Jump to content

Security Message for .bat Files

SChlecky
 Share

Recommended Posts

SChlecky

SChlecky

Posted
Posted

Hi every1,

Is there a way to disable the following security message for .bat Files?

Let me explain:

I want to start 2 .bat Files after a unattended isntallation fo WInXP Pro. The problem is, that after the automatically login of the admin it comes this message and the whole installation stops.

In the attachment u can c what I mean.

Thanks

post-52683-1113990059_thumb.png

Link to comment
Share on other sites

Mike_Wilson

Mike_Wilson

Posted
Posted

This registry tweak removes it:

; Disable Popup For Running Files You Download From Internet
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download]
"CheckExeSignatures"="no"
"RunInvalidSignatures"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments]
"SaveZoneInformation"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations]
"LowRiskFileTypes"=".zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov
;.mp3;.m3u;.wav;"

Link to comment
Share on other sites
Martin Zugec

Martin Zugec

Posted
Posted

Using cmdlines.txt, add server to

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap (no. 2 means Trusted).

Easiest way is to add it in gui (in IE Tools - Security etc.), explorting whole registry key to reg file and then rewrite it and import during T-12 phase

Link to comment
Share on other sites
Mike_Wilson

Mike_Wilson

Posted
Posted

Safest way? If you dont want to set all the files to being safe then just put .bat files in the tweak like below.

; Disable Popup For Running Files You Download From Internet
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download]
"CheckExeSignatures"="no"
"RunInvalidSignatures"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments]
"SaveZoneInformation"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations]
"LowRiskFileTypes"=".bat;"

I dont see any problems with that. But I may be wrong :w00t:

Link to comment
Share on other sites
durex

durex

Posted
Posted

Because the entire point of that warning msg is to make you aware youre about to launch a file which could do some major dmg to your system as it will allow ANY batch file from ANY source to launch without issue... while Soulins' method only allows any file from that one source to be launched

Link to comment
Share on other sites
  • 3 weeks later...
oioldman

oioldman

Posted
Posted

Just investigated this and solves an issue that you can't do via winnt.sif, I know as looked in ref.chm and thought, bugger.

Thanks for this snippet soulin, and is much safer in the long term than a regkey.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...