What registry keys need to be modified to enable global API hooks for process hiding?

You need to set the `AppInit_DLLs` key under `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows` with the full path to your hook DLL. Also set `LoadAppInit_DLLs` to 1 (enable) and `RequireSignedAppInit_DLLs` to 0 (allow unsigned DLLs). The DLL path must not contain spaces. As noted in Using global API hooks to hide processes on Windows 7 systems, these changes take immediate effect.