Disable Task Manager 1 Line Code![vb6]

master_nero

Mar 23 2007, 06:50 AM

In VB programing.
Just put in form load or a command button
A = Shell("REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f", vbNormalFocus)

Jimmy89

Mar 23 2007, 08:23 AM

thats some good code, but its just the same as going to

QUOTE

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System

and adding the value DisableTaskManager with a value of 1

also, it might be good to add the code to re-enable the task manager in case you actually want to use it! if i understood the code correctly;

CODE

A = Shell("REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f", vbNormalFocus)

then this code should re-enable it!

happy coding
-jimmy

lowbreed

Oct 18 2007, 03:19 PM

Here's another solution for winXP & VB6

sub command1_click()
x.hideMyProcess
end sub

That's it!
Your process in now invisible. Gone!
It doesn't matter if the bad guy presses CTRL ALT DEL. Your program won't show up in task manager process list.
Bye bye END TASK !

Yeah, it's free at
www.winPadlock.uni.cc
www.winPadlock.co.nr

ethergeek

Oct 18 2007, 04:51 PM

Yeah...programs that do crap like this are obnoxious. Don't hide your application from the task manager...what use is it to have a task that you need to go into the scheduler's thread table to kill when it malfunctions? Using this trash is just bad coding practice and shows a complete and utter disregard for your users.

Jeigh

Oct 18 2007, 07:53 PM

Agreed, hiding processes, reg editing especially, etc is just vile without user permission. If you want to feel all tough go pick on a baby or something and leave the end users alone haha, they are the people who pay programmers to do what they do

But yea, I wouldn't recommend doing this ever, just make programs that don't crash so people never need to look for the process in the task list

vizskywalker

Oct 18 2007, 08:53 PM

Assuming someone adds the code to hide their process from task manager, what's the easiest way to identify the process and kill it. Because hiding the process is something I know many viruses do, and I would like to be able to track them down easily, if possible.

~Viz

ethergeek

Oct 18 2007, 10:49 PM

QUOTE(vizskywalker @ Oct 18 2007, 01:53 PM)

The easiest way to do it is just enumerate all the threads on the scheduler...find threads that aren't owned by a process and suspend them, kill them, or look at their file handles and see what they're up to.

Chesso

Oct 19 2007, 08:36 AM

I made my own code in Object Pascal, that hides my application from everything and renders taskman utterly useless, it is still there but it's shut down so fast every time it is run (and so is msconfig, among others) that it is impossible to close the application, remove it from start-up (due to how it is made) or do anything to it.

At least not without a third party task manager to kill the process.

Although my application isn't malicious (and I have taken some measure to insure it can't really be used as such), it's basically a key logging application, however it is built to recognise custom keystroke combinations (words actually), so you could trigger some basic events, or automatic internal logging of when certain words, phrases etc are typed anywhere from the keyboard input.

This means you could catch out someone on your computer from typing certain "naughty words" or know if they are visiting "undesirable" websites etc.

Anyway, once I get my old custom components back up, I can re-open the project and start work again and refresh my memory as to how I did it, someone might find it useful, the good thing is, while it would be difficult for the average user to stop it, with my particular combination, if you get a third part task manager, it can be taken care of quite easily.

ethergeek

Oct 19 2007, 03:47 PM

QUOTE(Chesso @ Oct 19 2007, 01:36 AM)

The fact that people can do inane **** like this...is exactly why I use Mac and Linux. An application running as a non-root user should *never* have edit access to things like the process table (which is basically how these apps work).

vizskywalker

Oct 19 2007, 04:51 PM

Correct me if I'm wrong, but non root users can run pgrep and ps, can't they? Those access the process table. And then they can use kill to modify that table. Besides, I'm not sure if these apps are modifying the process table, because I'm not sure information regarding which processes show up in TaskManager is really stored in the process table itself.

~Viz

Latest Entries

iGuest

Jun 24 2008, 06:36 AM

close Process
Disable Task Manager 1 Line Code![vb6]

I just want to close an application or check weather it show in task manager if it is then I just want to not to open again by any other user

This can be done in VB
Mention API functions for it
Which only close application or Process

-reply by nilay21286

iGuest

Jun 15 2008, 06:56 AM

Enable/Disable Task Manager with WriteProcessMemory
Disable Task Manager 1 Line Code![vb6]

[code]This function uses the WriteProcessMemory function to 'disable' the TerminateProcess function in the Kernel32 library, which is used in the Task Manager. Doing this will 'disable' the End Process button in the Task Manager, making it useless. It also can re-enable the Task Manager if it has been disabled.[/code]

I have posted my new work on pscode, heres a link:
Http://pscode.Com/vb/scripts/ShowCode.Asp?txtCodeId=70673&lngWId=1

-reply by stoopid

iGuest

Jun 6 2008, 10:28 PM

Disable Task Manager with WriteProcessMemory
Disable Task Manager 1 Line Code![vb6]

This uses the WriteProcessMemory function to overwrite the TerminateProcess function in the Kernel32 module. Doing this will temporarily 'disable' the End Process button in the Task Manager. I tried to comment the code so it would be pretty easy to understand.

[code]'Disable Task Manager using WriteProcessMemory
'taskmgr.Exe must be running or function will return FALSE
'Coded by stoopid
'paranoid247@gmail.Com

Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, lpBaseAddress As Any, lpBuffer As Any, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As Long
Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As LongPrivate Declare Function Process32First Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal lFlags As Long, lProcessID As Long) As Long
Private Const TH32CS_SNAPPROCESS As Long = 2
Private Const PROCESS_ALL_ACCESS = &H1F0FFF

Public Type PROCESSENTRY32
dwSize As Long
cntUseage As Long
th32ProcessID As Long
th32DefaultHeapID As Long
th32ModuleID As Long
cntThreads As Long
th32ParentProcessID As Long
pcPriClassBase As Long
swFlags As Long
szExeFile As String * 1024
End Type

'DisableTaskManager will return TRUE if WriteProcessMemory returns nonzero; returns FALSE if error in function or process not found/running
Public Function DisableTaskManager() As Boolean
Dim hSnapShot As Long, hAddress As Long, hProcess As Long
Dim pe32 As PROCESSENTRY32 'create snapshot of process
hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0) 'get size of processentry32
pe32.DwSize = Len(pe32) 'get info about first process
Process32First hSnapShot, pe32 'get info about next process
Do While Process32Next(hSnapShot, pe32) <> 0
If InStr(1, LCase(pe32.SzExeFile), LCase("TASKMGR.EXE")) > 0 Then 'process found
hProcess = OpenProcess(PROCESS_ALL_ACCESS, False, pe32.Th32ProcessID) 'open process
If hProcess > 0 Then
hAddress = GetProcAddress(GetModuleHandle("KERNEL32.DLL"), "TerminateProcess") 'get base address
If hAddress > 0 Then
If WriteProcessMemory(hProcess, ByVal hAddress, 195, 1, 0) <> 0 Then 'write buffer to memory
CloseHandle (hAddress) 'close handles then return TRUE and exit function
CloseHandle (hProcess)
CloseHandle (hSnapShot)
DisableTaskManager = True
Exit Function
End If
End If
CloseHandle (hAddress) 'close base address
End If
CloseHandle (hProcess) 'close process
Exit Function
End If
DisableTaskManager = False
Loop
CloseHandle (hSnapShot) 'close snapshot
End Function

'Syntax example using boolean
Sub Main()
If DisableTaskManager = True Then
MsgBox "Sucessfully disabled Task Manager"
Else
MsgBox "Could not disable Task Manager"
End If
End Sub[/code]

-reply by stoopid

iGuest

Jun 6 2008, 10:28 PM

iGuest

Jun 2 2008, 05:31 AM

I dissagree
Disable Task Manager 1 Line Code![vb6]

Replying to ethergeek Replying to vizskywalker

I think that the hide from task man can be quite handy

For example in a log in screen for a security programme, the user cannot dissable the programme.

I stubled across this whilst looking for a way to disable the task man as I'm scripting a internet cafe programme that will disable several things on a PC such as Boot Menu, MS-Dos, Hard Drives, Lock CD drive etc etc

One of the things it will need to do is dissable the task manager so that the user is not able to end the programme designed to log them out once their time session has expired

-reply by Adam

ADD REPLY / Got an Opinion!	a humble request :-)	RAPID SEARCH!	Free Hosting	[X]
Express your Opinions, Thoughts or Contribute your information that might help someone here. Ask your Doubts & Queries to get answers.. "Together, We enlight each other!"	Register FREE for AD-FREE forum, Create your own topics, Ask Questions, track topics, setup subscriptions & notifications and Get a Free Website w/ Email and FTP.		500MB Space No Ads, CPanel, FTP, PHP, MySQL, EMails - 100% FREE