#1
|
|||
|
|||
Hiding processes using FROST (64bit)
Just thought I'd post this, in case it hadn't been posted before.
Using an gaming anti-cheat application called FROST, it is possible to hide arbitrary processes on a 64bit system, using their signed 64bit driver. I'm not sure if the drivers certificate has been revoked or not, but it worked a few months ago... Here's the original forum post: http://translate.google.com/translate?sl=auto&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&u=http%3A%2F%2Fexelab.ru%2Ff%2Findex.php%3Faction%3Dvthread%26forum%3D1%26topic%3D20263&act=url The drivers can be downloaded from: http://www.sendspace.com/file/cgkw53 Sorry if this has been posted before - delete if it has been. |
#5
|
|||
|
|||
Quote:
|---frost_32.sys |---frost_64.sys |---hidden_run.exe - about `---hidden_run_src |
The Following 2 Users Gave Reputation+1 to BAHEK For This Useful Post: | ||
Av0id (02-17-2014) |
The Following User Says Thank You to BAHEK For This Useful Post: | ||
Indigo (07-19-2019) |
#6
|
|||
|
|||
Doesn't work on Windows 7 x64 as well, does it?
__________________
http://youtu.be/H0QfVDebLFg |
The Following User Gave Reputation+1 to The Old Pirate For This Useful Post: | ||
The Following User Says Thank You to The Old Pirate For This Useful Post: | ||
Indigo (07-19-2019) |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
How to inject my dll into all user processes [Win]? | bearek | General Discussion | 17 | 03-08-2005 02:12 |
LordPE limited to 60 processes? | tbone | General Discussion | 0 | 07-01-2004 06:35 |
IDA debugging sub processes | Bram Kate | General Discussion | 2 | 05-03-2004 18:28 |