I would like to know how to programmatically hide a file but making the file or folder still hidden with Show hidden files and folders enabled from the Tools->Folder options of Explorer.
I hope I am not confusing anyone and if I might be please just ask.
You want the SetFileAttribute function available by #include'ing Windows.h: http://msdn.microsoft.com/en-us/library/aa365535%28VS.85%29.aspx
In code:
BOOL result = SetFileAttribute(L"c:\path\to\file", FILE_ATTRIBUTE_HIDDEN);
As for keeping a file hidden from the "show hidden files" option, that's much more difficult and I can't think of a legitimate reason to do it - the only programs that do are rootkits for nefarious purposes.
I am pretty sure this is not possible as it would be a security vulnerability (programs could place unknown files on your hard drive that you couldn't see or delete).
Even Windows system files are visible.
Use a file system filter driver. But since you have to ask - just don't do it. Not trying to be rude here, it's just that that is a task that is very hard to get right.
There is NO user mode API to make files hidden from 'show hidden files', and it's a good thing to.
The only way to do this is to get your code to run in the kernel. The rootkit that Sony "accidently" installed on user machines a couple years ago when they were trying to prevent CDs from being rippable could do it. But there is no legitimate use for the ability to hide files from system administrators and power users.
As many have said before, there's no straightforward way to fully 'hide' a file like that.
If you can accept not truly hiding the file but merely obfuscating it, you can always embed it inside a dummy file. Take the file you want to hide, build a container file to hold it, and name that dummy file with a random name. For example, you could place the real file's filename starting at offset 512 of the dummy file and place the file's contents starting at offset 1024, inserting 64 bytes of random data every 1KB. Pad the end with empty space out to the nearest multiple of 4KB, fill the empty space with random bytes, and generate a random sequence of characters to use for a filename. Now, you can "hide" the file while it's still visible in the filesystem.
However, that's merely "security by obscurity" and can be defeated by a clever attacker with a hex editor.
If you're simply trying to make sure a file isn't visible to the casual filesystem browser, you can always compress the file, encrypt it, and randomize the filename. If you need to be able to access/execute the file as-is while it is "hidden", then you're probably (hopefully) out of luck.
Thanks to all replies.
My reasons for wanting to know are as follows: I am facinated by stealth programs like keyloggers on how they do it. So I would like to write an application that can detect these stealth like processes. I know there are other methods used by spyware to hide themselves so this is just a starting point for now.
Hope that answers your questions.
Victor
Thanks nobugz I tried out your suggestions and it works nicely. villintehaspam I would not mind reading up on your suggestions just to get an idea how difficult it might be. Thanks for the replies everyone.
Victor