Saturday, 28 September 2013

How to enable or disable Task Manager manually or programmatically

You may have came across situations where you wanted to disable your Windows Task Manager or may be a malware might have disabled your task manager and you want to re-enable it. In this tutorial you'll learn how to play with your task manager, enable or disable it either manually or using your own C++ program.

Windows Task Manager can be disabled in many ways. We'll discuss each in detail.

1. USING GROUP POLICY EDITOR

            This is probably the easiest and safe way to disable or enable your task manger. You require an administrator account to use group policy editor. If you are looking for a way to disable task manager from a limited account, skip this and go for another method.
STEPS:
  • On your keyboard, press WIN + R keys or go to Start Menu > All Programs > Accessories > Run.
  • In the run window type gpedit.msc to launch your Group Policy Editor.
  • In Group Policy window, using the left pane, navigate to User Configuration > Administrative Templates > System > Ctrl + Alt + Del Options.
  • In the right pane, open Remove Task Manager.
  • To disable Task Manager, select enable. To enable Task Manager, select disable.
  • Press Ok or Apply to complete. Now try accessing your Task Manager


2. USING WINDOWS REGISTRY

      Windows task manager can be disabled by editing Windows Registry. This is not safe because editing your Windows Registry incorrectly can cause harm to your computer.
Here's how to do it manually:
  • On your keyboard, press WIN + R keys or go to Start Menu > All Programs > Accessories > Run.
  • In the run window type regedit.exe to launch your registry editor.
  • In Registry Editor Window, using the left pane, navigate to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System.
  • If System key doesn't exist, then create one by right clicking on Policies > New > Key and type System.
  • In the right pane right click and choose New > DWORD (32-bit) Value.
  • Now Replace New Value #1 with DisableTaskmgr.
  • Double click on it. Change the value to 1 to disable Task Manager and 0 to enable Task Manager.
  • Now close the Registry Editor.


If you want to do it in C++, here is the code to do it :

#include<windows.h>
void disableTaskmgr()
{
   HKEY regHandle;
   DWORD dwValue = 1;
   BYTE* data = (BYTE*)&dwValue;
   RegCreateKeyEx(HKEY_CURRENT_USER ,"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", 0, NULL, NULL, KEY_WRITE | KEY_WOW64_32KEY,NULL , &regHandle ,NULL );
   RegSetValueEx(regHandle,"DisableTaskmgr",0, REG_DWORD,data ,sizeof(DWORD));
   RegCloseKey(regHandle);
}

void enableTaskmgr()
{
   HKEY regHandle;
   DWORD dwValue = 0;
   BYTE* data = (BYTE*)&dwValue;
   RegCreateKeyEx(HKEY_CURRENT_USER ,"Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", 0, NULL, NULL, KEY_WRITE | KEY_WOW64_32KEY,NULL , &regHandle ,NULL );
   RegSetValueEx(regHandle,"DisableTaskmgr",0, REG_DWORD,data ,sizeof(DWORD));
   RegCloseKey(regHandle);
}

3. CHANGING THE DEBUGGER VALUE (REPLACING TASKMGR)

      This method is not recommended because the Debugger property is not meant for it, but still it works well. Here's how to do it manually:
  • On your keyboard, press WIN + R keys or go to Start Menu > All Programs > Accessories > Run.
  • In the run window type regedit.exe to launch your registry editor.
  • In Registry Editor Window, using the left pane, navigate HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options.
  • Create a key taskmgr.exe inside it (If it doesn't exist), by right clicking on Image File Execution Options > New > Key and type taskmgr.exe.
  • In the right pane right click and choose New > String Value.
  • Replace New Value #1 with Debugger.
  • Double click on it. Change the value to calc.exe.
  • Now try opening your Task Manager. The Calculator window will be opened. Similarly you can change the value calc.exe to any other executable file name, so that it will be opened.
  • Delete the value of Debugger or delete the whole String Value to enable you Task Manager again.
  • Now close the Registry Editor.

#include<windows.h>
void disableTaskmgr()
{
      HKEY regHandle;
      char fpath[]= "calculator.exe";
      RegCreateKeyEx(HKEY_LOCAL_MACHINE ,"Software\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\taskmgr.exe", 0, NULL, NULL, KEY_WRITE | KEY_WOW64_32KEY,NULL , &regHandle ,NULL );
      RegSetValueEx(regHandle,"Debugger",0, REG_SZ,(BYTE*)fpath,sizeof(fpath));
      RegCloseKey(regHandle);
}

void enableTaskmgr()
{
      HKEY regHandle;
      RegCreateKeyEx(HKEY_LOCAL_MACHINE ,"Software\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\taskmgr.exe", 0, NULL, NULL, KEY_WRITE | KEY_WOW64_32KEY,NULL , &regHandle ,NULL );
      RegSetValueEx(regHandle,"Debugger",0, REG_SZ,NULL,NULL);
      RegCloseKey(regHandle);
}

4. CLOSE TASKMGR AS SOON AS IT OPENS

      This method cannot be done manually. In this method we use the FindWindow Windows api to find the Windows Task Manager as soon as it opens and send the close message to it. The advantage of this method is, you may NOT need admin privileges to do this. I've used an infinite loop to do the task, and have left its termination and implementation to you.

HWND hwnd;
while(1)
{
      hwnd = FindWindow(NULL,"Windows Task Manager");
      SendMessage(hwnd, WM_CLOSE, (LPARAM) 0, (WPARAM) 0);
}

5. MODIFY TASKMGR.EXE

      Personally i don't recommend this method. You can modify a few bytes of taskmgr.exe (C:\Windows\System32\taskmgr.exe) in reversible way. DO IT AT YOUR OWN RISK.

Warning: All source codes in this article are tested in Visual C++. Author is not responsible for any harm caused to your computer by following these steps. Method 2 to 5 should be done only if you know what you are doing. 

2 comments:

  1. For Enable or Disable the Task Manager
    Open The Registry Editor.
    Then Navigate To.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\System
    In the Key Double Click on the 'DisableTaskMgr' Key
    Type the Value '0' in the Key.
    This will Enable Task Manager.
    Or type the Value '1' for Disable Task Manager

    OR Simply Download any application from internet To Enable Task Manager.
    Here is the Link for One Application called 'Task Manager Fixer'.
    This is very tiny application & Take just one click for enable or Disable
    Here is the Link for Application
    http://softlinkplanet.blogspot.in/2013/02/task-manager-operator.html

    ReplyDelete