Hide processes from Task Manager by manipulating Windows UI

preview_player
Показать описание
Manipulating Windows GUI elements is not a new thing. Although not so popular, this technique was known to malware writers for years. In this video we understand how it works under the hood, with very practical examples. All the source code for this proof-of-concept is freely available on our GitHub:

Feedback is highly appreciated.

Thank you!

Topics covered:
- How to discover windows elements using WinSpy++
- What is UIPI (User Interface Privilege Escalation) and how it works
- How to read and write memory from another process
- How to disable or delete GUI menus
- How to simulate mouse clicks on GUI elements from a different window
- How to hide processes and services from Task Manager

---------------------------------------------------------------------------------------------------

If you liked this video and you want to learn hands-on how to analyse malware, with real samples and practical exercises, find us on Udemy :

---------------------------------------------------------------------------------------------------

Want to support us continue to make great content? Buy us a coffee :

Thank you 🙏
  1. Reversing Hub
  2. Reverse Engineering
  3. Windows
  4. Rootkit
  5. Hide processes
Рекомендации по теме
Hiding process/programs from 0:01:06

Hiding process/programs from Windows Task Manager

Hide Processes from 0:03:03

Hide Processes from Task Manager

Windows API Hooking 0:29:45

Windows API Hooking - Hide Process from Task Manager tutorial

Hide Processes from 0:00:50

Hide Processes from Task Manager with S12URootkit

Hide Process from 0:05:34

Hide Process from Task Manager [NEW VIDEO IN DESCRIPTION]

HIde in process 0:01:05

HIde in process in task manager ( source code )

Hide process for 0:01:47

Hide process for windows taskmanager

Hide process through 0:00:11

Hide process through NtQuerySystemInformation Hooking

Task Manager Process 0:00:54

Task Manager Process Hider | Spoofer 2024

Hide programs from 0:14:07

Hide programs from Task Manager, Process Hacker and everything else!

STORMENTV - HIDE 0:06:22

STORMENTV - HIDE PROGRAMS FROM TASK MANAGER?!?

How to Hide 0:01:03

How to Hide Explorer Process

[DKOM] Process Hide 0:00:44

[DKOM] Process Hide Detector

C# : How 0:01:12

C# : How do I hide a process in Task Manager in C#?

Demo: x64 Windows 0:00:31

Demo: x64 Windows Rootkit - hiding a process

Hide any process 0:11:53

Hide any process from Task Manager - Rust NtQuerySystemInformation

Hiding process memory 0:07:06

Hiding process memory (D3FC0N/RTV)

Hide from Process 0:01:37

Hide from Process CPP { ClassName }

Hide Process in 0:01:46

Hide Process in windows 7 x64 Without Rootkit

Process Stealth (Process 0:05:48

Process Stealth (Process Hide)

JHHP [hide any 0:00:40

JHHP [hide any process]

Redesigned Windows 11 0:00:27

Redesigned Windows 11 Task Manager! #shorts

Hide processes from 0:17:17

Hide processes from Task Manager by manipulating Windows UI

Hide Process By 0:05:42

Hide Process By Rootkit

Комментарии
Автор

Hello @ReversingHub how can I open the project? If I open the folder by using VS, I get a toolbar without the Build option. If I try to open the project, VS doesn't do it because there isn't an sln file.
Thank you in advance.

gennaroarguzzi
Автор

Hi. I tried this method, but I found out that this method does not conceal process from Application Tab or Users Tab. How can I remove task from named tabs with this method or other
UI manipulation?

ОлександрДубиняк-ед
Автор

so i`m not a programmer and i don`t know how to make it i found a driver name hide driver exchange utility and i use it but it work only in windows system 32bit
so can this hide in windows 64bit ? and how easly can i use it ?
i don`t know about githup or MVS

mahmoudwaleed
Автор

very very thank..
I'am long time search this video

ASDDSA-nuqj
Автор

Frédéric Durand
hi I'm a beginner and I do not fully understand some points . Once I've hidden a proccessus, how do I find it afterwards? with inhide? or restarting the pc? Personally I'd like to hide all the Oracle VM virtualbox under w10 .

probleme with projet error The object reference is not set to an instance of an object . I think it's normal because my pid taskmgr.exe is 7632 and I've noticed that the task path is in access denied in process explorer . and my biggest problem is that I do not like you the shorcuts debug x64 to create but managed to create shortcuts . Ino longer know how I got the message error The object reference is not set to an instance of an object. another question your script applies to all pc w10 x 64 without changing the taskmanager pid? Thanks for helping me thanx for help

fredericdurand
Автор

I copied your exact code from GITHUB and followed ran it through CMD however returned error get handle to the window menu also some of code has green underlines like its not written correctly how can I fix this is there a setting I'm missing I set it up as a console project and in properties set to use uni code character set is that correct any other property setting I should change?

andrereid
Автор

i tried to hide some app but there's an error "Get Handle to update submenu"

martincasino
Автор

Sorry, but what it is the benefit if paused task manger from refreshing !!! I need to hide some process from tasklist command !!!! so no sense for this video in the wild

iskandertrabelsi
Автор

Can the file be altered so that instead of typing hideProc.exe calc.exe, you just run the hideProc.exe with the file you want to hide hard coded into the .cpp file. So that when you run hideProc.exe, it will always hide calc.exe with out telling it so?

brandongonzalez
Автор

is there anyway i can hide that im connected to a built in windows 10 vpn?

N-sf
Автор

Someone hacked my laptop how can I locate the hidden PID number location??? -Thanks

easymoneyscalper
Автор

Can i have file exe? Because i install visual studio but i cannot build, option tool nothing

-biem