john lambert
asked on
How to hide a process from TaskManager/Processes?is possible?
How to hide a process from TaskManager/Processes?is possible?
thanks
thanks
John
Not really, because you can always unhide the processes. Then you can always run Process Explorer (Microsoft SysInternals) and see all.
Hello.
The list of processes that you get from the system are controlled by the OS kernel. And the list of processes returns specifically the process that are listed at different states. You cannot hide something from that list, the only processes that are not shown are the ones that are not specified if your do not have permissions to list them (like when you see the processes from a normal account, and not an administrative account). Despite of it you cannot.
There are cases of viruses that they try using different names (similar to normal processes) or they run as childs of a parent process. But even these malicious processes they cannot hide at all if they are processes. Unless there is a Kernel modification of the system, that could be something very deep.
The list of processes that you get from the system are controlled by the OS kernel. And the list of processes returns specifically the process that are listed at different states. You cannot hide something from that list, the only processes that are not shown are the ones that are not specified if your do not have permissions to list them (like when you see the processes from a normal account, and not an administrative account). Despite of it you cannot.
There are cases of viruses that they try using different names (similar to normal processes) or they run as childs of a parent process. But even these malicious processes they cannot hide at all if they are processes. Unless there is a Kernel modification of the system, that could be something very deep.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Rootkits have successfully hidden from the Taskmanager (and Windows as a whole, so that includes Antivirus as well). If you program something similar, you'll successfully hide your process. However, I don't want to be you if you are ever caught red handed for distributing these kind of software (see Sony fiasco).
ASKER
giv em a link Kimputer
Sorry, rootkits are malware. There's no way I will post malware links here. Slightly concerned that you don't mind making illegal software and distributing to your friends/customers/co-worke
If the author is trying to create viruses and malware, that is also against the posting rules.
If the question is truly legitimate, you can run, but not hide.
If the question is truly legitimate, you can run, but not hide.
Hello,
If it is a process, it is shown on the process list of the system. Sometimes malware uses familiar names that we will not look through them. On other occasions they run within an infected different process. But it it is a process it appears there unless the OS kernel has been modified or special 'systems call' is passed to it (controlled by the kernel).
Some cases of malware do not appear as processes, because they are not processes at all, or because they are not running at that moment. They may be activated with different conditions or successes in the system, but not necessarily running at that moment.
If it is a process, it is shown on the process list of the system. Sometimes malware uses familiar names that we will not look through them. On other occasions they run within an infected different process. But it it is a process it appears there unless the OS kernel has been modified or special 'systems call' is passed to it (controlled by the kernel).
Some cases of malware do not appear as processes, because they are not processes at all, or because they are not running at that moment. They may be activated with different conditions or successes in the system, but not necessarily running at that moment.
ASKER
thank you very much!!!!!!