Exetools

Exetools (https://forum.exetools.com/index.php)
-   x64 OS (https://forum.exetools.com/forumdisplay.php?f=44)
-   -   Hiding a process (https://forum.exetools.com/showthread.php?t=14848)

securedsolutions 03-03-2013 06:40

Hiding a process
 
Is there a reliable way to hide a process in x64 without having to reboot, or to switch off Patch Guard?

uel888 03-03-2013 12:42

http://forum.exetools.com/showthread.php?t=12838

securedsolutions 03-04-2013 02:22

Problem
 
Quote:

Originally Posted by uel888 (Post 83064)
http://forum.exetools.com/showthread.php?t=12838

This article requires disabling PG first.

athapa 08-15-2013 09:02

Seems like easyhook works with 64bit! That may help.

https://easyhook.codeplex.com/

Fyyre 08-25-2013 11:13

Quote:

Originally Posted by securedsolutions (Post 83058)
Is there a reliable way to hide a process in x64 without having to reboot, or to switch off Patch Guard?

No, there is not.

I would suggest moving away from kernel mode all together, and focus on usermode to accomplish what you need done.

deroko 08-29-2013 17:59

Well, just remove process from ActiveProcessLink, of course, if you have signed driver.


All times are GMT +8. The time now is 17:55.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX