3

Possible Duplicate:
Hide a C# program from the task manager?

I need to create an enterprise level activity monitor process in which the user should not be able to kill using the Task Manager or some other method. Perhaps it should be a hidden process. Is this possible? Are there any workarounds? I prefer to use C# then C++ (with the Visual C++ compiler).

Thanks SO

Community
  • 1
  • 1
Raj
  • 3,890
  • 7
  • 52
  • 80
  • 4
    What if a virus or spyware makes itself not to kill? – Javed Akram Feb 07 '11 at 05:37
  • 5
    Run it as a service for which the user does not have permission to terminate, rather than trying to hide it. However, any user with physical access to the machine, enough time on their hands, and a tiny bit of knowledge can bypass anything you attempt. "VC++" is not a programming language. – Fred Nurk Feb 07 '11 at 05:39
  • Fred: What do you call the dialect of C++ that is compiled by Visual C++? I'd call it "VC++". – Gabe Feb 07 '11 at 06:04
  • 1
    @Gabe: I just call it C++. I say "Visual C++" only for referring to the compiler that implements the language. – In silico Feb 07 '11 at 13:06
  • @RAJ K: You don't need to hide the process. Implement a group policy that prevents the users from killing it, but allows administrators to control it when needed. – In silico Feb 07 '11 at 13:13
  • I cannot let my pc user even user having admin right to kill that. Its not possible, just for security reason. – Raj Feb 07 '11 at 13:23
  • 2
    @RAJ K: Then don't give your users administrator rights! The administrator has to have total control over the machine *by definition*. – In silico Feb 07 '11 at 13:28
  • what happens when an immovable object meets an unstoppable force? – tenfour Feb 07 '11 at 13:41
  • 3
    Why, exactly, do you think that your users are going to be shutting down your application using Task Manager? If it's doing something *useful* for them, they'll keep it running. If not, they *should* be able to close it. You didn't do a good enough job; go hang your head in shame. This is *not* acceptable behavior for any legitimate application, and I'm not in the habit of encouraging malware. – Cody Gray - on strike Feb 07 '11 at 14:45

2 Answers2

6

Related:

Hide a C# program from the task manager?

https://stackoverflow.com/questions/759466/is-it-possible-to-hide-console-c-application-from-task-manager

Short answer is: no, you can't (legally) hide it from Task manager, unless you wrap it with a Windows service. There are various ways of preventing your application from closing.

Community
  • 1
  • 1
Cᴏʀʏ
  • 105,112
  • 20
  • 162
  • 194
  • 2
    Remember that as of Windows Vista and later, Windows Services cannot have any type of user interface, including showing a message box. People take security seriously now, all except for the OP. – Cody Gray - on strike Feb 07 '11 at 14:43
3

On the topic of "how do i prevent users from doing X", the answer is security. If you want users to have full access to their machines, then you can't restrict them. If you want to restrict users, then change your security policy accordingly.

"But then my employees won't like the idea that we don't trust them with full admin rights" - well, honestly, you don't trust them; that's why you are implementing this. You don't want employees tricking you, and they should expect the same of you.

In addition to what others say, One more simple solution is to just create two processes - one REAL process, and one "sentinel". Basically, every 100ms or so, just do a quick check to see that the other process is alive and healthy, and if it's not, launch it. It's easy to get around this (by using kill.exe for example), but so is every other solution considering your users are full administrators.

The legitimate solution to really prevent them from killing your app is to restrict access via typical Windows security -- restrict user access to the process. Not by cheap hiding and obfuscation.

tenfour
  • 36,141
  • 15
  • 83
  • 142