Compile with TASM & PEWRSEC.
.386p
extrn ExitProcess:PROC;
MB_ICONASTERISK equ 40h
;----------------------------------------------------------------------------;
start:
call GetCurrentProcessId ;get the current process's ID
push 1 ;1 = Register as SystemService
push 10h ;
Push 0
vistitle db "You'll see this title",0h
hiddentitle db "But you won't see this",0h
_CODE ends
;----------------------------------------------------------------------------;
end start
.model flat
locals
jumps
extrn GetCurrentProcessId:PROC;
extrn RegisterServiceProcess:PROC;
extrn MessageBoxA:PROC;
_CODE segment dword use32 public 'CODE'
push MB_ICONASTERISK ;
push offset vistitle ;Tell the user we are visible
push offset vismsg ;
push 0h ;
call MessageBoxA ;
push eax ;process ID
call RegisterServiceProcess ;...
push offset hiddentitle ;And tell we are hidden (from
push offset hiddenmsg ;ctrlAltDel, you can still see
push 0h ;us with some utils)
call MessageBoxA ;
Call ExitProcess
vismsg db "...when you press ctrl+alt+del...",0h
hiddenmsg db "...try it!",0h
;----------------------------------------------------------------------------;
_DATA segment dword use32 public 'DATA'
fill db ?
_DATA ends
;----------------------------------------------------------------------------;
end