How can I create Terminate and still resident program(TSR)?

Posted on 2002-07-22
Last Modified: 2011-09-20
I am working in security project I need to create TSR program that resides in memory and still in it,pls help?
Question by:MohdAsalah
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
  • +3
LVL 22

Accepted Solution

ambience earned 100 total points
ID: 7168978
what OS, windows ?
TSRs are not possible in windows, plus even if its possible to keep a program in memory how are going to hook the interrupts ? (No more DOS, no more real mode!!)

If you can post what exactly you want to achieve by doing that maybe someone can post an alternative or a windows specific way of achieving that.

If you want to hook ordinary Keyboard/Mouse events then you can use windows Hook mechanism. All you need to do is write a simple dll which gets called by the system whenever there is any event of importance to the dll. So in effect a TSR maybe.

please elaborate ..

Author Comment

ID: 7168996
Actualy, I want my program to be launched and working as long as machine starting up and does not permit for any user to terminate it else if he have password or some thing like that.

Expert Comment

ID: 7169017
what is your OS?
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 22

Expert Comment

ID: 7169035
If that is windows ? maybe you need services , if its linux i guess daemons.

what is the intended OS ?

Author Comment

ID: 7169089
Windows XP and ME

Expert Comment

ID: 7169107
XP would be simpler than ME since ME is like DOS with a nice GUI.  

In XP you could create a service which is started at system boot.  Only the system admin would be able to stop it.

In ME you can create an app that doesn't display in the task list.  Since there is no system admin, anyone could stop it, but it would take a bit longer.


Author Comment

ID: 7169153
For jimbucci: How can I create app without appear in task list or task maneger.

For All: Can I create driver,Is it better than services?
LVL 22

Expert Comment

ID: 7170931
A driver, what for, why would you go for a driver when you can easily get away with writing a service.

A service is just for what you want to do, even if there is no user logged onto the system the service will keep running in the background, it wont appear in the task list , but will appear in task manager, however not just any user can be able to kill or stop it.

A service can also interact with the desktop and display Windows and dialogs when required.

To create a normal app that doesnt appear in the task manager is not possible easily, however applications can be made which do not appear in the task list. There are two ways to do it

!) Create a hidden window and make it parent of your applications main window, doing this removes it from the task list.

!) If the main window has WS_EX_TOOLWINDOW it doesnt appear in the task list.

hope this helps

Author Comment

ID: 7174412
Is it possible for services to be abled kill or stop it by specific user I mean not Windows Login user a user that my service can declare for him password.

Author Comment

ID: 7174457
Even if I make my program as services then the user can be able to open task manager and kill proccess!!!.
My goal of this question to search for a way  that the user can not kill program.

Expert Comment

ID: 7174880
I don't believe that security on personal computers, especially running any version of Windows, is good enough that you could ever possibly create any application that can't be killed by the user if the user tries hard enough.  Ultimately, the system administrator (at the very least) and any other users with equivalent priveledges on the machine will be able to kill your process in some way no matter how you architect it.

However, if you create a service, that will be as close as you can get to what you want.  At least then, only a system administrator can terminate the service (assuming that the system administrator set up the machine to restrict management of services).  There's a service manager in windows XP.  You should examine it to see a little more about how services work.  Read in the MSDN for info on the architecture of a service, which I assume is a DLL that exposes a certain set of functions and maybe has a different file name, but I don't know for sure because I've never actually written one.

There is really no reason why your application should be harder to kill than that.  Users have a right to control the processes running on their machines.  If your application cannot be terminated under any circumstances, then it has crossed the line from useful application to annoying virus.

Ultimately, what you have described is by definition a service, so you should take advantage of the features provided for services through the windows OS, and write your program as a service.
LVL 22

Expert Comment

ID: 7176231
>> the user can be able to open task manager and kill proccess!!!.

as i said earlier and as ris has mentioned not every user can kill or stop a service, BTW even if you write a driver or something else there is no way to ensure that it always always runs, some uesr with enough rights and enough information can disable your driver.

Only administrators (so to say) have the rights to stop or disable a service, and if the administrator feels like doing so there is supposed to be a good reason behind that except just killing the process.
LVL 11

Expert Comment

ID: 7378386
Dear MohdAsalah

I think you forgot this question. I will ask Community Support to close it unless you finalize it within 7 days. You can always request to keep this question open. But remember, experts can only help you if you provide feedback to their questions.
Unless there is objection or further activity,  I will suggest to accept


comment(s) as an answer.


Expert Comment

ID: 7420009
Force accepted

** Mindphaser - Community Support Moderator **

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: SunnyDark
This article's goal is to present you with an easy to use XML wrapper for C++ and also present some interesting techniques that you might use with MS C++. The reason I built this class is to ease the pain of using XML files with C++, since there is…
This article shows you how to optimize memory allocations in C++ using placement new. Applicable especially to usecases dealing with creation of large number of objects. A brief on problem: Lets take example problem for simplicity: - I have a G…
The viewer will learn how to user default arguments when defining functions. This method of defining functions will be contrasted with the non-default-argument of defining functions.
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question