You would need to write a kernel mode rootkit to intercept calls to
NtQuerySystemInformation so that the SystemProcessInformation info
class fails to list your hidden process. And it won't work in X64.
Best regards.
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.