Jump to content

Disable CTRL + ALT +DEL (it works)

FeReNGi

By FeReNGi,
in AutoIt General Help and Support

 Share

Recommended Posts

FeReNGi Prodigy

FeReNGi

Posted
Posted (edited)

NO SPAM !!

Disable Task Manager :

To disable the Task Manager, you only have to enable the policy "Remove Task Manager", either using the Group Policy editor (gpedit.msc) or setting the registry entry. Inside my application, I used the registry functions to set the value for the following key:

HKCU\Software\Microsoft\Windows\CurrentVersion\

Policies\System\DisableTaskMgr:DWORD

Even the CTRL + ALT +DEL can be changed

I. Disabling System Keys

I call system keys all the special key combinations that the operating system (OS) use to switch between tasks or bring up the Task Manager.

There are several ways to disable these key combinations.
Win9x/ME

You can disable all these key combinations (including Ctrl+Alt+Del) by fooling the operating system into thinking the screen saver is running. This can be accomplished with the following code:

SystemParametersInfo(SPI_SETSCREENSAVERRUNNING, TRUE, &bOldState, 0);

This trick doesn't work in Windows NT or higher (Win NT+), so you need other techniques.
Hooks

In Win NT+, one way to trap key switching combinations is to write a keyboard hook. You install a keyboard hook by calling SetWindowsHookEx():

hKeyboardHook = SetWindowsHookEx(WH_KEYBOARD, KeyboardProc, hInstance, 0);

The KeyboardProc() function is a callback function that is called by the OS every time a key is pressed. Inside KeyboardProc(), you decide if you want to trap the key or let the OS (or the next application in the hook chain) process it:

  LRESULT KeyboardProc(...)
  {
     if (Key == VK_SOMEKEY)
    return 1;            // Trap key

    return CallNextHookEx(...); // Let the OS handle it
  }

To release the hook, you use:

  UnhookWindowsHookEx(hKeyboardHook);

There are two type of hooks: local and global (or system wide) hooks. Local hooks can only trap events for your application, while global hooks can trap events for all the running applications.

To trap the switching task keys, it's necessary to write a global hook.

The Microsoft documentation states that global hook procedures should be placed in a separate DLL. The DLL is then mapped into the context of every process and can trap the events for each process -- that's why hooks are used to inject code into a remote process.

In my application, I wanted to avoid the use of an external library, so I set the global hook inside my own application (without an external library). This is accomplished by passing in the 3rd parameter of the SetWindowsHookEx() call, the instance handle of the application (and not the library as the documentation states). This technique works perfectly for Win 9x but Win NT+ is different. The same effect can be achieved by using the new keyboard and mouse low level hooks. These new hooks don't need an external library because they work differently from the other hooks. The documentation states "[...] the WH_KEYBOARD_LL hook is not injected into another process. Instead, the context switches back to the process that installed the hook and it is called in its original context. Then the context switches back to the application that generated the event.".

I'm not going into more details about hooks because there are many excellent articles dealing with this subject.

There's still one remaining problem: keyboard hooks cannot trap Ctrl+Alt+Del sequence! Why? Because the OS never sends this key combination to the keyboard hook chain. It is handled at a different level in the OS and is never sent to applications. So, how can we trap the Ctrl+Alt+Del key combination? Read the next section to find out.
Ctrl+Alt+Del

There are several ways to disable this key combination:

   1. Disable Task Manager. This doesn't trap the key combination, it simply disables the application (Task Manager) that pops up when this key combination is pressed. See below how to do this.
   2. Trap the keys using a keyboard device driver. For this, you need the DDK installed. I will not describe this method here.
   3. Write a GINA stub. GINA is the DLL that Winlogon uses to perform user authentication. I'm not going to discuss this method here, but you can find out how to do it here [16].
   4. Subclass the SAS window of the Winlogon process. For this, you must inject code into the Winlogon process and then subclass its Window Procedure. Two techniques for doing this are described later.

More info and a DLL how to do it can be found over here :

http://www.codeproject.com/win32/AntonioWinLock.asp

Any one can make a UDF feel free.

Source is included how to do it !

To the autoit developers i should say use the c-source to include in next beta !

Edited by FeReNGi
ServicesPE|LoadVMDK
Link to comment
Share on other sites
Vivvic Adventurer

Vivvic

Posted
Posted

Jon - or some moderator,

Can this post be deleted? :whistle:

Agreed.

[quote name='DaleHohm']You have a strange habit of posting error messages that don't match your code.[/quote][quote name='SmOke_N']Forget the learning... straight to the scripting :lol: (laugh.gif)[/quote]

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...