Solved

Enforce Startup

Posted on 1999-01-25
18
264 Views
Last Modified: 2010-05-03
I have apps that launch at startup from the registry. I have methods to prevent users from exiting once the app starts. But users can still press ctrl-alt-del and end the task before the app comletely starts while win95 is booting. Screen saver mode dosn't work. Registering as service dosn't work. How can I force users into my app at startup?
0
Comment
Question by:Neal Hartman
  • 8
  • 7
  • 3
18 Comments
 
LVL 3

Expert Comment

by:cognition
ID: 1470511
The old way under windows 3.1 etc was to set the shell= in the system ini. There is a similar entry in the registry. Try using that.
0
 
LVL 12

Expert Comment

by:mark2150
ID: 1470512
No matter what you try there's always going to be a narrow sliver of time where your app can be killed or prevented from running. This is *necessary* for if this didn't exist you'ld have to reformat the disk if your app ever had a bug!

There is no way to absolutely, positively, no matter what, guarentee that *YOUR* app will fire on startup. If there were, how would you *STOP* it? You'ld have to reformat the drive (or maybe hit it with a hammer). *NOT* a good idea!

M

0
 
LVL 3

Expert Comment

by:cognition
ID: 1470513
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

The above key has a shell entry. I have never tried altering it, but it may do the job.

You can also put code in all the queryunload events.


0
 
LVL 3

Expert Comment

by:cognition
ID: 1470514
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

The above key has a shell entry. I have never tried altering it, but it may do the job.

You can also put code in all the queryunload events.


0
 
LVL 3

Expert Comment

by:cognition
ID: 1470515
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

The above key has a shell entry. I have never tried altering it, but it may do the job.

You can also put code in all the queryunload events.


0
 
LVL 3

Expert Comment

by:cognition
ID: 1470516
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

The above key has a shell entry. I have never tried altering it, but it may do the job.

You can also put code in all the queryunload events.


0
 
LVL 3

Expert Comment

by:cognition
ID: 1470517
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

The above key has a shell entry. I have never tried altering it, but it may do the job.

You can also put code in all the queryunload events.


0
 
LVL 12

Expert Comment

by:mark2150
ID: 1470518
Jeeze Cognition, we heard you the first time! <G>

BTW, the queryunload will only prevent his app from shutting down, if they interrupt the system before it's launched...

M

0
 
LVL 3

Expert Comment

by:cognition
ID: 1470519
Oops. We are having a little problem here. I can't work out if my internet connection is funny because of MS Proxy server, or if its the ISP. I wanted to upgrade to version 2, but the MSDN cd has gone for a walk.

I tried my propsed solution, and it works very well. I used taskmgr.exe. The only problem is, you end up without a desktop, and it also bypasses the startup folder and run entry in the registry. Very entertaining if you want to freak someone out. A bit like the blue screen of death screensaver!

0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 12

Expert Comment

by:mark2150
ID: 1470520
Yeah, you can diddle with the Policy Editor to lock the workstation down. Then you set the BIOS to prevent floppy boot and password the BIOS so they can't change it back - god help you if you ever need to update the system!

Actually tho, a user could still press <F8> and single step the bootup. I've never met a standalone system that I couldn't hack into given time and tools.

M

0
 
LVL 1

Author Comment

by:Neal Hartman
ID: 1470521
F8 can be disabled in the msdos.sys file.

0
 
LVL 12

Expert Comment

by:mark2150
ID: 1470522
Ok, so we:

1) Diddle the MSDOS.SYS file to block <F8>
2) Tweak the BIOS to prevent floppy boot
3) Force the registry with POLEDIT to prevent access to DOS prompt and to turn off RUN option, etc.
4) Change Cognitions registry key
5) Put preventative code in the Query_Unload event.
6) You'll also need ON ERROR RESUME NEXT at the global level to prevent a runtime fault.
7) The BIOS also needs to be smart enough to ignore errors at bootup to prevent the user from forcing a keyboard error.
8) You need to password the BIOS so the settings can't be compromised.
9) The system must not log into a LAN where the administrator can do nasty things to you while logging in.
10) You can't install PCAnywhere or remote control software or ICQ for remote access.

*THEN* you might be able to insure that your app gets control most of the time.

M


0
 
LVL 3

Expert Comment

by:cognition
ID: 1470523
Just write your own Operating System. It has to be less buggy than any of MS's offerings!
0
 
LVL 12

Expert Comment

by:mark2150
ID: 1470524
Actually that's not *that* hard to do. You simply take a copy of COMMAND.COM and edit the internal command table to eliminate the commands you don't want the users to execute. Put a SHELL= statement in the start of CONFIG.SYS so it executes *YOUR* version of COMMAND.COM instead of the normal one and let it fly! ;-)

As an aside, we once wrote a critical error interceptor for DOS that was a TSR that would force our app to restart if (somehow) they managed to crap it out. Well, to make a long story short we lost a month of development time to a *teeny* bug that we solved in 10 minutes - once we *saw* the error message that our "critical error" handler was consuming! (sigh)

HEY! Here's an *IDEA*. Rename your application EXPLORER.EXE. The OS restarts that one automatically!

M

0
 
LVL 1

Author Comment

by:Neal Hartman
ID: 1470525
No matter which method of loading the app you suggest the user can still End Task before  it finished loading. The only possiblity so far is from mark2150 to rename My App to exporer.exe. My App then becomes the desktop. The user can still End the task but gets an unusable blank desktop. Only problem is exiting My App. I can exit to the renamed explorer.exe OK but still have a blank desktop.
0
 
LVL 12

Accepted Solution

by:
mark2150 earned 200 total points
ID: 1470526
So anyway, theres your answer. As I said, there is NO WAY to completely guarentee your app runs, nor should there be. If you could lock it down then you can't *EVER* change out that program.

M

0
 
LVL 12

Expert Comment

by:mark2150
ID: 1470527
Thanx for the points.

Think about it, if your app replaced the desktop then there's nothing to exit *to*. If you allow the desktop to exist then there is the possibility that the desktop won't decide to run your app.

BTW, just what are you trying to do? any way you could run that app as DOS thread. I mean, if it's that critical that *your* app run, then it sounds like the box is doing a dedicated task. Since DOS is a single threaded task it sounds like it would be a good match.

M

0
 
LVL 1

Author Comment

by:Neal Hartman
ID: 1470528
Its a single purpose laptop w/o a floppy drive. Need win95 for vb and other win apps. Laptop is used by electricians (low computer skills) around the country to interface with locomotives. Keeping them away from desktop cuts down on support calls when the try to "fix" things.

Rich

0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Background What I'm presenting in this article is the result of 2 conditions in my work area: We have a SQL Server production environment but no development or test environment; andWe have an MS Access front end using tables in SQL Server but we a…
Since upgrading to Office 2013 or higher installing the Smart Indenter addin will fail. This article will explain how to install it so it will work regardless of the Office version installed.
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now