Posted On January 16, 2020

PowerShell: How To Make A System App Do Nothing

kimconnect 0 comments
blog.KimConnect.com >> Codes , Windows >> PowerShell: How To Make A System App Do Nothing
January 16, 2020January 16, 2020 kimconnectkimconnect 0 Comments 
# How-To-Make-Existing-System-App-Do-Nothing.ps1

# Provide variables
$hive="REGISTRY::HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\WORDPAD.EXE"
$key="(default)"
$value="C:\Windows\dummy.exe"
$defaultValue="C:\Program Files\Windows NT\Accessories\WORDPAD.EXE"

# Dummy-File-Creator.ps1
$dummyFile="C:\Windows\dummy.exe"
$output = new-object byte[] 1; (new-object Random).NextBytes($output);
[IO.File]::WriteAllBytes($dummyFile, $output);
if ($output -ne $null) {
    Write-Host ("$dummyFile has been successfully created");
    }else{
        "Failed to create $dummyFile";
        }

# Set registry key
Set-Itemproperty -path $hive -Name $key -value $value

# Verify result
$command="(get-itemproperty '$hive').'$key'"
Invoke-Expression $command;
Invoke-Expression $value; # It should now do nothing
# Change it back
Set-Itemproperty -path $hive -Name $key -value $defaultValue
Categories:

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Post Image

Read More

Wireshark Overview

SysAdmins, InfoSec, and Network Engineers often use this tool to troubleshot and detect network activities…
Post Image

Read More

Restore User Script

echo offSET RAR="C:\Program Files\WinRAR\RAR.EXE"IF NOT EXIST P:\ (NET USE P: \\WDFS1\BACKUP)cd %USERPROFILE%%RAR% x -y p:\%username%\desktopstuff.rarC:cd…
Post Image

Read More

PowerShell: List Currently Logon Users On Remote Servers

# Show current sessions on a list of servers$servers="SHERVER005","SHERVER007";$servers|%{"$_`n$(query user /server:$_|Out-String)"} # Sample OutputPS C:\Windows\system32>…