In-Reply-To: <[EMAIL PROTECTED]> Winter,
I've verified this on Win2K SP2. Interesting. I use Perl for system programming on Windows platforms, particularly for IR and forensics. The Win32::TaskScheduler module will completely enumerate even the hidden (attrib +h) tasks... I mention this, as I'm putting together a full-blown IR application that is made up of my scripts, and can be run from a CD. This will be included in my upcoming book. Harlan >Ive found that you can use attrib.exe on files in %windir%\tasks, >particularly with the +h attribute. "Attrib.exe +h *" will hide all >scheduled tasks from AT, Scheduled Tasks (both Control Panel + explorer) = >and >"dir %windir%\tasks" (unless you use dir /a or have it set as such in >%dircmd%). Browsing %windir%\tasks on the cmd line with "dir /a" is the >only way ive been able to detect jobs that have been hidden this way. = >They >run as scheduled. Tested on 2000 SP3 & XP SP1. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
