Running applications in background

[Techknowledge]

Is there a way to run an application in the background without it appearing in task manager or icons? I want to know if a program can be hidden to run silently without the users consent and same program not appearing in task manager or windows services.

 

[Mushkins]

Absolutely.

http://en.wikipedia.org/wiki/Rootkit

Another popular attack vector is simply naming malware the same thing as an important or common process. Someone staring at task manager will clearly pick out Virus.exe, but they may not pick up on the fact that something like WindowsSearchIndexer.exe shouldn't be running if Windows Search isn't installed. Or worse, the malware could actively shut off the real Windows Search process (or any legitimate but noncritical process) before starting itself with the same name.

There's a reason most corporate policies on viruses and malware boil down to "recover data and nuke it from orbit." Once you're infected there's honestly no 100% guarantee that you're not still infected unless you wipe it clean.

 

[inf1nity]

it is possible the developer of the program has added this feature in the program which can be turned on using a switch. It will still show up in the processes tab, though, and might cause an experienced user to get suspicious. The switch may be present in the documentation of the program.

Or, as mentioned above, a rootkit.

 

[SecurityTheatre]

It's pretty easy to get it to run as a service as well, which wouldn't even show up in a lot of process lists....

 

[Savatar]

DLL Injection or API Hooking are other common methods to do this... (a DLL won't show in task manager, but it will show in some other tools). While DLL Injection is relatively straightforward, API Hooking can be a real pain to develop... but they can both be very powerful.

Other things to do would be to develop a system-level driver, which don't show up in task manager... but those are also difficult to create.