Jump to content
Sign in to follow this  
Nova

TaskMgr

Recommended Posts

Nova

The following code removes a users premission to axcess the Taskmgr

Regwrite
("HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\Policies\System","DisableTaskMgr","REG_DWORD","1")

and this code adds the premission

Regwrite("HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\Policies\System","DisableTaskMgr","REG_DWORD","0")

If u remove a users premissions to axcess the TaskMgr,when they press ctrl + alt + del they get a message saying "bla bla bla please contact the computers administrator"

Is their anyway of stopping this message from showing ?

As far as I know you cant disable ctrl + alt + del and I dont want a loop which waits for the msg box to appear and then to close it because using that method still allows the message to show for a second or so.

The reason im asking for this is becaue im making a custom loggon script

Firstly I dont want the user to be able to exit the logon script by closing its process becasuse then its kinda pointless

and second the logon script has moving graphics and when the "bla bla bla" message pops up it can overlapp graphics and when it dose so it slows the graphics movement down alot.

Any help on the issue would be greatly apreacheated

Edited by nova

Share this post


Link to post
Share on other sites
this-is-me

Rename taskmgr.exe


Who else would I be?

Share this post


Link to post
Share on other sites
sykes

Rename taskmgr.exe

<{POST_SNAPBACK}>

Make sure you have Windows File Protection turned off or Taskmgr.exe re-appears automatically

Edit: A program called XPLite makes turning Windows File Protection Off and On a simple process. XPLite

Edited by sykes

We have enough youth. How about a fountain of SMART?

Share this post


Link to post
Share on other sites
this-is-me

Or rename the taskmgr in the system32\dllcache first before renaming the regular taskmgr.


Who else would I be?

Share this post


Link to post
Share on other sites
Nova

Make sure you have Windows File Protection turned off or Taskmgr.exe re-appears automatically

I just came across that problem :idiot:

@this-is-me

Or rename the taskmgr in the system32\dllcache

Can you expand on what you meen by this I know very little about dlls?

Share this post


Link to post
Share on other sites
RocTx

I just came across that problemĀ  :idiot:

@this-is-me

Can you expand on what you meen by this I know very little about dlls?

<{POST_SNAPBACK}>

I believe he means "Rename" taskmgr.exe to something else, replace it with your script or some other "Informational" box so that when Alt+Ctrl+Del is pressed, your script comes up or some other program you choose. It could be your script that shows nothing, does nothing, user would never know. Task manager won't run then, unless you call it through the "Start" - "Run" or some other shortcut. I'm not sure this is the answer you were looking for.

RocTx

Share this post


Link to post
Share on other sites
Nova

I believe he means "Rename" taskmgr.exe to something else, replace it with your script or some other "Informational" box so that when Alt+Ctrl+Del is pressed, your script comes up or some other program you choose. It could be your script that shows nothing, does nothing, user would never know. Task manager won't run then, unless you call it through the "Start" - "Run" or some other shortcut. I'm not sure this is the answer you were looking for.

You believe wrong ,Please read the full thread before posting !

That dosent work becasue of windows file protection.

He said

Or rename the taskmgr in the system32\dllcache first before renaming the regular taskmgr.

Im trying to figure out what he ment by system32\dllcache

That I assume will let you rename C:\WINDOWS\system32\taskmgr.exe even with windows file protection on !

Edited by nova

Share this post


Link to post
Share on other sites
lyledg

What this-is-me is trying to get across is that there is a copy of the taskmgr.exe kept in two locations, one in the usual C:\WINDOWS\system32 and another in C:\WINDOWS\system32\dllcache. The latter folder is a storage for important system files that if and when changed, it will be copied back to the C:\WINDOWS\system32 directory to avoid system crashes etc. This-is-me was trying to say that if you had to rename BOTH taskmgr.exe's in BOTH locations (starting with C:\WINDOWS\system32\dllcache) after switching off WFP first, then you should be able to get around your problem of renaming taskmgr.exe without it re-appearing.

Share this post


Link to post
Share on other sites
Nova

Thank you very much lyledg

Share this post


Link to post
Share on other sites
sykes

Currently checking on this because renaming the file in dllcache doesn't stop mine from re-appearing ... Will check back in when I figger it out though ... :idiot:

Edit: It's like I thought ... In Windows XP (and every version since Windows 2000 sp2 I believe) Windows File Protection is enabled and you are unable to disable it without hexing the "sfc_os.dll" file to allow disabling the protection. Any files protected by WFP (Windows File Protection) will be automatically restored upon changing or deleting said files. The program I mentioned allows you to turn the protection on and off at will (with a reboot required since sfc_os.dll cannot be hexed while windows is running). I also have the directions for doing this manually around here somewhere, but it's 100% easier to do it with the aid of XPLite.

Edited by sykes

We have enough youth. How about a fountain of SMART?

Share this post


Link to post
Share on other sites
this-is-me

Well there is one more option without hexxing your os files. There may also be servicepackfiles folder and/or an i386 folder with those files in them. If you rename in all locations first, you will be safe.


Who else would I be?

Share this post


Link to post
Share on other sites
pcdestroyer

yeah that disable taskmgr is cool :D

but u can disable a whole bunch of stuff from the registry

such as:

DISABLE REGEDIT.EXE !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!-----------------------------------------------------------------------------------------

 
     
  (Default) REG_SZ (value not set)  
  DisableRegistryTools REG_DWORD 0x00000001 (1)  
 
 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\...  
 


Registry Settings 
User Key: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\
System]
Value Name: DisableRegistryTools
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = allow regedit, 1 = disable regedit)
 

Disclaimer: Modifying the registry can cause serious problems that may require you to reinstall your operating system. We cannot guarantee that problems resulting from modifications to the registry can be solved. Use the information provided at your own risk. 


DISABLE CMD AND BATCH FILES !!!!!!!!!!!!!!!!!!!!!

Registry Settings 
User Key: [HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System]
Value Name: DisableCMD
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = default, 1 = disabled, 2 = disabled but allow batch)

DISABLE RUN IN THE START MENU

User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Value Name: NoRun
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disabled, 1 = enabled)



--------------------------DISABLE SETTINGS @ START MENU


Hide the Taskbar Settings on the Start Menu (All Windows) Popular 
This restriction removes the Taskbar and Start Menu item from the Control Panel, and it also removes the Properties item from the Start menu context menu.

Exit your registry, you may need to restart or log out of Windows for the change to take effect. 


Note: Removing the Taskbar, Control Panel, and Printer folders causes the Settings menu to be removed completely. 



 
     
  (Default) REG_SZ (value not set)  
  NoSetTaskbar REG_DWORD 0x00000001 (1)  
 
 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\...  
 


Registry Settings 
User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Value Name: NoSetTaskbar
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disabled, 1 = enabled)

I hope u can put this to good use :lol: hehehe it is good if u wanna make a script that messes up ur windows :idiot:

You can find more here

Edited by pcdestroyer

Share this post


Link to post
Share on other sites
Nova

@ pcdestroyer I am well aware of the keys in the registry which control user policies settings

I hope u can put this to good use wink.gif hehehe it is good if u wanna make a script that messes up ur windows evil.gif

Autoit was not intended as a toy language for idiots, who just want to write simple and lame virus scripts, that as you so eloquently put it mess up windows

This kind of thing really annoys me :idiot:

Edited by nova

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×