Hi.
I have another small problem:
Assume there is a program that you have to run to do a special task (so you have to execute that program).
Further assume that this program won't let you execute another special program which you would like to start but aren't allowed to (because the program doesn't let you).

So now my question:
How can i hide the program that i want to execute from the program that doesn't let me execute it?

I tried the following, but it didn't work:
- change the window text of the program that i want to execute
- hide the program with the undocumented api function "RegisterServiceProcess"

The program was not visible in the CTRL+ALT+DEL Window but the program was still found by that other program.
So what i can do?
Help please.


Thanks in advance.
Posted on 2001-09-07 08:26:58 by darester
im no expert but arent windows usually located using FindWindow?... which requires the window class and the window name in order to get its handle. i dunno how you can change either in order to hide it but thats probably what youve got to do.

or why not just close the program that doesnt let you execute it. isnt that the obvious solution?? if you cant see it in the CTRL+ALT+DEL menu then you can use a program like "PVIEW95.EXE" that you get with C++ i think. i would post it but i dont think any of the law-abiding admins would be too pleased ;) . if you want it i can email it to you. just dont tell Billy Gates :D

Hope this helps!
skud.
Posted on 2001-09-07 16:44:14 by skud
#include <windows.h>



void hide_me(int flag) //flag=1 -> hide the process
{ //flag=0 -> unhide the process

char kernel32_addr[]="kernel32.dll";
char undoc_func[]="RegisterServiceProcess";

HINSTANCE eax0;
FARPROC eax1;



//loads the dll:
//you can use LoadLibrary(!memory)
eax0=GetModuleHandle(kernel32_addr);

//loads the address of the undocumented function
eax1=GetProcAddress(eax0,undoc_func);

//__________________\\
// -=Win32asm Rulez=- \\
//----------------------\\

/* _asm
{

push flag ;flag=1 -> hide the process
;flag=0 -> unhide the process
push 0

call eax1

}
*/
eax1(flag,0);
FreeLibrary(eax0);

}

int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance,
PSTR szCmdLine, int iCmdShow)
{

hide_me(1);

MessageBoxA(0,"The process is hidden","Win32asm Rulez",MB_OK);

hide_me(0);

MessageBoxA(0,"The process is unhidden","Win32asm Rulez",MB_OK);

return 0;
}


You cantranslate this document very easy to win32asm.
Posted on 2001-09-07 22:43:58 by MatriX
check my hideproc.zip in iczelion site. it hook process api in memory to hide a process

ancev
Posted on 2001-09-09 20:51:38 by ancev