SChlecky Posted April 20, 2005 Posted April 20, 2005 Hi every1,Is there a way to disable the following security message for .bat Files?Let me explain:I want to start 2 .bat Files after a unattended isntallation fo WInXP Pro. The problem is, that after the automatically login of the admin it comes this message and the whole installation stops.In the attachment u can c what I mean.Thanks
Mike_Wilson Posted April 20, 2005 Posted April 20, 2005 This registry tweak removes it:; Disable Popup For Running Files You Download From Internet[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download]"CheckExeSignatures"="no""RunInvalidSignatures"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments]"SaveZoneInformation"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations]"LowRiskFileTypes"=".zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;"
Martin Zugec Posted April 20, 2005 Posted April 20, 2005 This is not the safest way to do it - add your distribution server to Trusted Sites and it will work great.
SChlecky Posted April 20, 2005 Author Posted April 20, 2005 hi soulin,but how to add it, without stopping the installation?
Martin Zugec Posted April 20, 2005 Posted April 20, 2005 Using cmdlines.txt, add server to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap (no. 2 means Trusted).Easiest way is to add it in gui (in IE Tools - Security etc.), explorting whole registry key to reg file and then rewrite it and import during T-12 phase
Mike_Wilson Posted April 20, 2005 Posted April 20, 2005 Safest way? If you dont want to set all the files to being safe then just put .bat files in the tweak like below.; Disable Popup For Running Files You Download From Internet[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download]"CheckExeSignatures"="no""RunInvalidSignatures"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments]"SaveZoneInformation"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations]"LowRiskFileTypes"=".bat;"I dont see any problems with that. But I may be wrong
durex Posted April 20, 2005 Posted April 20, 2005 Because the entire point of that warning msg is to make you aware youre about to launch a file which could do some major dmg to your system as it will allow ANY batch file from ANY source to launch without issue... while Soulins' method only allows any file from that one source to be launched
oioldman Posted May 12, 2005 Posted May 12, 2005 Just investigated this and solves an issue that you can't do via winnt.sif, I know as looked in ref.chm and thought, bugger.Thanks for this snippet soulin, and is much safer in the long term than a regkey.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now