master_nero 0 Report post Posted March 23, 2007 In VB programing.Just put in form load or a command buttonA = Shell("REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f", vbNormalFocus) Share this post Link to post Share on other sites
jimmy89 0 Report post Posted March 23, 2007 (edited) thats some good code, but its just the same as going to HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Systemand adding the value DisableTaskManager with a value of 1also, it might be good to add the code to re-enable the task manager in case you actually want to use it! if i understood the code correctly;A = Shell("REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f", vbNormalFocus)then this code should re-enable it!happy coding-jimmy Edited March 23, 2007 by Jimmy89 (see edit history) Share this post Link to post Share on other sites
lowbreed 0 Report post Posted October 18, 2007 Here's another solution for winXP & VB6 sub command1_click() x.hideMyProcess end sub That's it! Your process in now invisible. Gone! It doesn't matter if the bad guy presses CTRL ALT DEL. Your program won't show up in task manager process list. Bye bye END TASK ! Yeah, it's free at http://forums.xisto.com/no_longer_exists/ http://www.winpadlock.co.nr/ Share this post Link to post Share on other sites
ethergeek 0 Report post Posted October 18, 2007 (edited) Yeah...programs that do crap like this are obnoxious. Don't hide your application from the task manager...what use is it to have a task that you need to go into the scheduler's thread table to kill when it malfunctions? Using this trash is just bad coding practice and shows a complete and utter disregard for your users. Edited October 18, 2007 by ethergeek (see edit history) Share this post Link to post Share on other sites
Jeigh1405241495 0 Report post Posted October 18, 2007 Agreed, hiding processes, reg editing especially, etc is just vile without user permission. If you want to feel all tough go pick on a baby or something and leave the end users alone haha, they are the people who pay programmers to do what they do ;)But yea, I wouldn't recommend doing this ever, just make programs that don't crash so people never need to look for the process in the task list Share this post Link to post Share on other sites
vizskywalker 0 Report post Posted October 18, 2007 Assuming someone adds the code to hide their process from task manager, what's the easiest way to identify the process and kill it. Because hiding the process is something I know many viruses do, and I would like to be able to track them down easily, if possible.~Viz Share this post Link to post Share on other sites
ethergeek 0 Report post Posted October 18, 2007 Assuming someone adds the code to hide their process from task manager, what's the easiest way to identify the process and kill it. Because hiding the process is something I know many viruses do, and I would like to be able to track them down easily, if possible.~Viz The easiest way to do it is just enumerate all the threads on the scheduler...find threads that aren't owned by a process and suspend them, kill them, or look at their file handles and see what they're up to. Share this post Link to post Share on other sites
Chesso 0 Report post Posted October 19, 2007 I made my own code in Object Pascal, that hides my application from everything and renders taskman utterly useless, it is still there but it's shut down so fast every time it is run (and so is msconfig, among others) that it is impossible to close the application, remove it from start-up (due to how it is made) or do anything to it.At least not without a third party task manager to kill the process.Although my application isn't malicious (and I have taken some measure to insure it can't really be used as such), it's basically a key logging application, however it is built to recognise custom keystroke combinations (words actually), so you could trigger some basic events, or automatic internal logging of when certain words, phrases etc are typed anywhere from the keyboard input.This means you could catch out someone on your computer from typing certain "naughty words" or know if they are visiting "undesirable" websites etc.Anyway, once I get my old custom components back up, I can re-open the project and start work again and refresh my memory as to how I did it, someone might find it useful, the good thing is, while it would be difficult for the average user to stop it, with my particular combination, if you get a third part task manager, it can be taken care of quite easily. Share this post Link to post Share on other sites
ethergeek 0 Report post Posted October 19, 2007 I made my own code in Object Pascal, that hides my application from everything and renders taskman utterly useless, it is still there but it's shut down so fast every time it is run (and so is msconfig, among others) that it is impossible to close the application, remove it from start-up (due to how it is made) or do anything to it.At least not without a third party task manager to kill the process.Although my application isn't malicious (and I have taken some measure to insure it can't really be used as such), it's basically a key logging application, however it is built to recognise custom keystroke combinations (words actually), so you could trigger some basic events, or automatic internal logging of when certain words, phrases etc are typed anywhere from the keyboard input.This means you could catch out someone on your computer from typing certain "naughty words" or know if they are visiting "undesirable" websites etc.Anyway, once I get my old custom components back up, I can re-open the project and start work again and refresh my memory as to how I did it, someone might find it useful, the good thing is, while it would be difficult for the average user to stop it, with my particular combination, if you get a third part task manager, it can be taken care of quite easily. The fact that people can do inane **** like this...is exactly why I use Mac and Linux. An application running as a non-root user should *never* have edit access to things like the process table (which is basically how these apps work). Share this post Link to post Share on other sites
vizskywalker 0 Report post Posted October 19, 2007 Correct me if I'm wrong, but non root users can run pgrep and ps, can't they? Those access the process table. And then they can use kill to modify that table. Besides, I'm not sure if these apps are modifying the process table, because I'm not sure information regarding which processes show up in TaskManager is really stored in the process table itself.~Viz Share this post Link to post Share on other sites
ethergeek 0 Report post Posted October 19, 2007 Non root users can read the process table, sure...but none of them can kill tasks that aren't their own. The task manager does in fact just query the process table to enumerate all running processes. Share this post Link to post Share on other sites
vizskywalker 0 Report post Posted October 19, 2007 It has to do more than just read all running processes, otherwise hiding a process would be impossible. If you remove a process from the process table, it becomes lost, which is very bad. Thus there must be some sort of flag or something which can be set and checked for each process as to whether or not it should be listed.~Viz Share this post Link to post Share on other sites
Chesso 0 Report post Posted October 19, 2007 Thing is, by hitting the keys or starting up a task monitor, aren't you making it become open by you..... meaning it can be closed by you and probably faked by a piece of software, if the direct approach doesn't work under a secure account.There is more than one way to skin a cat, so to speak lol.Mine technically doesn't "shut down" or "end" any tasks, it just closes them as soon as they open, to a point of speed where you would be lucky to notice it even showing up, you could catch, it but that would be useless, it goes too fast to do anything with it.......I made it a configurable option though (the program is password protected and has a special global key assignment to bring up the password dialog bog to re-open the visuals), it's only really meant if anyone that uses your computer is as smart as me and would know something is wrong and fix it quickly lol (well I still could anyway actually). Share this post Link to post Share on other sites
sparkx 0 Report post Posted October 19, 2007 I don't get it. Why would you want to disable task manager? Unless you were a school, library ect that need the security so you don't turn off their keyloggers/spyware. But after reading this topic it does not look like it is a very secure way to disable task manager (apparently you could just re-add the key to the registry). I like jimmy89's code that re-enables it. I am very surprised how much you can do to windows xp (or any windows computer in this case) just by editing the registry. It is a little scarry how easy it would be to get a virus that deleated key things (that is if you don't have a firewall). Maby it is just me afterall I don't even trust my self to make major edits to the registry.Thanks,Sparkx Share this post Link to post Share on other sites
Chesso 0 Report post Posted October 20, 2007 To stop a normal user from shutting down your application, like monitoring software used for children etc (my 5 year old sister can already use the net, run programs, find them even in hidden places, log into website and email, shutdown unwanted processed, and she's had next to no help in learning it).The thing with the program I am working on, is it's not impossible to remove and it doesn't do anything harmful by any means, it's meant for the owner of the computer who might want to know a little bit more definite information about what others are accessing it are doing with it.No different really than having a camera setup in a small or larger business to see what people who use your shop are doing (like shop lifters or plain idiots), etc. Share this post Link to post Share on other sites