Uninterruptible Windows Process

Question

Hi Guys,

We're starting a new custom project right now from a client and one of the requirements is the process cannot be terminated unless the system is shutting down, restarting, or logging-off.

This application monitors the USB interface. We will be using WMI to query the device periodically.

The client want's to run the application on Windows XP Operating System and doesn't like installing .NET. So we targeted Visual Basic 6 as our language.

My main concern is this application cannot be terminated. Our Project Adviser talks about Anti-virus and yes, some of the anti virus cannot be terminated. I was thinking how to do the same in Visual Basic 6. I know there will be API involved on the project but where should I go? so API is ok with me.

I saw some articles that converts the EXE to a SERVICE, create Windows Service in Visual Basic 6, etc.

So please .. share your thoughts.

Answer 1

I think you want to look at writing an NT Service.

More info here: http://www.montgomerysoftware.com/CreatinganNTServiceinVisualBasic6/tabid/161/language/en-US/Default.aspxlink text

Answer 2

If you want to be evil, you can call the (officially) undocumented RtlSetProcessIsCritical NTDLL function. This will immediately BSOD the machine if your process is terminated.

Answer 3

You cannot create a process that cannot be terminated without some sort of kernel-mode hooking, which involves writing a driver. You might want to look into Rootkits: subverting the Windows kernel if you're interested in that. However, even with kernel-mode hooking there are still numerous ways to terminate processes. The alternative is to use user-mode hooking, easily bypassed but enough for very simple projects.

The solution you want to use will depend on how far you want to go with the termination protection. And even if you do succeed in preventing process termination, there may be ways of preventing your application from working properly - e.g. killing the WMI service.

Answer 4

It's really frustrating coding in VB6 right now specially I dumped my head in C# for 2 years though I coded in VB6 for 5 years..

Moving back is a pain as if I am starting a new programming language.

Answer 5

To be honest, you are trying to do something in VB6 that it really isn't that great at. When you say 'cannot be terminated' - what do you mean by that? There are several levels there: a) App shows a window but the user cannot close it with the X button, or it does not show one b) App shows no windows or maybe sits in task tray c) App shows no windows and cannot be shut down from the Applications tab of task manager d) App cannot be shut down from the process list of task manager

(a) and (b) are probably easiest to do in straight VB. (c) is still possible, but getting uglier. (d) gets you into hack territory and would almost certainly be frownd upon if you did manage it.

If you really need to stop users closing then you can probably hack it to a greater or lesser degree, but the real answer is as the others have said - a system service (this is exactly the srt of thing they were intended for). However that is one thing that VB6 isn't good at so the best solution to your problem is c#.

Answer 6

Hi Nullstr1ng.

You may want to check out AlwaysUp (http://www.coretechnologies.com/products/AlwaysUp/), which runs any EXE as a Windows Service. Instead of trying to ensure that your program never dies (which you should still do!), AlwaysUp simply restarts your program immediately if it stops for any reason. An effective insurance policy...

Good luck!