Jump to content

Sky Slate Blueberry Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate
Photo

Block Task Manager and other potentially harmful programs


  • Please log in to reply
3 replies to this topic
TrivisionZero
  • Members
  • 7 posts
  • Last active: Aug 26 2015 12:19 AM
  • Joined: 20 Aug 2015
I recently found a script on the forums that blocked Task Manager and other such programs to alter Windows in any harmful way, or maybe to manage a work or family computer. By that I mean if you have software installed that monitors the computer, the user can't quit the process anymore with this script. The original was by Muzzi (correct me if he did not make it).
 
I started modifying it to include a password unlock feature, and make it more secure; it now blocks regedit.exe, cmd.exe, and taskkill.exe.
 
The default password is: "password". With no quotes. To change it, edit the script and find the "pw" variable near the end, then just change that.
 
It also includes an emergency Escape hotkey to quit the script at any time.
 
And well, here is my finished script, any suggestions or comments welcome. (it's also my first, so don't hate!
 
; Original script by Muzzi
;Modified script to increase securityand offer a password unlocking system: TrivisionZero




; THIS KILLS TASK MANAGER AND OTHER EXE'S THAT PROVIDE ESCAPE PATHS/HACKING ATTEMPTS
; FOR IT TO WORK EFFECTIVELY PLACE HIDDEN IN THE STARTUP FOLDER


; TO LATER ACCESS ANY OF THESE EXE'S REMOVE THIS FROM STARTUP AND REBOOT.




#NoTrayIcon
#Persistent
#SingleInstance Force


ProcList := "taskkill.exe|cmd.exe|PROCEXP.EXE|taskmgr.exe|sysconfig.exe|msconfig.exe|mmc.exe|regedit.exe"


Loop,
 {
   Loop, Parse, ProcList, | 
  { Process, Close, %A_LoopField% 
  }
 }
Return




Esc::exitapp  ;for testing - remove when actually using




^F4::
comma = ,
InputBox, pw, Enter Password, To disable the Task Manager blocking script%comma% type the correct password below... (it's "password"), hide
if ErrorLevel
    MsgBox, 0, Cancelled..., You cancelled the password operation...
else
    Goto, continue
Return


continue:
if pw = password
    Goto, correct
Else
    Goto, incorrect


correct:
MsgBox, 0, Password Correct!, The password was correct, the script was shut down.
exitapp


incorrect:
Msgbox, 0, Password Incorrect!, The password was incorrect...
Return

 



ErrorOnLine1
  • Members
  • 230 posts
  • Last active: Oct 05 2015 02:46 PM
  • Joined: 25 Dec 2012
I don't mean this to be critical, just curious, as I don't like raining on peoples' parades. 
 
Do shortcuts in the startup folder run in Safe Mode? 
 
Also, if memory serves, shortcuts in the startup folder run late in the boot process. I think I used the following script, or similar, to see at what point it actually started running. It's on the screen for only 2 seconds, so don't blink. 
Spoiler


lifeweaver
  • Members
  • 868 posts
  • Last active: Jan 25 2016 01:29 AM
  • Joined: 04 Mar 2013

If you want to disallow access you migh check out the group policy editer.


My script runs in A_AhkVersion:=1.1.22.07, get the latest version at http://ahkscript.org/download/

Check out this AutoHotkey tutorial: http://ahkscript.git...o/AHK_Tutorial/

Read the documentation: http://ahkscript.org.../AutoHotkey.htm


TrivisionZero
  • Members
  • 7 posts
  • Last active: Aug 26 2015 12:19 AM
  • Joined: 20 Aug 2015

@ErrorOnLine1 Probably, but this is just to block the average user.