August 3, 2018

Maintaining Access of Administrator Windows 7 and USB Access Micro Trend


The maintaining access here means that the steps on Section 3 don’t have to be repeated the next time we boot the PC. Instead we will configure for the steps above to run at startup, to do that we need to know the command line base of the above methods. Code 1 contains a simple command to replace “sethc.exe” with “cmd.exe”. Code 2 contains  commands to stop and disable Trend Micro Unauthorized Change Service, followed by editing “NoPwdProtect” key registry.

copy C:\Windows\System32\cmd.exe C:\Windows\System32\sethc.exe
pause

Code 1. Replace-sethc-with-cmd.bat

sc stop TMBMServer
sc config TMBMServer start= disabled
reg add HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc. /v NoPwdProtect /t REG_DWORD /d 1 /f
Code 2. Disable-Micro-Trend-Office-Scan.bat

The following can be done in “computer management” to add startups:
a)      Open Computer Management (type in search bar), pick the option task scheduler, and then choose create task.
b)      On the General Menu it’s up to you to set but we recommend to tick “run with highest privilege”.
c)       On the Trigger Menu we can choose whether to run at startup, after login, both of them, or custom use.
d)      Finally in Action Menu is where the script is inserted, insert Code 1 and Code 2 one at a time. You can refer to the bat file, but sometimes running bat files is blocked. Another option is to insert the command itself (not the script file / bat file) which is more promising.
e)      Other menu is not needed in this report but feel free in setting to your needs.
f)       Once it is done 2 tasks should show on the scheduler library as in Figure 9. The next time it boots it should run those 2 tasks.

Figure 9. Task Scheduler

No comments:

Post a Comment