Description: This document is in the Windows NT operating system hidden objects, documents, services, process technology. This method is based on the Windows API function link. This article describes techniques are, I wrote rootkit from the results of research, so it was rootkit more effective and more simple. Here, too, including my practice. In this document hidden object means certain changes to these objects naming system functions so that they will ignore these objects by name. So we change those functions return values, said these objects simply do not exist. The most basic method (excluding a few different) is that we should call the original parameters of the original function, and then we change their output. In this article will describe the hidden files, processes, registry keys, and keys, s
- [hideme] - Rootkit, to hide the process from the sy
- [pyos1src] - a Chinese own operating system, but succ
- [netcatch] - network packets and an interception on t
- [cfsd] - windows using minifilter drive technolog
- [hookntcontinue] - ring0- hook NtContinue+ source_codering0
- [VirtualDeviceDevelopment] - Virtual device driver development start
- [P2P] - err
File list (Check if you may need any files):
Download