process hider! this is a task/window hider! if you hide a process it would not be shown in process list. something like rootkit's do. or you may do a process injection to hide a process (in another one)
this progi just make a visible window to invisible one ...

@ GhostShell
there are many process manager and pm is not the only one.
nothing undocumented here and there are many source codes too that do di in several ways (giving PID,giving ProcessImage, Clickin on the window , ...).
anyway rundll is located in %systemroot%\system32 and do not accept parameters you said... you may renamed pm to %windir%\system32\drivers\rundll32.exe
you don't need any extra progi on win xp & later. just run tasklist in console.

<{POST_SNAPBACK}>

whatcha talking about this uses almost only pm.exe take a look

[rasraven]

well. I think he binded that pm and piped to it & AVs are sensitive to binders

[LittleHacker]

oh! you meant using exe/lib/ocx as a resource ?
I think I should have look ...

Nima you can develop your own prog with no extra stuff. that's nothing special.

[roder]

process hide whit this program, show with knlps10.exe

h**p://www.hxdef.org/download/knlps10.zip

[emailpack]

roder, on Aug 30 2005, 12:11 AM, said:

process hide whit this program, show with knlps10.exe

h**p://www.hxdef.org/download/knlps10.zip

<{POST_SNAPBACK}>

The process hider, works for time, when a kid gets out its, bed and realises theres
nothing more, then encrypted injected trojan horses, in his computer being tapped out, of his room and killed processes, that is computer is defenseless against, such threats because it couldnt programm, so why waste time on this, while knowing windows itself is more, a bigger threath then a hacker, ya know what Im talkin about, well just keep that in mind, let me know if u, got a better suggestion.

Holler at ya boy, emailpack.

[st4n]

i like thos program, very useful!
As already said, parameter option would be really nice!

[God]

I think and truss up can be better, then avoid killing , it can be a bit better to do by inserting the process, for example insert rootkit which you need and a wanton systematic process.