Hey, Im trying to hook specific explorer.exe function to hide specific folder / files. I digged little bit and found that I want to hook to NtQueryDirectoryFile (good?), but:
I have problems with some arguments (PIO_APC_ROUTINE etc.) what requires wdm.h.
After including and compiling I got little bit (huh) of errors (in this wdm.h file).
Is it good way to do it?
Of course I dont want to do any malware content. I need it to hide some stuff from screen-share.
if you just want to hide from screen share you are working way, way too hard.
you can just hide it, and toggle show hidden when you need to see it, the standard -h flag on all files and folders.
you can also rename it to something dull, like work_documents
you can also just move it somewhere that they can't see it, and navigate there to access it.
with icon shenanigans you can make a folder look like a shortcut to a program, or v.v.
most screen share tools also allow you to limit what they can see eg share by program window not by full desktop.
you can also wrap things, like make a little batch program that launches something else if clicked on at random but does the right thing if you call it with a command line arg or drop a specific file onto it.