GFI Max scripts for workstation maintenance?

Xander

Xander

Banned
Reaction score
66
Location
Niagara region, Ontario
I'm trialing the GFI Max Remote Maintenance and so far, so good. I've been doing remote maintenance for customers and think this might be a way to work smarter, not harder.

GFI allows for "js, vbs, cmd, bat, pl, php, py, rb, ps1"

These are the tasks I do in my scripted remote maintenance.
SysRestore() ;should be easily scriptable to force a daily point
Cleanup(); taken care of by built-in script but would like it if it could tell me how much it had cleaned.
Uninstalls() ;removes toolbars and crap. Could probably just throw together a batch file of the Uninstall commands without much difficulty.
NonWinUpdates(); taken care of by Patch feature
AV() ;GFi recognizes a bunch of AVs but not a lot that my residentials are using. My own script can only run a handful of AVs automatically but it would be great if I could force a scan.
SAS() ;my script runs SASportable and I manually progress it
MBAM() ;
HitmanPro() ;would like to DL the latest and run a check
TDSSKiller();would like to DL the latest and run a check
SysLog(); checks Event log - taken care of by standard check
Winupdate(); taken care of by Patch feature
StartupLite(); prunes unnecessaries from Autostart list. Could probably turn into a script and delete standardized entries.


So, the point of this thread is to inquire if anyone has scripts that could fulfill these functions or, for that matter, if you've got anything else you'd like to throw into the pot.
 
I'm looking to start off with the SuperAntispyware section of my script. I got this VBS off the GFI forums. The DL link is the same one I use in my AutoIt script which works. In this code, though, it DLs the installer for SAS-free, not the portable. I don't know VB at all so a new learning curve awaits. I'm sure there's got to be a way to send a few SendKey and whatnot.

Code: 
' Downloads an executable file from the web and runs it
    sourcefile = "[B]http://www.superantispyware.com/sasportable.php[/B]"
     
    Set filesys = CreateObject("Scripting.FileSystemObject")
    targetFile = filesys.GetSpecialFolder(2) & "\temp.exe"
     
    GetInternetFile sourcefile, targetfile
     
    Set WshShell = WScript.CreateObject("WScript.Shell")
    WshShell.Run targetfile, 8, True
     
    Function GetInternetFile(strFileURL, strHDLocation)
      '   strFileURL = URL for file to retrieve ex.: "http://www.example.com/file.txt"
      '   strHDLocation = Path and name to save the file to ex.: "D:\file.zip"
     
      ' Fetch the file
      Set objXMLHTTP = CreateObject("MSXML2.XMLHTTP")
     
      objXMLHTTP.open "GET", strFileURL, false
      objXMLHTTP.send()
     
      If objXMLHTTP.Status = 200 Then
      Set objADOStream = CreateObject("ADODB.Stream")
      objADOStream.Open
      objADOStream.Type = 1 'adTypeBinary
     
      objADOStream.Write objXMLHTTP.ResponseBody
      objADOStream.Position = 0    'Set the stream position to the start
     
      Set objFSO = Createobject("Scripting.FileSystemObject")
      If objFSO.Fileexists(strHDLocation) Then objFSO.DeleteFile strHDLocation
      Set objFSO = Nothing
     
      objADOStream.SaveToFile strHDLocation
      objADOStream.Close
      Set objADOStream = Nothing
      End if
     
      Set objXMLHTTP = Nothing
    End Function
 
Create System Restore Point

As a remote task, you probably would want to remove the middle msg section. I would like to know how to pass info back to the Agent file so that pass/fail could be reported.
Code: 
'Unattended System Restore Point
'sysrestorepoint.vbs
'© Doug Knox - rev 02/11/2002
'Downloaded from www.dougknox.com 
'Extracted from original code by Bill James - www.billsway.com 

Set sr = getobject("winmgmts:\\.\root\default:Systemrestore") 

msg = "New Restore Point successfully created." & vbCR
msg = msg & "It is listed as: " & vbCR
msg = msg & "Automatic Restore Point " & Date & " " & Time'Put a ' in front of the next five lines to disable the Success Failed Prompt.
If (sr.createrestorepoint("Automatic Restore Point", 0, 100)) = 0 Then
 MsgBox msg
Else
 MsgBox "Restore Point creation Failed!"
End If

'Remove the ' from the next 3 lines to only alert you if the process failed
'If (sr.createrestorepoint("Automatic Restore Point", 0, 100)) <> 0 Then
'    MsgBox "Restore Point creation Failed!"
'End If
 
Mbam

I was curious what was out there. Found this code at this site.
Gave it a quick run on my system. It's written for x32 so I adjusted the path manually.
Code: 
with createobject("wscript.shell") 
  .run """%programfiles%\malwarebytes' anti-malware\mbam.exe"" /update"
wscript.sleep(7500)
set shl = CreateObject("Wscript.Shell")
shl.SendKeys "{Enter}"
wscript.sleep(7500)
  .run """%programfiles%\malwarebytes' anti-malware\mbam.exe"" /fullscan"
end with
I'd change the "fullscan" to "fullscanterminate".

It seems to be trying to run it multiple times. Hmmm.
 
Necroposting!!!

Bringing this thread back to life.
I was getting ready to create a quick script to apply Nick's CryptoPrevent when I remembered this thread. so I thought I'd post here to see if someone already had one... or just to liven this thread up again as it seems we have a bit of interest in GFI on the board as of late.
 
Nice rescue.

I've gotten a good handful of the scripts I'm now using from Jake Paternoster's site:
http://www.screwloose.com.au/category/scripts

Two things I'm now looking at incorporating are CryptoPreventer (including the initial download), and probably dUninstaller. Through the MAV dashboard, I can blacklist a bunch of bad files but not as many as I'd like and just uninstalling them would probably be more thorough.
 
Fix it scripts is great I have a few scripts I requested on there

I use the following at the moment

Cryptoprevent

Smartmontools

Check miscofig at default

Create restore point

Check restore point created

Brand system properties

Clear temp

Defrag

Check ie proxy is default

Hide hidden files and folders

Let me know if you want the scripts ( there are from fixit scripts / gfi forums)
 
Ooops, I should have added that I'm (procrastinatingly) looking to put SmartMonTools into play on my customers' systems. I still have no idea how one turns a script into a full-fledged check rather than 'just' an automated task. If I can get Smartmon running, I would like to get a proper alert from GFI if something fails.
 
Here is a script I have just written for Nick's dSupport. I have seen someone ask for RMM integration and while this is not integrated it does read the log file and report back it's contents. I am about to work on a script to download it using GFI but that will not be until after January

Code: 
get-eventlog -Logname Application -InstanceId 10177 -newest 1 | format-list -property *

It is a powershell script

Event: Stopped
Date: 21-Jan-14 - 00:00:56
Summary: EventID : 10177
MachineName : ME
Data : {1}
Index : 26363
Category : (0)
CategoryNumber : 0
EntryType : Information
Message :
Registry Hive Backup...
Deleting Temp Files...
Cleaning up Internet Explorer...
Checking Time Zone...
Syncing Time...
Windows is processing background tasks...
Fixing Internet Properties...
Creating System Restore Point...



318.34 MB Deleted!

dSupportSuite Maintenance completed, closing app now.
Source : dSupportSuite
ReplacementStrings : {
Registry Hive Backup...
Deleting Temp Files...
Cleaning up Internet Explorer...
Checking Time Zone...
Syncing Time...
Windows is processing background tasks...
Fixing Internet Properties...
Creating System Restore Point...



318.34 MB Deleted!

dSupportSuite Maintenance completed, closing app now.}
InstanceId : 10177
TimeGenerated : 17/01/2014 09:35:25
TimeWritten : 17/01/2014 09:35:25
UserName :
Site :
Container :
Click to expand...
 
I'm a BackBlaze reseller, and here's a script I wrote to check BackBlaze's backup status. It returns the number of bytes that BackBlaze has yet to backup. change
Code: 
echo.%bytes%
to
Code: 
echo.%files%
if you instead want the number of files yet to backup.

Code: 
@echo OFF
@Rem Navigate to the path where the XML file is located
cd C:\ProgramData\Backblaze\bzdata\bzreports\

@Rem Get the line from the XML file containing the string "remainingnumfilesforbackup"
for /f "delims=" %%i in ('findstr /i /c:"remainingnumfilesforbackup" bzstat_remainingbackup.xml') do call :job "%%i"
goto :eof

:job

@Rem Create variable containing that line
set line=%1

@Rem Split the string on the space delimiter
for /f "tokens=1,2,3 delims=/ " %%a in (%line%) do set x=%%a&set y=%%b&set z=%%c

@Rem y = remainingnumfilesforbackup="123"
@Rem z = remainingnumbytesforbackup="123"

@Rem remove first 28 characters and last character.
set files=%y:~28,-1%
set bytes=%z:~28,-1%

@Rem Echo final data.
echo.%bytes%

:eof
 
You must log in or register to reply here.

Similar threads

D
Script to remove windows updates through GFI
Replies
1
Views
1K
YeOldeStonecat
YeOldeStonecat
HCHTech
PCI Compliance, Again
Replies
17
Views
2K
Markverhyden
Markverhyden
thecomputerguy
Charging for Consultations
2
Replies
31
Views
4K
BlackLabTechs
B
T
GFI Max and Quick Remote Access?
Replies
9
Views
2K
Xander
Xander
phaZed
Apple most insecure system by virtue of marketing and denial
Replies
0
Views
2K
phaZed
phaZed
Back
Top