You have to keep in mind that even if you will hook all these win32k services, user handle table and desktop heap will be visible to all GUI processes, which have mapped these memory regions. So other processes can enumerate a handle table directly from user mode and find your window if you will use specyfic window's captions, classes or if you will allow to get PIDs/TIDs of your windows... If you can use name randomization of window's captions, classe's names and module's names this should help you with "hidding" your app.
I am Jack's NULL pointer (actual e-mail contact.ntinternals_at_gmail.com)
