Monday, January 29, 2024

Uninstall Bitdefender with forgotten password remotely

Saw this on /r/bitdefender.

Especially if you are remotely administrating the PC, .

Create a folder on C Drive called "itfolder"

Download and ensure the latest BEST_REmoval_Tool.exe is in the folder.

Run the PS script. It will create a user and reboot into safe mode, then remove the password key entry from the registry, and then reboot again.

# Create Admin User

$adminUsername = "RunOnceAdmin"

$adminPassword = ConvertTo-SecureString -String "abcd123!@-CHANGEME" -AsPlainText -Force

$adminUser = New-LocalUser -Name $adminUsername -Password $adminPassword -AccountNeverExpires -UserMayNotChangePassword -Verbose

$AdminUSerAdminGRoup = Add-LocalGroupMember -Group Administrators -Member $adminUsername -Verbose

# Enable Auto Logon

$autoLogonUsername = "RunOnceAdmin"

$autoLogonPassword = "abcd123!@-CHANGEME"

$regPath = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon"

$regValueName1 = "AutoAdminLogon"

$regValueName2 = "DefaultUserName"

$regValueName3 = "DefaultPassword"

Set-ItemProperty -Path $regPath -Name $regValueName1 -Value "1" -Verbose

Set-ItemProperty -Path $regPath -Name $regValueName2 -Value $autoLogonUsername -Verbose

Set-ItemProperty -Path $regPath -Name $regValueName3 -Value $autoLogonPassword -Verbose

# Output success message

Write-Host "Admin user '$adminUsername' has been created and auto logon enabled."

New-Item c:\itfolder\runoncescript.cmd -Force

$test=@"

REG add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Endpoint Security" /v Key /d "" /f

REG DELETE "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /f

REG DELETE "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultUserName /f

REG DELETE "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /f

bcdedit /deletevalue "{default}" safeboot

shutdown.exe /r /t 00

"@

Set-Content c:\itfolder\runoncescript.cmd -value $test

Set-ItemProperty "HKLM:\Software\Microsoft\Windows\CurrentVersion\RunOnce" -Name '*RunOnceScript' -Value "c:\directit\runoncescript.cmd"

bcdedit /set "{current}" safeboot network

Start-Sleep -Seconds 10

shutdown.exe -r -t 0

Once it's come back online, run these two.

c:\itfolder\BEST_Uninstall_tool.exe /bdparams /bruteForce /noWait
net user RunOnceAdmin /delete

Job done!

at No comments:

Hide what country you're in from Google

Sometimes a VPN alone doesn't do it.  You need to disable all kinds of other location detecting things.

https://surfshark.com/blog/google-location-vpn

at No comments:

Friday, January 19, 2024

Pong

Pong

https://codeincomplete.com/games/pong/

at No comments:

Wednesday, January 3, 2024

Give an AzureAD (Entra) user rights to a local file share

How to create a network share in an AAD only environment

https://miketerrill.net/2019/07/04/how-to-create-a-network-share-in-an-aad-only-environment/

at No comments:
Subscribe to: Posts (Atom)

Use textverified.com to receive text messages

Great for expats.  Allows you to temporarily rent a US phone number -- an actual one, not a VoIP one, so you can receive sms - a txt message...