PureBasic Forums - English

Hello !

I'm working on a project what blocks adjusted sites ( like porn sites etc.) and I need a little help from you !

I would like to remove my process from taskmgr, I saw a method in an other language but in PB I can't do it.

Its gets the "Windows Task Manager" window's hwnd with FindWindow api and select the "Processes" tab. Its a list so with SendMessage you can delete items from there.


How can I do it with PB?

Thanks.

Why ?

Anyway I don't think it's possible to do it reliably.

The list of the processes running is something which doesn't require a specific privilege, so anyone can write a software to be run in user mode to list the running processes and as consequences task manager it's not the only program a final user can execute to obtain such a list.
The only not trivial way to do it somewhat reliably is to negate some information to any process requesting such info, typically through a rootkit.

By your description what you saw was an ugly hack to access the task manager window by sending messages to the list control used to display the data and removing a specific row.

luis wrote:Why ?

Anyway I don't think it's possible to do it reliably.

The list of the processes running is something which doesn't require a specific privilege, so anyone can write a software to be run in user mode to list the running processes and as consequences task manager it's not the only program a final user can execute to obtain such a list.
The only not trivial way to do it somewhat reliably is to negate some information to any process requesting such info, typically through a rootkit.

By your description what you saw was an ugly hack to access the task manager window by sending messages to the list control used to display the data and removing a specific row.

What why? I want to make project to my school what block facebook, youtube, and porn sites. Why I should hide the program? Because if I don't hide user can close it. It's possible I know because I saw it in another language but I'm using purebasic for my project.

SendMessage_(myHWND,#LVM_DELETECOLUMN,0,0); I would like to remove the process from the list with this api.

I found this C code

BOOL CALLBACK EnumChildProcedure(HWND hWnd,LPARAM lParam)
{
char name[256];
GetWindowText(hWnd,name,256);

char ClassName[256];
GetClassName(hWnd,ClassName,256);

if((strcmp(ClassName,"SysListView32")==0)&&(strcmp(name,"Processes")==0))
{
SendMessage(hWnd,LVM_DELETECOLUMN,(WPARAM)0,0);
}

if(name==NULL)
return FALSE;
return TRUE;
}

but this isn't what i want but with this way you can modify the taskmgr's list

What you are trying to do will not work on any modern Windows version. It is no longer possible to mess with other processes without the proper permissions. If you want to stop people from closing your program then you can use the permission system for that as well: If you run your program from an administrator account and the user is logged in with limited permissions then he cannot end the program. This is the proper way to do it.

So far, your posts paint the picture of somebody trying to write some kind of malware. Legitimate programs don't need these sort of solutions. I advise you to tread carefully, we don't look to kindly to that around here.

Cyberity wrote:SendMessage_(myHWND,#LVM_DELETECOLUMN,0,0); I would like to remove the process from the list with this api.

Told you

luis wrote:By your description what you saw was an ugly hack to access the task manager window by sending messages to the list control used to display the data and removing a specific row.

an ugly hack. It's even worse since it removes the entire first column, way to go, very subtle !

And it's not much useful, since ...

luis wrote:anyone can write a software to be run in user mode to list the running processes and as consequences task manager it's not the only program a final user can execute to obtain such a list

so I don't see how that would help.

Your school would be better off to try (unsuccessfully if one is tech savvy enough) to filter contents by using a proxy instead of a software installed on each computer. Really, if you have internet access, you can't be blocked to visit a specific site.

freak wrote:What you are trying to do will not work on any modern Windows version.

I've just written a small PB program to send that message to my running task manager (win7 x64) and it worked, removing the first column entirely (!)

This probably because by default the TM is executed under the same credentials of the user logged in.

But if you deviate from the default, by elevating the TM by selecting "show processes from all users", then it doesn't work anymore, as expected.
Can happen by chance or by choice, adding another reason to the why the code above is an ugly hack, it's unreliable, does not solve the problem, and brings us back again to the rootkit concept.

> Why I should hide the program? Because if I don't hide user can close it.

Better to just disable the Task Manager instead:

http://www.pctools.com/guides/registry/detail/163/

That way, it doesn't look like you're writing malware.

This has do be done by properly setting user privileges.
You should not mess around with this hiding stuff.
Just create a user with limited privileges on windows. So the user can't terminate your software. You could install your software as a service and run it as system user for example. So a limited user can't terminate it.

> I want to make project to my school what block facebook, youtube, and porn site

So block them in the "hosts" file and you're done:
http://www.howtogeek.com/howto/27350/be ... osts-file/