Making my application invisible on the task manager

Hi,

NT, 9x? It's possible on both platforms but it's quite tricky (and not easy!) on NT platform. On 9x you simply define your application as an service.

Regards,
Markus

For win200-XP you can download C sources here:

http://www.codeproject.com/useritems/preventclose.asp

How do i define my application as a service ?  Don´t you have sources for Delphi ?

Hi,

Try sth. like this:

// ...

function RegisterServiceProcess(dwProcessID, dwType: DWord): DWord; external 'KERNEL32.DLL';

var
  Form1: TForm1;

implementation

{$R *.DFM}

procedure TForm1.Button1Click(Sender: TObject);
// hides application from task manager (9x only)
begin
  RegisterServiceProcess(0, 1);
end;

procedure TForm1.Button2Click(Sender: TObject);
// shows application in task manager
begin
  RegisterServiceProcess(0, 0);
end;

Markus

You could do this, this will hide the program, it will be invisible, you wouldn't even know it had been opened.

but it will not hide the display of the exe from a windows xp Processes Tab.

besides that, this way should be the best.


uses
  Forms,
  Unit1 in 'Unit1.pas' {Form1};

{$R *.res}

begin
  Application.Initialize;
  Application.ShowMainForm:=False;
  Application.CreateForm(TForm1, Form1);
  Application.Run;
end.

You said that there are other things that can be done to prevent the application from being closed, can you tell me please.
  Thanx

Also posted how to hide it from the task manager but only in Win9x. Does anyone know how to it in Windows 200,XP. Thanx Guys

use this, on the form click on events and then go down to OnCloseQuery and you will see FormCloseQuery listed there and thats it they won't be able to close it :)

unit Unit1;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs;

type
  TForm1 = class(TForm)
    procedure FormCloseQuery(Sender: TObject; var CanClose: Boolean);
  private
    { Private declarations }
  public
    { Public declarations }
  end;

var
  Form1: TForm1;

implementation

{$R *.dfm}

procedure TForm1.FormCloseQuery(Sender: TObject; var CanClose: Boolean);

begin
  if MessageDlg('Close the form?', mtConfirmation,
    [mbOk, mbCancel], 0) = mrCancel then
     CanClose := False;
end;
end.




==============================
if you don't want it being closed then do this pu this in.

procedure TForm1.FormCloseQuery(Sender: TObject; var CanClose: Boolean);

begin
     CanClose := False;
end;

you wont be able to close the program now.

You can catch the applications shutdown message through using a FormClose event and then setting CanClose to FALSE i.e.
//--------------------------------------------------------------------

procedure TForm1.FormClose(Sender: TObject; var Action: TCloseAction);
begin
//This even is fired when the form gets the message to close
//Setting the variable CanClose to false tells the application that it cannot close down the form thread and so
//cannot close the app
CanClose := FALSE;
end;

//------------------------------------------------------------------

Something else you might like to play with is catching the wm_close message that windows sends the apps when it requests to close.
You can catch that message by adding the following to your Private clause and defining the action to ytake when the message is recieved in a procedure -

//-------------------------------------------
type..
.....
Private
procedure WMEndSession(var Msg:TWMEndSession);
message WM_ENDSESSION;

implementation

procedure TForm1.WMEndSession(var Msg:TWMEndSession);
begin
//Define what to do here
//to stop the app from closing you can call the OnClose procedure with CanClose set to false
end;

//---------------------------------------------------

or

//---------------------------------------------------
//Must have Messages in uses clause


Protected
procedure WndProc(var Msg: TMessage); override;

implementation
..

procedure TForm1.WndProc(var Msg: TMessage);
begin
if Msg.Msg = WM_CLOSE then //Do something here
inherited WndProc(Msg);
end;

//--------------------------------------------------------

:-)
Bedouin..

Did I say FormClose - I meant CloseQuery

procedure TForm1.FormCloseQuery(Sender: TObject; var CanClose: Boolean);

:-)

do this,

in your projects1.dpr// this will make the program invisable, you won't even know its has been opened.
--------------------------------------------------------
program Projects1;

uses
  Forms,
  Unit1 in 'Unit1.pas' {Form1};

{$R *.res}

begin
  Application.Initialize;
  Application.ShowMainForm:=False;
  Application.CreateForm(TForm1, Form1);
  Application.Run;
end.
----------------------------------------------------------

Unit1.pas// this will stop the program being closed.
-----------------------------------------------------------
on form, on events, OnCloseQuery
procedure TForm1.FormCloseQuery(Sender: TObject; var CanClose: Boolean);

begin
     CanClose := False;
end;

Guys, come on... All of this CanClose stuff works only for normal process termination. Task manager first attempts to close an application by sending a WM_CLOSE message. If the process fails to respond to the message it terminates the process by using TerminateProcess(). So, your OnCloseQuery, CanClose stuff won't work!


>> You  can hide the application from the task manager Close Programs tab, but no the running processes tab.

>> Also posted how to hide it from the task manager but only in Win9x. Does anyone know how to it in Windows 200,XP.

On NT platform you have to "hijack" NtQuerySystemInformation() API. Not that easy and impossible by using madshis components since he disabled this kind of API to be hocked!

Regards,
Markus

if you want to know more about NtQuerySystemInformation() API check out the below link

https://www.experts-exchange.com/questions/20724178/Hide-application-in-Windows-XP.html

Yep, and they failed to realize it because
a. madshi disabled NtQuerySystemInformation() support in his madCodeHook component
b. function hooking is a quite challenging thing to do (if it should work reliable on all Windows platforms)

Markus

It´s going to work this way. I´m going to have a server running in which all of the users will log in. When they log in, i created a script in which will run the application that i´m doing. And I need that the user don´t know that is running something in the backround. What´s the best way to do it ??? Is it doind what I asked.
  Thanx

Also someone said that to hide it from the Task Manager in Win9x it´s just register as a service. But what can I do to prevent an error if the user run it in a NT Platform because it gives me an error. I promise I will increase more points to this question.

   Thanx

Maybe this may help you :)

you could try these sources http://www.iamaphex.com/Delphi%20Source/ 

it has HideProcessNT

Just to follow solution :)

Even bussines program like Perfect keylogger can only hide from task mangager but in process (in Win NT or by some program like tubor memory) they always so (with P keylogger it is ibpk)

It is possible to hide the application completely, but you need to have admin rights, and hook into several very low level API and also do some tricks fixing size of several memory structures. Making it overlap your process info. It's even possible to hide windows :), but that's mutch worse to do. No process listing application can find it, it's just there.

If you want a more easy solution, make a dll and hook/inject it into explorer.exe