Is there a way to know the source and legitimacy of the tasks in the task scheduler in windows server 2008 and 2003? Can I check if the task was added by Microsoft (ie: from sccm) or by a 3rd party application?

For each task in the task scheduler, I want to verify that the task has not been created by a third party application. I only want to allow standards Microsoft Tasks and disable all other non-standards tasks.

I have created a PowerShell script that goes through all the xml files in the C:\Windows\System32\Tasks directory and I was able to read all the xml task files successfully but I am stuck on how to validate the tasks.

Here is the script for your reference:

Function TaskSniper()

{ #Getting all the fils in the Tasks folder $files = Get-ChildItem "C:\Windows\System32\Tasks" -Recurse | Where-Object {!$_.PSIsContainer}; [Xml] $StandardXmlFile = Get-Content "Edit Me";

foreach($file in $files)
{
    #constructing the file path
    $path = $file.DirectoryName + "\" + $file.Name 

    #reading the file as an XML doc
    [Xml] $xmlFile = Get-Content $path


    #DS SEE: http://social.technet.microsoft.com/Forums/en-US/w7itprogeneral/thread/caa8422f-6397-4510-ba6e-e28f2d2ee0d2/
    #(get-authenticodesignature C:\Windows\System32\appidpolicyconverter.exe).status -eq "valid"

    #Display something
    $xmlFile.Task.Settings.Hidden

}

}

Thank you