How to control or disable CIS remotely


I’ve just accidentally disable all the USB ports of my mini PC and then I couldn’t control the computer anymore using keyboard and mouse. The only way I’ve got now is to use Remote Desktop tool from another laptop to access and fix the UEFI/BIOS remotely. However before the issue happened, I had installed CIS and now CIS has blocked all the connections and accesses that I have tried to this computer.

Methods I have used and failed include:

  • Use PS/2 port ==> there is no PS/2 port in this computer
  • Access the UEFI/BIOS using F2/DEL key ==> cannot use the keyboard due to disabled USB ports
  • Clear CMOS ==> This computer doesn’t have a jumper for doing this
  • Windows Recovery ==> cannot use the USB port for CD-ROM and USB drive
  • Windows Remote Desktop ==> Cannot connect (maybe because it was blocked by CIS or perhaps the service had not been started yet)
  • Teamviewer, VNC or other remote desktop tools ==> cannot do that due to no pre-installed server app
  • PsService of SysinternalsSuite using administrator username/password ==> Access denied (maybe due to CIS block)
  • PsExec of SysinternalsSuite to attempt to run cmd on internal of the computer ==> Access denied (maybe due to CIS block)
  • net use ==> access denied (maybe due to CIS block)

What I’ve got are:

  • administrator account of the issued computer
  • the issued computer has a SD card port and it hasn’t disabled yet
  • another laptop running Windows 10 with administrator account
  • admin rights of the home wifi network which joins the issued computer

So I think the only way is to to control or disable the CIS remotely. Please advise me how to. Any other ideas or methods are also very welcome. Thank you


You can often clear CMOS by removing the battery and waiting a little while then putting it in again, if you do this, remember to pull out the power cord first. ← Assumes you have access to the motherboard.

If the above isn’t an option then you may be able to remove the system drive from the affected computer and plug it in to the laptop (as system drive, i.e boot from it) and then disable the relevant CIS modules from there, alternatively plug it in as an external drive for the laptop and then “disable” CIS by renaming core files so it can’t do its work. (specifically firewall driver)
Although I’m not sure being able to remote control the computer will help you if USB is disabled in BIOS? I don’t think you can change BIOS settings in Windows? Or perhaps you mean to flash a new BIOS in order to clear the USB setting?

I’d recommend trying the battery first, has solved these kinds of issues for me in the past.

Thank you for your advice, Sanya.

I also tried to clear the CMOS before but unfortunately I couldn’t find the battery in the computer, which is just a mini PC stick.

Now I am trying alter UAC Remote Restrictions on the remote computer in order to execute PsExec or net use successfully. However I am still looking forward to an idea.


Oh it’s a stick? I have no idea then, sorry.

Edit: Does it have bluetooth? In that case a bluetooth keyboard could potentially help, not sure.

I have attempted to use a bluetooth keyboard, but it needed to pair with the PC stick first, unfortunately. :cry: Thank you anyway. Any other ideas just let me know anytime

Not sure if I understood it correctly. I’m guessing key is triggering autorun from SD card.

qmarius, thank you. I have just tried to do that but it didn’t run. Perhaps it needed a manual click.

Having attempted various ideas so far, here is my progress:

  1. I am trying disable UAC remotely ==> but this still requires to access Remote Registry Service. Again this is the same case with Remote Desktop Service.
  2. If all alternatives fail, I may use my 6 year old laptop to hack the issued computer ==> Metasploit is a good consideration. I am learning about it
  3. Any ideas please let me know.

I’ll post my progress FYI.


Silly question, but have you checked on the Manufacturers website for a way of performing a hard reset on the stick, maybe something like holding the power button for a certain length of time or maybe a pinhole to use ?

Just a thought :wink:

Make sure that every file is whitelisted for a start, unless you disabled Auto-Sandbox.