How can I create Terminate and still resident program(TSR)?

I am working in security project I need to create TSR program that resides in memory and still in it,pls help?
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

ambienceConnect With a Mentor Commented:
what OS, windows ?
TSRs are not possible in windows, plus even if its possible to keep a program in memory how are going to hook the interrupts ? (No more DOS, no more real mode!!)

If you can post what exactly you want to achieve by doing that maybe someone can post an alternative or a windows specific way of achieving that.

If you want to hook ordinary Keyboard/Mouse events then you can use windows Hook mechanism. All you need to do is write a simple dll which gets called by the system whenever there is any event of importance to the dll. So in effect a TSR maybe.

please elaborate ..
MohdAsalahAuthor Commented:
Actualy, I want my program to be launched and working as long as machine starting up and does not permit for any user to terminate it else if he have password or some thing like that.
what is your OS?
The new generation of project management tools

With’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

If that is windows ? maybe you need services , if its linux i guess daemons.

what is the intended OS ?
MohdAsalahAuthor Commented:
Windows XP and ME
XP would be simpler than ME since ME is like DOS with a nice GUI.  

In XP you could create a service which is started at system boot.  Only the system admin would be able to stop it.

In ME you can create an app that doesn't display in the task list.  Since there is no system admin, anyone could stop it, but it would take a bit longer.

MohdAsalahAuthor Commented:
For jimbucci: How can I create app without appear in task list or task maneger.

For All: Can I create driver,Is it better than services?
A driver, what for, why would you go for a driver when you can easily get away with writing a service.

A service is just for what you want to do, even if there is no user logged onto the system the service will keep running in the background, it wont appear in the task list , but will appear in task manager, however not just any user can be able to kill or stop it.

A service can also interact with the desktop and display Windows and dialogs when required.

To create a normal app that doesnt appear in the task manager is not possible easily, however applications can be made which do not appear in the task list. There are two ways to do it

!) Create a hidden window and make it parent of your applications main window, doing this removes it from the task list.

!) If the main window has WS_EX_TOOLWINDOW it doesnt appear in the task list.

hope this helps
MohdAsalahAuthor Commented:
Is it possible for services to be abled kill or stop it by specific user I mean not Windows Login user a user that my service can declare for him password.
MohdAsalahAuthor Commented:
Even if I make my program as services then the user can be able to open task manager and kill proccess!!!.
My goal of this question to search for a way  that the user can not kill program.
I don't believe that security on personal computers, especially running any version of Windows, is good enough that you could ever possibly create any application that can't be killed by the user if the user tries hard enough.  Ultimately, the system administrator (at the very least) and any other users with equivalent priveledges on the machine will be able to kill your process in some way no matter how you architect it.

However, if you create a service, that will be as close as you can get to what you want.  At least then, only a system administrator can terminate the service (assuming that the system administrator set up the machine to restrict management of services).  There's a service manager in windows XP.  You should examine it to see a little more about how services work.  Read in the MSDN for info on the architecture of a service, which I assume is a DLL that exposes a certain set of functions and maybe has a different file name, but I don't know for sure because I've never actually written one.

There is really no reason why your application should be harder to kill than that.  Users have a right to control the processes running on their machines.  If your application cannot be terminated under any circumstances, then it has crossed the line from useful application to annoying virus.

Ultimately, what you have described is by definition a service, so you should take advantage of the features provided for services through the windows OS, and write your program as a service.
>> the user can be able to open task manager and kill proccess!!!.

as i said earlier and as ris has mentioned not every user can kill or stop a service, BTW even if you write a driver or something else there is no way to ensure that it always always runs, some uesr with enough rights and enough information can disable your driver.

Only administrators (so to say) have the rights to stop or disable a service, and if the administrator feels like doing so there is supposed to be a good reason behind that except just killing the process.
Dear MohdAsalah

I think you forgot this question. I will ask Community Support to close it unless you finalize it within 7 days. You can always request to keep this question open. But remember, experts can only help you if you provide feedback to their questions.
Unless there is objection or further activity,  I will suggest to accept


comment(s) as an answer.

Force accepted

** Mindphaser - Community Support Moderator **
All Courses

From novice to tech pro — start learning today.