Task Scheduler Archives

Winsage

June 14, 2025

6 registry tweaks every tech-savvy user must apply on Windows 11

Windows 11 provides customization tools such as the Settings app, Control Panel, and Group Policy Editor, but advanced users often utilize the Registry Editor for deeper control. Key Registry tweaks include: 1. Disable the Home page in Settings: Modify the Registry to revert the Settings app to open directly to the "System" section instead of the "Home" page by creating a string value named SettingsPageVisibility and setting it to hide:home. 2. Disable automatic Windows Update: Prevent automatic downloads and installations by creating a key named WindowsUpdate under Policies, then a subkey AU, and a DWORD value NoAutoUpdate set to 1. 3. Disable the Lock Screen experience: Expedite the sign-in process by creating a key named Personalization and a DWORD value Nolockscreen set to 1. 4. Enable automatic Registry backup: Restore automatic Registry backups by creating a DWORD value EnablePeriodicBackup set to 1 and scheduling a task to run daily for backup. Editing the Registry carries risks, and it is advised to back up the PC before making changes.

Winsage

June 12, 2025

Windows Task Scheduler Vulnerability Let Attackers Escalate Privileges

A critical security vulnerability, designated as CVE-2025-33067, has been identified in the Windows Task Scheduler, allowing attackers to escalate privileges to SYSTEM level access without prior administrative rights. This vulnerability is rated as "Important" with a CVSS score of 8.4 and is due to improper privilege management within the Windows Kernel’s task scheduling component. It affects multiple Windows versions, including Windows 10 (Versions 1607, 1809, 21H2, 22H2), Windows 11 (22H2, 23H2, 24H2), and Windows Server 2016-2025. Microsoft released security updates on June 10, 2025, to address this flaw across 27 different Windows configurations. The vulnerability requires local system access, no prior privileges, and no user interaction, making it particularly dangerous. Security researcher Alexander Pudwill discovered and disclosed the vulnerability.

Tech Optimizer

June 9, 2025

ViperSoftX Malware Used by Threat Actors to Steal Sensitive Information

The AhnLab Security Intelligence Center (ASEC) has reported that ViperSoftX malware, first identified in 2020, continues to pose a significant threat, particularly targeting cryptocurrency-related information. It disguises itself as cracked software or eBooks on torrent sites and uses deceptive tactics to infect users globally. ViperSoftX exploits the Windows Task Scheduler to execute malicious PowerShell scripts and communicates with its command-and-control server to transmit detailed system information. The malware captures clipboard activity to steal cryptocurrency wallet addresses and employs mechanisms to avoid detection, including self-removal. It also deploys secondary payloads like Quasar RAT and ClipBanker, which hijacks wallet addresses during transactions. ASEC warns that infections can lead to total system compromise and advises users to avoid unverified downloads and maintain updated security measures. Indicators of Compromise (IOCs): - MD5: - 064b1e45016e8a49eba01878e41ecc37 - 0ed2d0579b60d9e923b439d8e74b53e1 - 0efe1a5d5f4066b7e9755ad89ee9470c - 197ff9252dd5273e3e77ee07b37fd4dd - 1ec4b69f3194bd647639e6b0fa5c7bb5 - URLs: - http://136.243.132.112/ut.exe - http://136.243.132.112:881/3.exe - http://136.243.132.112:881/APPDATA.exe - http://136.243.132.112:881/a.ps1 - http://136.243.132.112:881/firefoxtemp.exe - IPs: - 136.243.132.112 - 160.191.77.89 - 185.245.183.74 - 212.56.35.232 - 89.117.79.31

Winsage

May 22, 2025

Windows Server Flaw a Shortcut to Privilege Escalation

An unpatched vulnerability in Windows Server 2025, identified by Akamai researchers, is associated with a method called "BadSuccessor." This flaw, considered "trivial" to exploit and present in the default configuration, allows for privilege escalation and potential full domain compromise. The vulnerability arises from delegated managed service accounts (dMSA), which were intended to enhance security during the migration of legacy service accounts. However, dMSAs can inherit permissions from legacy accounts, enabling attackers to simulate a migration and gain access to the permissions and encryption keys of those accounts without verification. The attack requires prior permissions within an Active Directory organizational unit, indicating a previous breach. Akamai reported the vulnerability to Microsoft on April 1, but Microsoft classified its severity as "moderate." Akamai recommends organizations restrict the creation of dMSAs to mitigate risks associated with this vulnerability.

Tech Optimizer

May 17, 2025

New ‘Defendnot’ tool tricks Windows into disabling Microsoft Defender

A tool named Defendnot can disable Microsoft Defender on Windows devices by registering a counterfeit antivirus product using an undocumented Windows Security Center (WSC) API. Developed by researcher es3n1n, it exploits the API to register a fictitious antivirus that meets Windows' validation criteria, leading to the automatic disabling of Microsoft Defender. Defendnot circumvents security measures by injecting a dummy antivirus DLL into the trusted Taskmgr.exe process. It also includes a loader for configuration customization and establishes an autorun entry through the Windows Task Scheduler for persistence. Microsoft Defender currently detects and quarantines Defendnot as a Win32/Sabsik.FL.!ml.

Tech Optimizer

April 15, 2025

Steps to Scan Your Computer for Free and Check for Viruses and Malware

Windows Security, previously known as Windows Defender, is a built-in security tool in Windows 10 and 11 that provides comprehensive protection against viruses and malware without requiring additional software. Users can perform manual scans, including Quick, Full, and Custom scans, to identify and eliminate threats. To run a scan, users must open Windows Security, navigate to "Virus & threat protection," and select the desired scan option. Windows Security also includes features such as real-time protection, firewall and network protection, app and browser control, device security, and account protection. It is essential to keep Windows Security updated with the latest virus definitions for optimal protection. Users can also schedule automatic scans for regular checks.

Winsage

April 3, 2025

6 features worth enabling God Mode in Windows 11 for

God Mode in Windows grants access to over 200 settings and functionalities, many of which are typically hidden. Users can pin the God Mode folder to the Start menu or Quick Access in File Explorer for easy access. Key features include: - BitLocker: A disk encryption tool that protects data on drives using AES encryption, accessible via password, PIN, or Windows Hello. - Network Management: Simplifies access to network settings for connecting, checking status, and troubleshooting connectivity issues. - Power Management: Allows quick adjustments to power plans, battery settings, and actions for closing the laptop lid or pressing power buttons. - Accessibility: Offers extensive settings for users with disabilities, including tools like Narrator and Magnifier. - File Type Options: Enables users to manage file type associations and visibility of files and folders. - Windows Tools: Centralizes access to built-in maintenance tools like Disk Cleanup and Task Scheduler. God Mode enhances the user experience by providing a more efficient way to navigate system features compared to the traditional Control Panel.

Winsage

March 30, 2025

5 reasons I use PowerShell to automate boring Windows tasks

PowerShell automates repetitive computing tasks, enhancing productivity by offering a faster command-line interface (CLI) compared to traditional graphical user interfaces (GUIs). It simplifies app management, allowing users to reinstall or update applications more effectively than through the Microsoft Store. PowerShell also streamlines file management with the Move-Item cmdlet, which transfers files and deletes the original from the source. Users can automate scripts with Task Scheduler for routine tasks, and it supports system maintenance through cmdlets and custom scripts, benefiting both IT administrators and casual users. PowerShell's automation capabilities make it a valuable tool for optimizing computing experiences.

Winsage

March 28, 2025

Office is too slow, so Microsoft is making it load at Windows startup

Microsoft is introducing a feature called "Startup Boost" for its Office suite, allowing applications like Word and Excel to launch automatically upon booting Windows. This feature will only be enabled on devices with a minimum of 8GB of RAM and 5GB of available disk space. The rollout will begin in mid-May, starting with Microsoft Word, and users can disable the feature in Word’s settings or through the Task Scheduler.

Winsage

March 27, 2025

Microsoft: New Windows scheduled task will launch Office apps faster

Microsoft is launching a feature called "Startup Boost" for its Office applications, scheduled for rollout in mid-May. This feature aims to improve loading times by introducing a background task that activates upon user logon, integrated into the Windows Task Scheduler. Users will see new tasks labeled Office Startup Boost and Office Startup Boost Logon in their task scheduler. The feature requires a minimum of 8 GB of RAM and 5 GB of free disk space and will deactivate when Energy Saver mode is activated. Users can disable Startup Boost through the Office app settings, but it will reactivate with each new Office update. Additionally, Microsoft is testing ad-supported versions of its Office desktop applications.