How to hide a process from TaskManager/Processes?is possible?

How to hide a process from TaskManager/Processes?is possible?
thanks
john lambertAsked:
Who is Participating?
 
David Johnson, CD, MVPConnect With a Mentor OwnerCommented:
you can obfuscate it but not really have it not show
1
 
JohnBusiness Consultant (Owner)Commented:
Not really, because you can always unhide the processes.  Then you can always run Process Explorer (Microsoft SysInternals) and see all.
0
 
Schnell SolutionsSystems Infrastructure EngineerCommented:
Hello.

The list of processes that you get from the system are controlled by the OS kernel. And the list of processes returns specifically the process that are listed at different states. You cannot hide something from that list, the only processes that are not shown are the ones that are not specified if your do not have permissions to list them (like when you see the processes from a normal account, and not an administrative account). Despite of it you cannot.

There are cases of viruses that they try using different names (similar to normal processes) or they run as childs of a parent process. But even these malicious processes they cannot hide at all if they are processes. Unless there is a Kernel modification of the system, that could be something very deep.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
KimputerCommented:
Rootkits have successfully hidden from the Taskmanager (and Windows as a whole, so that includes Antivirus as well). If you program something similar, you'll successfully hide your process. However, I don't want to be you if you are ever caught red handed for distributing these kind of software (see Sony fiasco).
1
 
john lambertAuthor Commented:
giv em a link Kimputer
0
 
KimputerCommented:
Sorry, rootkits are malware. There's no way I will post malware links here. Slightly concerned that you don't mind making illegal software and distributing to your friends/customers/co-workers.
1
 
JohnBusiness Consultant (Owner)Commented:
If the author is trying to create viruses and malware, that is also against the posting rules.

If the question is truly legitimate, you can run, but not hide.
0
 
Schnell SolutionsSystems Infrastructure EngineerCommented:
Hello,

If it is a process, it is shown on the process list of the system. Sometimes malware uses familiar names that we will not look through them. On other occasions they run within an infected different process. But it it is a process it appears there unless the OS kernel has been modified or special 'systems call' is passed to it (controlled by the kernel).

Some cases of malware do not appear as processes, because they are not processes at all, or because they are not running at that moment. They may be activated with different conditions or successes in the system, but not necessarily running at that moment.
1
 
john lambertAuthor Commented:
thank you very much!!!!!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.