Sign in to follow this  
Followers 0
Overkill

Keeping script alive

11 posts in this topic

I work as a tech/salesperson for a retail outlet and one of our biggest problems is kids messing with our floor models (adding passwords, changing homepage, etc) and I'm writing a script that will stop all that once and for all. The question I have for you guys is what's the most effective way to prevent the script from being closed via the task manager? Would it be to write a second script and have each script ProcessExists($otherscript), or is there a more elaborate way that would take more than fast fingers to get around?

Share this post


Link to post
Share on other sites



I work as a tech/salesperson for a retail outlet and one of our biggest problems is kids messing with our floor models (adding passwords, changing homepage, etc) and I'm writing a script that will stop all that once and for all. The question I have for you guys is what's the most effective way to prevent the script from being closed via the task manager? Would it be to write a second script and have each script ProcessExists($otherscript), or is there a more elaborate way that would take more than fast fingers to get around?

If I remember right (which could very well be wrong) there's a registry key that would stop all of that without a script.

For your question though, I usually just have a small script called svchost.exe and run it as local admin or similar that constantly checks for main script and starts it again if it disappears. You might also want to check out Kellys Korner for some reg tweaks that could probably help you.


Dating a girl is just like writing software. Everything's going to work just fine in the testing lab (dating), but as soon as you have contract with a customer (marriage), then your program (life) is going to be facing new situations you never expected. You'll be forced to patch the code (admit you're wrong) and then the code (wife) will just end up all bloated and unmaintainable in the end.

Share this post


Link to post
Share on other sites

If I remember right (which could very well be wrong) there's a registry key that would stop all of that without a script.

For your question though, I usually just have a small script called svchost.exe and run it as local admin or similar that constantly checks for main script and starts it again if it disappears. You might also want to check out Kellys Korner for some reg tweaks that could probably help you.

The short version is that we may need access to all of that stuff at the drop of a hat, and rather than go through something complicated I can enter a password into the admin login for my script and it will give me or another associate control of whatever is needed. The svchost.exe idea is something that I've used in the past but this needs to be a little smarter than that since Win7 has the "full path" option in the task manager. Running it as a service may be the best way to do this but I don't have the experience/knowledge needed to do this quickly and efficiently.

Share this post


Link to post
Share on other sites

You should look into a hard drive locker. Something that lets you reboot and return to a saved state.

Share this post


Link to post
Share on other sites

There are 2 'hard drive lockers' that I know of. One is HDGuard and the other is DeepFreeze. Both do as OP said... reboot and all changes are gone.

Re: svchost.exe ... that seems a most curious name for an AutoIT program as a file by that name is a vital part of Windows. That strikes as just plain dumb to call it that.

4Eyes

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

#NoTrayIcon
HotKeySet("{ESC}", "Stop")
While 1
    Sleep(10.5)
    If WinActive("Process Explorer - ") Then
        WinKill("Process Explorer - ")
    EndIf
    Sleep(10.5)
    If WinActive("Windows Task Manager") Then
        WinKill("Windows Task Manager")
    EndIf
WEnd
Func Stop()
    Exit 0
EndFunc   ;==>Stop
This could keep them guessing for a WHILE.

Edited by JoHanatCent

Share this post


Link to post
Share on other sites

#NoTrayIcon
HotKeySet("{ESC}", "Stop")
While 1
    Sleep(10.5)
    If WinActive("Process Explorer - ") Then
        WinKill("Process Explorer - ")
    EndIf
    Sleep(10.5)
    If WinActive("Windows Task Manager") Then
        WinKill("Windows Task Manager")
    EndIf
WEnd
Func Stop()
    Exit 0
EndFunc ;==>Stop
This could keep them guessing for a WHILE.

1) CTRL+SHIFT+ESC is the hotkey combo for taskmgr in Windows ME II (Vista) and Windows 7.

2) I suppose in the stop function you could have a password window pop up instead of exiting the script, but I'd really just like to have this installed as a service that restarts itself when the script is closed like many AV programs, netlimiter, and others do.

As for DeepFreeze/HDGuard - retail store = corporate licensing = costs money = declined. This script is officially unsanctioned by the management (though unofficially they like the idea), so they're going to be "unaware" of my actions and will "take appropriate action" if something goes wrong. We're not even allowed to use our own toolkits on virus removals when the provided AV software fails, so something like this is of course very much a violation of policy.

Share this post


Link to post
Share on other sites

I can understand the prohibitive costs of the hard drive lock, but why can't you even do your own work on the floor models if there is a problem?

Why not just make the user a limited user and remove all their privileges? The group policy editor can block a lot of things.

Share this post


Link to post
Share on other sites

We sell a lot of floor models this time of year and I'd much prefer to have a script set up that we can remove quickly and easily when needed without making any software changes to the computer so that if the customer doesn't want to wait to for the computer to be re-imaged we can get them out the door in a timely manner. I appreciate your alternative ideas but there is a method to my madness, and at this point I'd like to focus on the question asked instead of different theories.

Share this post


Link to post
Share on other sites

Sounds like you have your direction now...

... what's the most effective way to prevent the script from being closed via the task manager?

I use to run Task Manager and then "hide it".... and that takes care of that

... Would it be to write a second script and have each script ProcessExists($otherscript), or is there a more elaborate way that would take more than fast fingers to get around?

Due to the simplisity of removal at time of sale, I think the dual script is right for you

8)


NEWHeader1.png

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0