[AutoIt]Process-Hiding Tool

Nun, ich hatte Langeweile... Außerdem weiß ich nicht, wo ichs reinstellen soll, deswegen einfach mal hier.

Hier mal ein kleines Tool, das einfach nur einen Prozess versteckt. Dabei habe ich dann noch ein paar kleine Funktionen rein gebaut. Dabei handelt es sich um folgendes:

• Im Kontextmenü lässt sich die Option "Run and Hide..." auswählen. Wenn man diese Option anklickt, wird dieser Prozess gestartet und automatisch danach sofort versteckt, sodass ihn kein Prozess Explorer oder der TaskManager sehen kann. Natürlich lassen sich dadurch auch manche Anti-Hack-Programme umgehen. Sieht im folgenden dann etwa so aus: (mein Menü ist etwas überfüllt...)
• [Only registered and activated users can see links. Click Here To Register...]
• Außerdem bekommt man automatisch ein Programm, indem man einen bereits gestarteten Prozess verstecken kann. Dazu kann man entweder den Prozessnamen verwenden, die P-ID oder auch den Fensternamen. GUI sieht so aus:
• [Only registered and activated users can see links. Click Here To Register...]

Das ganze funktioniert mit einem Rootkit, wobei es sich um dieses handelt: [Only registered and activated users can see links. Click Here To Register...]. Davon werden die "fu.exe" und "msdirectx.sys" in das Windowsverzeichnis kopiert, sowie meine .exe.

Da ich leider keine Ahnung habe, was dieses Programm GENAU macht, musste ich es in meinen Installer mit einbauen, welcher dem entsprechend als Virus angezeigt wird (Rootkit/Trojaner). Ich beteuere hiermit, dass es sich bei den Funden in dieser Datei NICHT um einen Trojaner handelt. Ein Rootkit ist es natürlich trotzdem, aber das ist ja hier nicht negativ.

Dennoch gilt: Benutzung auf eigene Gefahr!

Dieses Rootkit funktioniert NICHT auf Windows Vista oder 7, weil der Treiber damit nicht kompatibel ist!

[Only registered and activated users can see links. Click Here To Register...]

All rites Reveersed...

funktioniert perfekt.
danke!

Würd ich nicht unbedingt nehmen, nix gegen dein tool aber ein treiber würde ich mir dafür nicht aufs system haun :>

Quote:

msdirectx.sys This is an undesirable program. This file has been identified as a program that is undesirable to have running on your computer. This consists of programs that are misleading, harmful, or undesirable. If the description states that it is a piece of malware, you should immediately run an antivirus and antispyware program. If that does not help, feel free to ask us for assistance in the forums.

Der Treiber gehört zum Rootkit. Ist eher eine Art GUI für das FU Rootkit.

Ich sage dann hier mal, dass ich das gesammte rootkit von Adroxxx habe.

Wer mir also nicht glaubt, der tuts dann vielleicht ihm.

I get BSOD each time I click hide process.
And no I'm not running on Vista,but FU Rootkit works just fine to me.

Quote:

Originally Posted by PunkS7yle I get BSOD each time I click hide process. And no I'm not running on Vista,but FU Rootkit works just fine to me.

Hm, sounds strange to me. Maybe vista is built on an other way than windows, so I can't write into the registry or maybe there is something different with the WindowsDir...

Hello,
My problem is how to put the hide process windows 7 "breaks" and gets a blue screen that restarts the system, I tried to start it in administrator mode, I have also tried to change it the competibilitat (Win XP SP2 , SP3, Win Vista .)... And Hiding tool does not work because I click "run and hide" and not start anything, I also tested to open the program "HideProcess "and click on the process list (copy and paste it into the text box) but it does nothing ... I do not know what to do, I just want to work in UCE KIKI and trainer

THANKS ( sorry my english because I'm spanish)

Quote:

Originally Posted by acm-18 Hello, My problem is how to put the hide process windows 7 "breaks" and gets a blue screen that restarts the system, I tried to start it in administrator mode, I have also tried to change it the competibilitat (Win XP SP2 , SP3, Win Vista .)... And Hiding tool does not work because I click "run and hide" and not start anything, I also tested to open the program "HideProcess "and click on the process list (copy and paste it into the text box) but it does nothing ... I do not know what to do, I just want to work in UCE KIKI and trainer THANKS ( sorry my english because I'm spanish)

^this with vista and 7
i dont know why

But If you use XP, the bypass does not work, and S4 Trainer by FichteFoll V_1.0 * Patch 12 will not work ever!

What I do by hiding the process if I use it Win7?

hello, i am really thankful for all the work you have done but i am stumped.
i have tried the FU root kit and this and neither work. i am running windows vista 64x home premium and i am wondering why neither work. its like the root kits disabled every time i run it. is there any advice you could give me on this. it might be my anti virus because i am using avg full but i disabled it when trying fu root kit and it still didn't work.
i have also read that uac built into vista blocks root kits, could that be a possible reason for the problems i am having?
any help would be greatly appreciated. ^_^

Yes it CAN be detected as virus. So just ignore this popup.

Did you start that as administrator? Maybe the programm doesn't have permissions to hide these processes. Btw this does not work for Vista...

i wie will der bei mir nich funktionieren habs ma mit perx ausprobiert das zu verstecken und naja verschwindet nich ausm taskmanager ...


edit
hab vista

yeah i ran it as admin. but i think either vista or my antivirus blocks the fu.exe and the dll as they are executed. shrug
Edit:
i have tried disableing uac and my antivirus restarting and running this but it still doesn't work. its like as soon as i download or run this or anything with the rootkit fu.exe, my pc disables it for good. is there any other way to hide processes? i will keep looking into it because i am interested in using a ce but i can't get any to work.

Hey FighteFoll,

I luv what you guys are doing and your forum has been very very usefull to me, but right now with the root kit thing, I don't know what to do. I got all the files from the FU, btu what am I suppose to do with them? Please help me, thank you!!!