Hide process

General Macro Scheduler discussion

Moderators: Dorian (MJT support), JRL

Post Reply
User avatar
PepsiHog
Automation Wizard
Posts: 511
Joined: Wed Apr 08, 2009 4:19 pm
Location: Florida

Hide process

Post by PepsiHog » Thu Feb 03, 2011 1:24 am

I have a nephew who is being naughty. Need I say more.

I wrote a simple macro that writes the window names to a file every so often.
One day I found that someone had terminated it. I know there is software out there, but the cash isn't. :(

So, does anyone know how to, if it is even possible, to hide the program from the task manager? Specificly "Processes". There is the option "Hide when runnng" when you compile, I use that. But it doesn't really hide it completely. Plus I don't think it is really refering to this kind of "HIDE".

All suggestions welcome. If you think of other possibilities, please post.

Thanks. And have a Pepsi on me.
Windows 7

PepsiHog. Yep! I drink LOTS of Pepsi (still..in 2021) AND enjoy programming. (That's my little piece of heaven!)

The immensity of the scope of possibilities within Macro Scheduler pushes the user beyond just macros!

User avatar
JRL
Automation Wizard
Posts: 3497
Joined: Mon Jan 10, 2005 6:22 pm
Location: Iowa

Post by JRL » Thu Feb 03, 2011 5:42 am

I don't know how to hide a process from view in Task Manager. But I have made a process less likely to be messed with by naming the executable svchost.exe.

What you might try is make two separate executables and name both of them svchost. Obviously you will need to keep each of them in separate directories. In each script, have a dialog with a unique name like PepsiIsGreatProgramOne for one and PepsiIsGreatProgramTwo for the other. Make the dialogs transparent so they don't show up. You need the dialogs for detection purposes. If the dialog is missing you will assume that the program behind that dialog is closed. Create a loop in each program that looks for the existance of the dialog from the other program. If PepsiIsGreatProgramOne is not found, program two restarts program one. If PepsiIsGreatProgramTwo is not found, program one restarts program two. Only one of the two programs needs to actually do the chore but both programs need to check for the existance of the other and restart it if it is closed.

Start one of the programs from the Registry. The easiest place to use is
HKLM\Software\Microsoft\Windows\CurrentVersion\Run. Create a key that has the path and file name for one of your svchost executables. If that is set up correctly it will start the other one.

Heres a rough sample for one of the two programs. Hopefully this is enough to convey the concept.

Code: Select all

Dialog>Dialog1
object Dialog1: TForm
  Left = 274
  Top = 150
  HelpContext = 5000
  AlphaBlend = True
  AlphaBlendValue = 0
  BorderIcons = [biSystemMenu]
  Caption = 'PepsiIsGreatProgramOne'
  ClientHeight = 223
  ClientWidth = 439
  Color = clBtnFace
  Font.Charset = DEFAULT_CHARSET
  Font.Color = clWindowText
  Font.Height = -11
  Font.Name = 'MS Sans Serif'
  Font.Style = []
  OldCreateOrder = True
  ShowHint = True
  OnTaskBar = False
  PixelsPerInch = 96
  TextHeight = 13
end
EndDialog>Dialog1

//If the dialog somehow gets closed the program will end.
//The other program should start it back up again.
AddDialogHandler>Dialog1,,OnClose,Quit

Show>Dialog1

Label>Loop
  Wait>0.01
  IfWindowOpen>PepsiIsGreatProgramTwo
  Else
    Let>RP_Wait=0
    RunProgram>C:\path\svchost.exe
  EndIf
Goto>Loop

SRT>Quit
  Exit>0
END>Quit

User avatar
PepsiHog
Automation Wizard
Posts: 511
Joined: Wed Apr 08, 2009 4:19 pm
Location: Florida

Hide

Post by PepsiHog » Thu Feb 03, 2011 1:23 pm

Great minds think alike. Actually years ago, my friend and I came up with a concept for an unstoppable virus called The Three Musketeers. It would place itself in three dif spots in mem and if one was wiped the other would retore it.
I was working on that concept (Tom,Dick,Henry) for this, but the communication between them was messing me up.

But I didn't concider the Dialog idea. Pretty clever. I wasn't using dialogs because it was suppose to be "hidden". Never thought to HIDE the dialog.
Seems Tom,Dick, and Henry may still have a future.

Thanks. And I'm glad you like Pepsi, too. LOL :)

hmmm.........maybe I shouldn't give any ideas. But my skill level is CLEARLY not high enough to write such a thing.(not even close)
Last edited by PepsiHog on Fri Feb 04, 2011 2:06 am, edited 4 times in total.
Windows 7

PepsiHog. Yep! I drink LOTS of Pepsi (still..in 2021) AND enjoy programming. (That's my little piece of heaven!)

The immensity of the scope of possibilities within Macro Scheduler pushes the user beyond just macros!

armsys
Automation Wizard
Posts: 1108
Joined: Wed Dec 04, 2002 10:28 am
Location: Hong Kong

Post by armsys » Thu Feb 03, 2011 2:39 pm

Why is svchost.exe named for the MS script? Will it confuse Windows' svchost.exe?

User avatar
PepsiHog
Automation Wizard
Posts: 511
Joined: Wed Apr 08, 2009 4:19 pm
Location: Florida

Post by PepsiHog » Thu Feb 03, 2011 3:09 pm

Why is svchost.exe named for the MS script? Will it confuse Windows' svchost.exe?
No. It has nothing to do with svchost.exe. It does not interfere with the actual program. It simply has the name. Windows doesn't care what the name is.
Windows 7

PepsiHog. Yep! I drink LOTS of Pepsi (still..in 2021) AND enjoy programming. (That's my little piece of heaven!)

The immensity of the scope of possibilities within Macro Scheduler pushes the user beyond just macros!

newuser
Pro Scripter
Posts: 64
Joined: Tue Jun 11, 2013 4:53 pm

Post by newuser » Mon Jun 24, 2013 1:51 pm

Now its 2013, renaming the exe file as svchost.exe, and run it no longer work as a disguise, I try that method last year. It work for half a year before, everyone just kill all svchost process. At that time, I was like what! :shock: (the security have been defeated).

Searching for an alternative solution on the internet, the only useful result I got is run the process as a driver, I dont have that kind of programming language knowledge so I give up.

Post Reply
Sign up to our newsletter for free automation tips, tricks & discounts