What is the global API hook method for hiding processes on Windows 7 and how does it work?

The global API hook method uses the AppInit_DLLs registry mechanism to inject a custom DLL into every process that loads user32.dll. This DLL hooks API functions like EnumProcesses to hide a specified process from tools like Task Manager and Process Explorer. Unlike the kd.exe method described in Using global API hooks to hide processes on Windows 7 systems, this technique takes effect immediately without needing a system restart.