Jump to content

Disabling Ctrl+Alt+Del/Taskmgr


G-Stress

Recommended Posts

@ sablefoxx,

Yea I knew I could disable it in gpedit, just didn't know how to implement that in a batch.

Oh ok, you just have to edit some reg keys, never done it in batch but you can do it using a .vbs.  in high school we wrote one to enable taskmgr, cmd, and some other stuff because they were blocked (but you could just create a shortcut to gpedit and change the the settings lol),  however a friend of mine got in some deep shit after getting caught using gpedit so we wrote this .vbs to auto-mate the proccess.

here is the code just edit it to disable rather then enable them.

Set WshShell = WScript.CreateObject("WScript.Shell")
With WScript.CreateObject("WScript.Shell")

On Error Resume Next

.RegDelete "HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystemDisableRegistryTools"
.RegDelete "HKCUSoftwarePoliciesMicrosoftWindowsSystemDisableCMD"
.RegDelete "HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystemDisableTaskMgr"
.RegDelete "HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystemDisableTaskMgr"
.RegDelete "HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystemNoDispCPL"
.RegDelete "HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRestrictCPL"

End With

Mybox = MsgBox(jobfunc & enab & vbCR & "Ultimate Pwnage Complete :-p", 4096, t)

^^Coded by Javabudd^^

Link to comment
Share on other sites

@ sablefoxx,

This looks like this is already setup to disable as it is, rather then enable? I'm not too good with vb yet, so im not sure how to set it to disable if this script "enables", but if it isn't too hard I'll use this script and a one that disables as well  :-D

Thanks

Link to comment
Share on other sites

@ Sc0rpi0,

Yea I plan to use pskill to kill all existing av/spyware processes... or wouldn't it be better if instead of killing the process just stop the service temporarily ;)

Great idea! These anti-av tricks don't really work that well with mcafee.

Even with all of its processes killed, whenever a directory is accessed or a file run, the processes start again... :-(

Any idea?

Link to comment
Share on other sites

Kill process, encrypt (if you wanna bring it back) or delete all Mcafee program files.  Run what ever you want.  Decrypt (if you bothered to save the files) Mcafee.  That may work, just and idea tho.

@G-Stress

That code simple deletes the reg keys, just write a .bat to add them.

@echo off
cls
reg import "example_key"
exit

Link to comment
Share on other sites

@ Sc0rpi0,

Yes mcaffee and norton are the 2 im gonna be most concerned with, because that's what I mostly see on people's computers. Like sablefoxx said deleting or encrypting mcaffee files would be a good idea also... maybe if xp use built in windows encryption if possibly with a .bat file. Also most of these AV's have services that run and im not sure, but I think even if the process is killed the service or some type of service associated with the av is still running depending on av.

@ sablefoxx,

I thought it deleted them I just wanted to make sure:) I will definitely use this script, thanks.

Link to comment
Share on other sites

@ Sc0rpi0,

Yes mcaffee and norton are the 2 im gonna be most concerned with, because that's what I mostly see on people's computers. Like sablefoxx said deleting or encrypting mcaffee files would be a good idea also... maybe if xp use built in windows encryption if possibly with a .bat file. Also most of these AV's have services that run and im not sure, but I think even if the process is killed the service or some type of service associated with the av is still running depending on av.

So you're saying to delete the program files? Just a suggestion, but wouldn't it be best to kill the processes, make a zipped copy of the

program files, delete them, run the otherwise-detected stuff, and finally replace the program files and rerun the processes?

Kind of complicated but maybe I'll create a special batch file package for just Norton and Mcafee.

I have Mcafee but most people I've talked to have Norton. Neither are pausible or completely killable. 

Link to comment
Share on other sites

@ Sc0rpi0,

hmmm... yea that does sound a bit complicated. I'm gonna re-install mcaffee and see what I can think of. The way im setting mine up though I want the user to kill their own AV. For example the average user if they thought they might have a virus what's the first thing their gonna do... try to do a virus scan so my idea is to if virusprocess try's to execute then do this, etc.

I'm tryin to set something up so each step an average user would take to troubleshoot something like a virus it wil backfire, but I also have antidote:)

Link to comment
Share on other sites

@ Sc0rpi0,

hmmm... yea that does sound a bit complicated. I'm gonna re-install mcaffee and see what I can think of. The way im setting mine up though I want the user to kill their own AV. For example the average user if they thought they might have a virus what's the first thing their gonna do... try to do a virus scan so my idea is to if virusprocess try's to execute then do this, etc.

I'm tryin to set something up so each step an average user would take to troubleshoot something like a virus it wil backfire, but I also have antidote:)

Sounds good! Please tell me how it goes.

Thanks.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...