By
Max_Power
I have finally answered the age old question of how to hide a process from the Windows XP task manager. It took me a couple hours of reverse engineering and a lot of thought over several weeks and the answer came to me when I was falling alseep (I am not kidding even a little bit).
Cons of my method:
1. I have to use a dll and inject it, before anyone asks this is not API hooking.
Solution: Not to big of a problem. If your program is legit (a security program for example) it doesn't matter if you have the dll laying around so this is null. Otherwise if you need a single exe package then just include the dll as a resource, extract, and finally inject when you need to.
2. If you inject to soon the task manager goes down on you harder than a high paid stripper (it crashes).
Solution: When you detect the task manager is running make your injection thread sleep 1 second or so before injecting.
Pros of my method:
1. The code is incredibly simple. You only need about 3 months of coding experience in C++ to understand it.
2. The DLL is really small. We are talking like 3-4 kb's in ASM and only 8.5 kb's in C++ (I only have a C++ version done).
3. Once you inject the dll you can open as many instances of the hidden program as you want and they will all be hidden no matter what.
What has to be done to make it absolutely perfect:
1. The task you are trying to hide should not have an entry in the applications tab, but that is not a huge deal because making it not show in there is child play period. Most frameworks have functionality to allow you to do this in one easy line of code.
This is where I would normally give you a link to a compiled binary + code, but I am not going to give hand outs on this one. If you want the dll so you can reverse engineer it I would be happy to hook you up because at least you would be earning it. If you want the code you have to make it worth my while to give it to you, unless of course you are snoopy in which case its yours
.
Hiding Processes From XP Task Manager 
Linear Mode
