בסד
Home ] Secret Logging ] Stealth Engines ] The Text Sniffer Patent Owned by the US ] The Sandpebbles Analysis ] The Entennman CC Recipe ] Jewish Geography ] The Secrets Of Hebrew Letters ] Lomdus Curio ] LANGUAGE WATCH ] Jewish Roots in Languages ] Yemenite Recovered ] Jewish Names ] Beer and Bread ] Win Crashing ] Techie Poetry ] Anti-Israel US Congressmen ] Watching your own back ] Jacob's Sheep ] Common and Folk Names of Chemicals ] The Yoshke Graffitti Debunked ] [ Hiding from the CTRL ]

 

 

 Hiding from the CTRL+ALT+DEL Task Manager...

is easy, register your program as a device driver...

You do this by calling RegisterServiceProcess with parameters 0, 1 :

/*

code to 'manually' import RegisterServiceProcess from KERNEL32.DLL

*/

if (functionavailable) { RegisterServiceProcess(NULL, 1); }

this function is only available in Win 9x, so your program will have to import this function from KERNEL32 itself using LoadLibrary & GetProcAddress and check if it is available, or make it a win9x only trojan

In a RAD like Delphi you stick some procedure at OnClose or something similar to that.

 

Confirmed by [ByteRage] from elf.box.sk/byterage/

 

http://alkuds.blogspot.com/