View Single Post
Old 01-24-2005, 19:50
Posts: n/a
Not sure about hiding but easiest way to inject DLL into all processes under NT is via AppInit_DLLs registry entry.

The AppInit_DLLs value is found in the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows

All of the DLLs specified in this value are loaded by each Windows-based application running within the current logon session.
Reply With Quote