This Article Explains how to hide a registry string from regedit by hooking
RegEnumValueW API, In this article there is a Function that hooks APIs
HookAPICalls. I am not the author of that function - I got it from some
website whose name I forget.
Thanks to the author of that function. The function that replaces the
RegEnumValueW is given below
LONG MyRegEnumValue(HKEY hKey,
RegEnumValueWtype oldfn=(RegEnumValueWtype)RegDLL_Hooks.Functions .OrigFn;
This function simply checks the string "hirosh" from the lpValueName and if found
it will return a 1. That means the the function has not completed successfully,
so regedit will not display any string that contains the word "hirosh".
API hooking is a powerful tool. To use this we can also hide files, processed from
OS. However, I don't know which APIs must be hooked to achieve this. If anybody knows this
please help me.
I check this program on Windows XP. regedit is OK but when I take
msconfig it displays an error. I don't know what is the problem so if anybody knows this
please help me. I am not experienced in API hooking so I am just experiment with this.