dfrith20 Posted May 2, 2012 Share Posted May 2, 2012 Hi, I know there are a couple of threads here talking about this topic that have been closed because it has been assumed the poster is trying to create malware or similar. I have a legitimate need to stop users using Task Manager to kill the autoit.exe. We are using AutoIT within a large terminal server environment to provide a session idle timeout feature. I won’t go into the details of why we are not using the built in RDP session timeout – but trust me, there is good reason. The script is launching in the user’s context, and therefore they have rights to kill it. We think a couple of users have worked this out, and are therefore bypassing the timeout set. As a backup, if there is no easy answer, I’m planning to compile the script as an EXE with an odd name, to provide some security via obscurity – however if there is a more elegant solution, I’d be keen to find out. Using a monitoring script is also a possibility of course, but that’s also not pretty. We also prefer to keep task manager available, as it is a very handy troubleshooting tool If you know a solution, but are concerned about posting it on this forum, you can send it to my email: david.frith <at> svhm.org.au Thanks Link to comment Share on other sites More sharing options...
Reeling Posted May 2, 2012 Share Posted May 2, 2012 (edited) I'm not the most experienced guy ever but I don't think there is a way you can disable only part of the ask manager. Users can either use it or they can't. I also can't figure out a good reason why you wouldn't use the tool that was designed to do what you are asking. I would suggest you state what your "legitimate need" is because it seems pretty malicious to me. Edited May 2, 2012 by Reeling Link to comment Share on other sites More sharing options...
Bert Posted May 2, 2012 Share Posted May 2, 2012 PM sent The Vollatran project My blog: http://www.vollysinterestingshit.com/ Link to comment Share on other sites More sharing options...
telmob Posted November 16, 2012 Share Posted November 16, 2012 I too have found that there are some posts that were blocked because this apparentely is/maybe used for some virus creation.... But i am trying to make the opposite. I'm trying to create an exe blocker/allower exactly to prevent infections. I found this great and simple piece of code that looks like a great start: My little app will be an exe blocker and also a SRP UI. But for this i would like to have the process protected from termination, is it possible? Again, sorry if i broke any rules and for reviving this old thread. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now