Windows General

Google Drive Install (Business)

Downloads and installs “Backup and Sync” and “Google File Stream”. Once installed the program will require users to login to the Google Drive business account.

Read More

Google Drive Install (Personal)

Downloads and installs “Backup and Sync”. Once installed the program will require users to login to the Google Drive account.

Read More

XMR Endpoint Check

Procedure to check the endpoints for the mining exploit. Created by Douglas Sanchez (douglas.sanchez@kaseya.com) You MUST create a custom field called “XMR” as documented in Kaseya’s article 1-29-18 Modified by Chris A – Virtual Administrator to add Tags, and reduce un-needed entries Review the following video to build a report off the tags. The tag…

Read More

Windows Build Reg Check (WaaSAssessment)

Script checks for build number. First looks for WaasAssesment, which provides a more detailed number. If it is not found, then uses a wmi query to pull the regular version number. Can report using $WinBuild$, $WaaSBuild$, $NoWaaSBuild$.

Read More

Powershell 5 (WMF 5.1) Installer

Powershell 5 is part of WMF 5 and this script downloads and installs WMF 5.1. This script is only for Win7 and Win8.1 machines. Script checks for a couple requirements. First, it checks for .NET 4.5. Then in checks for WMF (Powershell) 4. If both of these are present then script will proceed with installation.…

Read More

Meltdown/Spectre – Vulnerability Check

Installs PS module and runs powershell command Get-SpeculationControlSettings. Outputs the results to a file and reports to the procedure log. Procedure log will indicate if patching may be required. Should work on Powershell 3.0 or later. Results are saved to custom variable (“updateSystemInfo” lines will need to be edited to link to your variable). It…

Read More

Meltdown/Spectre – Vulnerability Check (w/ Tags)

Imports PS module and runs powershell command Get-SpeculationControlSettings. Outputs the results to a file and reports to the procedure log. Procedure log will indicate if patching may be required. Should work on Powershell 3.0 or later. Can run report using tags: $Meltdown$, $MetldownPatch$, $NoMeltdownPatch$, $MeltdownLog$. $Meltdown$ is the same as $MeltdownPatch$ but works across multiple…

Read More

Meltdown Scripts

Folder containing all the current meltdown scripts: Meltdown Reg Key Audit Meltdown Reg Key Force Add Meltdown/Spectre Vulnerability Check Meltdown/Spectre Vulnerability Check (w/ Tags)

Read More

Meltdown Reg Key Force Add

This agent procedure will create the registry key “HKEY_LOCAL_MACHINE:\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat” Value=”cadca5fe-87d3-4b96-b7fb-a231484277cc” Type=”REG_DWORD” on any Windows machine using a powershell script. The registry key is not always required to get the Windows Update to protect against the Meltdown vulnerability. It is advised to check the list of Antivirus at: https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/htmlview?sle=true#gid=0 You can find more information on this…

Read More

Meltdown Reg Key Audit

This agent procedure will check for the existence of the registry key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat\cadca5fe-87d3-4b96-b7fb-a231484277cc” using a powershell script. Can report using $Meltdown$, $MeltdownKey$, $NoMeltdownKey$. $Meltdown$ is the same as $MeltdownKey$ but works across multiple scripts. $NoMeltdownKey$ will only show machines that are missing the key.

Read More