There is a basic presumption with these tools that your helpdesk/deskside people have Administrative rights to the desktop PCs. While some people are paranoid about this, with virus threats a real concern Administrative rights and remote control are essential. There should be policy regarding when and why the PC is accessed, especially for remote control.
One more consideration, though it may not be the way things are now, is that your systems should be built in a consistant manner. Different technical types do things different ways, that doesn't mean the way things are currently done are wrong, there are many good ways of doing things. Some techs prefer one large disk, others prefer a partitioned hard disk. There are arguments for both. The key is that throughout your organisation there's minimal varation.
These tools are formulated for one scheme where that hard disk is partitioned into 4 pieces. For a 40 Gb Drive it's likely C: 10Gb, D: 10Gb, E: 15Gb, and Y: 5Gb is the scheme though some variation in size may occur. At one time our systems were a single partition, the user's files trampled the space for OS files and caused excessive down-time. We're currently re-sizing systems due to a change in our application suite to ensure they are allocated enough space on C:. While this is time consuming it is necessary at this time based on choices beyond our control.
Our recent roll-out of systems has lessened the blow but the remaining systems need re-partitioning. While we are currently licensed for Symantec Ghost, we have decided to purchase licenses for Partition Magic to complete these systems efficiently. Re-Partitioning can be done using Ghost, with an added degree of safety, by backing up the system, then restoring it with the adjusted partition sizes.
Please note that long lines have been split. Look for ~SPLIT LINE~ to re-join these lines.
Checking Symantec Antivirus Defs Remotely
NOTE: X:\ISTOOLS is an accessible storage location for tools (duh). RMTSHARE.EXE is part of the Resource Kits for NT4/2000.
chkDefs.cmd
@echo off
color 1F
SET KILLSHARE=0
SET target=%1
if "%target%"=="/?" GOTO HELP
if "%target%"=="" SET /P target=Update which System?
if "%target%"=="" goto help
IF EXIST \\%TARGET%\C$\*.* GOTO DOIT
X:\ISTOOLS\RMTSHARE \\%TARGET%\C$=C:\ | FIND /I "command failed"
IF %ERRORLEVEL% EQU 0 GOTO FAILED
SET KILLSHARE=1
IF EXIST \\%TARGET%\C$\*.* GOTO DOIT
:DOIT
:VIEW
START NOTEPAD "\\%TARGET%\c$\Program Files\ ~SPLIT LINE~
Common Files\Symantec Shared\VirusDefs\DEFINFO.DAT.
goto end
:HELP
CLS
color 4F
echo **************************************************************************
echo * *
echo * chkDefs.cmd - Retrieves a remote systems Virus Defs Info. *
echo * *
echo **************************************************************************
echo * Usage: *
echo * chkDefs [computername] *
echo * *
echo * 8:42 AM 7/21/2004 *
echo **************************************************************************
pause
goto end
:FAILED
echo Could not create Remote Connection to %TARGET%
goto end
:NOTFOUND
echo Could not find system %TARGET%
goto end
:end
ATTRIB +R \\%TARGET%\c$\WINNT\system32\drivers\etc\HOSTS.
IF %KILLSHARE% EQU 1 X:\ISTOOLS\RMTSHARE \\%TARGET%\C$ /d
color
Internet Explorer Pop-Up Windows/Links are blank
Occationally something goes wrong in Internet Explorer that ensures every pop-up window is blank. To fix this the simple answer is to run 'regsvr32 /s urlmon.dll' and all is well. For simplicity this CMD file corrects the problem while not exposing some of the tech of the solution.
fixBlankPopUp.cmd
@echo off
color 1F
echo Expeiencing Blank Pop-Ups in Internet Explorer?
echo Close your browser and all Internet Explorer windows.
echo you're done come back here and...
pause
regsvr32 /S urlmon.dll
echo Done. Thank-you.
pause
Changing the HOSTS file to protect those surfing users...
The following will install a more restrictive HOSTS. file to protect or simply restrict a user's browsability. You may need to formulate or find some HOSTS files to accomodate your needs but the tools will work with any file you create. I have included a "Big Brother" option (HOSTS.BB) to use on those people who enjoy wasting company time.
setHOSTS.CMD
@echo off
color 1F
SET KILLSHARE=0
SET target=%1
if "%target%"=="/?" GOTO HELP
if "%target%"=="" SET /P target=Update which System?
if "%target%"=="" goto help
IF EXIST \\%TARGET%\C$\*.* GOTO DOIT
X:\ISTOOLS\RMTSHARE \\%TARGET%\C$=C:\ | FIND /I "command failed"
IF %ERRORLEVEL% EQU 0 GOTO FAILED
SET KILLSHARE=1
IF EXIST \\%TARGET%\C$\*.* GOTO DOIT
:DOIT
IF NOT EXIST \\%TARGET%\C$\*.* GOTO NOTFOUND
IF "%2"==".BB" GOTO BROTHER
IF "%2"==".O" GOTO ORIGINAL
IF "%2"==".V" GOTO VIEW
IF "%2"==".bB" GOTO BROTHER
IF "%2"==".Bb" GOTO BROTHER
IF "%2"==".bb" GOTO BROTHER
IF "%2"==".b" GOTO BEAGLE
IF "%2"==".B" GOTO BEAGLE
IF "%2"==".o" GOTO ORIGINAL
IF "%2"==".v" GOTO VIEW
ATTRIB -R \\%TARGET%\c$\WINNT\system32\drivers\etc\HOSTS.
XCOPY X:\ISTOOLS\HOSTS.TXT \\%TARGET%\c$\WINNT\system32\drivers\etc\HOSTS. /Y
goto end
:BROTHER
ATTRIB -R \\%TARGET%\c$\WINNT\system32\drivers\etc\HOSTS.
XCOPY X:\ISTOOLS\HOSTS_BB.TXT \\%TARGET%\c$\WINNT\system32\drivers\etc\HOSTS. /Y
goto end
:BEAGLE
ATTRIB -R \\%TARGET%\c$\WINNT\system32\drivers\etc\HOSTS.
XCOPY X:\ISTOOLS\HOSTS_B.TXT \\%TARGET%\c$\WINNT\system32\drivers\etc\HOSTS. /Y
goto end
:ORIGINAL
ATTRIB -R \\%TARGET%\c$\WINNT\system32\drivers\etc\HOSTS.
XCOPY X:\ISTOOLS\HOSTS_O.TXT \\%TARGET%\c$\WINNT\system32\drivers\etc\HOSTS. /Y
goto end
:VIEW
START NOTEPAD \\%TARGET%\c$\WINNT\system32\drivers\etc\HOSTS.
goto end
:HELP
CLS
color 4F
echo **************************************************************************
echo * *
echo * setHOSTS.CMD is used to update or reset a HOSTS. file on a TCI system. *
echo * *
echo **************************************************************************
echo * Usage: *
echo * setHOSTS {computername] [switch] *
echo * *
echo * Default Action: place "safe" hosts file on system to protect *
echo * against hijackers and adware websites. *
echo * *
echo * *
echo * Switches: *
echo * .O - Original HOSTS. file *
echo * .V - View user's Host file *
echo * *
echo * 10:10 AM 6/24/2004 *
echo **************************************************************************
pause
goto end
:FAILED
echo Could not create Remote Connection to %TARGET%
goto end
:NOTFOUND
echo Could not find system %TARGET%
goto end
:end
ATTRIB +R \\%TARGET%\c$\WINNT\system32\drivers\etc\HOSTS.
IF %KILLSHARE% EQU 1 X:\ISTOOLS\RMTSHARE \\%TARGET%\C$ /d
color
pause
Wallpaper and ScreenSaver Enforcement
Ensuring the company is protected and that the corporate look and feel is consistent is critical. Not every company cares but those that do will like this. This can be enforced remotely using this tool, the added benefit is that it re-enforces itself once installed.
While I have customized this for each type of machine, your preference may be to customize by department. The whole system consists of two batch files, a menu file, plus the support files, which are stored in the support folder and dependant upon options. The screensaver I use was created using IrfanView 3.85, the perfect tool for simple graphic manipulation. The .ICO is an extra. I haven't decided what to do with that yet.
setCorp.CMD - FIRST FILE
@echo off
color 1F
SET KILLSHARE=0
SET target=%1
if "%target%"=="/?" GOTO HELP
if "%target%"=="" SET /P target=Update which System?
if "%target%"=="" goto help
if "%target%"=="." SET TARGET=%COMPUTERNAME%
IF EXIST \\%TARGET%\C$\*.* GOTO DOIT
\\tcint1\apps\ISTOOLS\RMTSHARE \\%TARGET%\C$=C:\ | FIND /I "command failed"
IF %ERRORLEVEL% EQU 0 GOTO FAILED
SET KILLSHARE=1
IF EXIST \\%TARGET%\C$\*.* GOTO DOIT
:DOIT
IF NOT EXIST \\%TARGET%\C$\*.* GOTO NOTFOUND
SET RESP=%2
IF "%RESP%"=="" GOTO NOSWITCH
echo Configuring %TARGET% as %RESP%:
GOTO PICK%RESP%
goto NOSWITCH
:NOSWITCH
if not exist \\tcint1\apps\ISTOOLS\setCorpChoices.txt goto Default
CLS
echo Updating System: %TARGET%
type \\tcint1\apps\ISTOOLS\setCorpChoices.txt
CHOICE /C:123456789Q Selection:
IF %ERRORLEVEL% EQU 1 SET RESP=Default
IF %ERRORLEVEL% EQU 2 SET RESP=T41
IF %ERRORLEVEL% EQU 3 SET RESP=T30
IF %ERRORLEVEL% EQU 4 SET RESP=T23
IF %ERRORLEVEL% EQU 5 SET RESP=T21
IF %ERRORLEVEL% EQU 6 SET RESP=S50
IF %ERRORLEVEL% EQU 7 SET RESP=M42
IF %ERRORLEVEL% EQU 8 SET RESP=M41
IF %ERRORLEVEL% EQU 9 SET RESP=M200
IF %ERRORLEVEL% EQU 10 SET RESP=
IF %ERRORLEVEL% EQU 11 SET RESP=
CLS
IF NOT "%RESP%"=="" echo Configuring for %RESP%:
GOTO PICK%RESP%
:Pick
CLS
echo No Selection, cancelled.
pause
goto end
:PickDefault
XCOPY X:\istools\setCorpsrc\CORPSTD.BMP ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
SET BITMAP=CORPSTD.BMP
XCOPY X:\istools\setCorpsrc\CORPSTD.CMD ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.SCR ~SPLIT LINE~
\\%TARGET%\c$\WINNT\SYSTEM32 /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.ICO ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
goto COMPLETE
:PickT41
XCOPY X:\istools\setCorpsrc\WPT41_*.BMP ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
SET BITMAP=WPT41_1600.BMP 2
XCOPY X:\istools\setCorpsrc\CORPSTD.CMD ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.SCR ~SPLIT LINE~
\\%TARGET%\c$\WINNT\SYSTEM32 /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.ICO ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
goto COMPLETE
:PickT30
XCOPY X:\istools\setCorpsrc\TCI_T30*.BMP ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
SET BITMAP=TCI_T30_1400.BMP 2
XCOPY X:\istools\setCorpsrc\CORPSTD.CMD ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.SCR ~SPLIT LINE~
\\%TARGET%\c$\WINNT\SYSTEM32 /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.ICO ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
goto COMPLETE
:PickT23
XCOPY X:\istools\setCorpsrc\TCI_T23*.BMP ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
SET BITMAP=TCI_T23_1280.BMP 2
XCOPY X:\istools\setCorpsrc\CORPSTD.CMD ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.SCR ~SPLIT LINE~
\\%TARGET%\c$\WINNT\SYSTEM32 /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.ICO ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
goto COMPLETE
:PickT21
XCOPY X:\istools\setCorpsrc\TCI_T21*.BMP ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
SET BITMAP=TCI_T21_1024.BMP 2
XCOPY X:\istools\setCorpsrc\CORPSTD.CMD ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.SCR ~SPLIT LINE~
\\%TARGET%\c$\WINNT\SYSTEM32 /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.ICO ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
goto COMPLETE
:PickS50
XCOPY X:\istools\setCorpsrc\TCI_S50*.BMP ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
SET BITMAP=TCI_S50_1600.BMP 2
XCOPY X:\istools\setCorpsrc\CORPSTD.CMD ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.SCR ~SPLIT LINE~
\\%TARGET%\c$\WINNT\SYSTEM32 /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.ICO ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
goto COMPLETE
:PickM42
XCOPY X:\istools\setCorpsrc\TCI_M42*.BMP ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
SET BITMAP=TCI_M42_1400.BMP 2
XCOPY X:\istools\setCorpsrc\CORPSTD.CMD ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.SCR ~SPLIT LINE~
\\%TARGET%\c$\WINNT\SYSTEM32 /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.ICO ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
goto COMPLETE
:PickM41
XCOPY X:\istools\setCorpsrc\CORPSTD.BMP ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
SET BITMAP=CORPSTD.BMP
XCOPY X:\istools\setCorpsrc\CORPSTD.CMD ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.SCR ~SPLIT LINE~
\\%TARGET%\c$\WINNT\SYSTEM32 /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.ICO ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
goto COMPLETE
:PickM200
XCOPY X:\istools\setCorpsrc\TCI_M200*.BMP ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
SET BITMAP=TCI_M200_SPECIAL.BMP
XCOPY X:\istools\setCorpsrc\CORPSTD.CMD ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.SCR ~SPLIT LINE~
\\%TARGET%\c$\WINNT\SYSTEM32 /I /Y /Q
XCOPY X:\istools\setCorpsrc\CORPSTD.ICO ~SPLIT LINE~
\\%TARGET%\c$\WINNT /I /Y /Q
goto COMPLETE
:COMPLETE
XCOPY X:\istools\REG.EXE \\%TARGET%\c$\WINNT /I /Y /Q
reg ADD \\%TARGET%\HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ~SPLIT LINE~
/V setCorp /t REG_SZ /d "C:\WINNT\CORPSTD.CMD %BITMAP%" /f
reg QUERY \\%TARGET%\HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /V setCorp
color 4F
echo **************************************************************************
echo * *
echo * DONE: WALLPAPER AND BITMAPS WILL BE REPLACED ON NEXT REBOOT *
echo * *
echo * 9:05 AM 7/27/2004 *
echo **************************************************************************
goto end
:HELP
CLS
color 4F
echo **************************************************************************
echo * *
echo * setCorp.CMD is used to send a Virus Fix to a user's system *
echo * *
echo **************************************************************************
echo * Usage: *
echo * setCorp switch [computername] *
echo * *
echo * *
echo * Switches: *
echo * d - Default Toyota Wallpaper/Screensaver *
echo * *
echo * 9:07 AM 7/27/2004 *
echo **************************************************************************
pause
goto end
:FAILED
echo Could not create Remote Connection to %TARGET%
goto end
:NOTFOUND
echo Could not find system %TARGET%
goto end
:end
IF %KILLSHARE% EQU 1 X:\ISTOOLS\RMTSHARE \\%TARGET%\C$ /d
color
pause
CORPSTD.CMD
@ECHO OFF
SET WPStyle=%2
IF "%WPSTYLE%"=="" SET WPStyle=0
SET BITMAP=%~1
IF "%BITMAP%"=="" then SET BITMAP="CORPSTD.BMP"
ECHO Resetting to TCI Standards...
ECHO Resetting Wallpaper...
REG ADD "HKCU\Control Panel\Desktop" ~SPLIT LINE~
/V WallpaperStyle /T REG_SZ /D %WPSTYLE% /F
REG ADD "HKCU\Control Panel\Desktop" ~SPLIT LINE~
/V Wallpaper /T REG_SZ /D "C:\WINNT\%BITMAP%" /F
REG ADD "HKCU\Control Panel\Desktop" ~SPLIT LINE~
/V TileWallpaper /T REG_SZ /D 0 /F
REG ADD "HKCU\Control Panel\Colors" ~SPLIT LINE~
/V Background /T REG_SZ /D "0 0 0" /F
ECHO Resetting ScreenSaver...
REG ADD "HKCU\Control Panel\Desktop" /V SCRNSAVE.EXE ~SPLIT LINE~
/T REG_SZ /D "C:\WINNT\SYSTEM32\CORPSTD.SCR" /F
REG ADD "HKCU\Control Panel\Desktop" ~SPLIT LINE~
/V ScreenSaveActive /T REG_SZ /D 1 /F
REG ADD "HKCU\Control Panel\Desktop" ~SPLIT LINE~
/V ScreenSaverIsSecure /T REG_SZ /D 1 /F
REG ADD "HKCU\Control Panel\Desktop" ~SPLIT LINE~
/V ScreenSaveTimeOut /T REG_SZ /D 600 /F
ECHO Resetting Wallpaper...
REG ADD "HKU\.Default\Control Panel\Desktop" ~SPLIT LINE~
/V WallpaperStyle /T REG_SZ /D %WPSTYLE% /F
REG ADD "HKU\.Default\Control Panel\Desktop" ~SPLIT LINE~
/V Wallpaper /T REG_SZ /D "C:\WINNT\%BITMAP%" /F
REG ADD "HKU\.Default\Control Panel\Desktop" ~SPLIT LINE~
/V TileWallpaper /T REG_SZ /D 0 /F
REG ADD "HKU\.Default\Control Panel\Colors" ~SPLIT LINE~
/V Background /T REG_SZ /D "0 0 0" /F
ECHO Resetting ScreenSaver...
REG ADD "HKU\.Default\Control Panel\Desktop" ~SPLIT LINE~
/V SCRNSAVE.EXE /T REG_SZ /D "C:\WINNT\SYSTEM32\CORPSTD.SCR" /F
REG ADD "HKU\.Default\Control Panel\Desktop" ~SPLIT LINE~
/V ScreenSaveActive /T REG_SZ /D 1 /F
REG ADD "HKU\.Default\Control Panel\Desktop" ~SPLIT LINE~
/V ScreenSaverIsSecure /T REG_SZ /D 1 /F
REG ADD "HKU\.Default\Control Panel\Desktop" ~SPLIT LINE~
/V ScreenSaveTimeOut /T REG_SZ /D 60 /F
ECHO DONE.
setCorpChoices.txt
Please Select a Bitmap Collection to distribute:
================================================
1 - Default/Generic Corporate Suite
2 - T41 Laptop
3 - T30 Laptop
4 - T23 Laptop
5 - T21 Laptop
6 - S50 Desktop
7 - M42 Desktop
8 - M41 Desktop
9 - M200 Toshiba Portege
Q - Quit/Abort
