Menu
I have a requirement to hide a process in Task Manager. It is for Intranet scenario. So, everything is legitimate. :)
Please feel free to share any code you have (preferably in C#) or any other techniques or any issues in going with this route.
Update1: Most of the users have admin privileges in order to run some legacy apps. So, one of the suggestion was to hide it in task manager. If there are other approaches to prevent users from killing the process, that would be great.
Update2: Removing the reference to rootkit. Somehow made this post look negative.
940
You can not do that. You can rename the EXE file so that no one can know what the process is.
You should not end Windows Explorer application in Task Manager. Explorer.exe handles many GUI tasks on your computer. If you end it, it will close all File Explorer windows you opened and make the computer Start menu, Taskbar, System Tray unusable.
The only way to make a process unkillable is to implement it as a kernel thread, which is not something trivial. You can still kill it but that would be an OS shutdown collateral damage. You might also develop a custom kernel module that would set the SIGNAL_UNKILLABLE flag to your process.
Don't try to stop it from being killed - you're not going to manage it. Instead, make it regularly call home to a webservice. When the webservice notices a client "going silent" it can ping the machine to see if it's just a reboot issue, and send an email to a manager (or whoever) to discipline whoever has killed the process.
125
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
