Endpoint Protection

 View Only

  • 1.  Script Cleanwipe and PsExec

    Posted Jan 09, 2011 09:01 AM

    Hi All

     
    I'm hoping someone on here will be able to help as I have exhausted google and all other avenues. I am no expert when it comes to scripting but I'm hoping someone can tell me if the following can be scripted.
     
    I need to remove Symantec Antivirus 8 from about 400 pc's. I have managed to find scripts to help determine which machines have been left on (I have asked users but I know some people will still shutdown).
     
    So I have a text file with a list of pc names that I know are turned on and I have also copied across the CleanWipe folder which contains an app folder and a bat file.
     
    Now in the cleanwipe readme it says the following,

    To run CleanWipe in silent mode:
    --------------------------------
    1. Copy the CleanWipe folder to the target computer.
    2. Open the CleanWipe folder and double-click the CleanWipe.exe file.
    3. When you are prompted, browse to a location where you want the files to be copied and then click Start to extract the files. 
    If you click Start without selecting a location, the files are extracted to the Windows\Temp folder.
    4. If you are asked if you want to run CleanWipe now, click No.
    5. Open a command prompt and change directory to the CleanWipe\app folder.
    6. Type the following command:
    RunCleanWipe -silent
    7. CleanWipe then uses its defaults to run without any user input.
     
    Okay, so I tested this with PsExec and did the following,
     
    psexec \\pcname cmd
     
    which would take me to
     
    PsExec v1.98 - Execute processes remotely
    Copyright (C) 2001-2010 Mark Russinovich
    Sysinternals - www.sysinternals.com

    Microsoft Windows XP [Version 5.1.2600]
    (C) Copyright 1985-2001 Microsoft Corp.
    C:\WINDOWS\system32>
     
    Now I will navitage to the folder where I meant to run RunCleanWipe -silent
     
    C:\CleanWipe\app\ and then I run RunCleanWipe -silent
     
    This works great and starts the first process of cleanwipe. I then have to log on to the specific machine to initiate the second process of cleanwipe. I haven't found a way to automate that but first things first I suppose :-)
     
    I found the following script but this doesn't work (alive.txt is the list of pcs)
     
    for /f %a in (C:\ping\Alive.txt) do psexec \\%a "c:\CleanWipe\app\RunCleanWipe -silent"
     
    but when I run this I get the following error

    PsExec could not start c:\CleanWipe\app\RunCleanWipe -silent on pcname:
    The system cannot find the file specified
     
    Can someone please explain why this is happening with the above command but when I do it manually it works?
     
    Your help with this will be much appreciated!


  • 2.  RE: Script Cleanwipe and PsExec

    Posted Jan 09, 2011 03:10 PM

    I'd just like to add that I have also run the command without the double quotes,

    for /f %a in (C:\ping\Alive.txt) do psexec \\%a c:\CleanWipe\app\RunCleanWipe -silent

    and get the same error.



  • 3.  RE: Script Cleanwipe and PsExec
    Best Answer

    Posted Jan 17, 2011 04:17 AM

     

    So this seems to kick off the batch file and reboots the machine.

    psexec \\@Alive.txt -w  c:\cleanwipe\app\ c:\CleanWipe\app\RunCleanWipe.bat -silent

    Now I need to figure out how to script the next phase instead of having to logon to every machine which kicks off a batch file called RunTwice.bat and lives in the C:\ drive after the first batch runs. This second process cleans up the rest of symantec on the pc and then reboots the pc for the last time.



  • 4.  RE: Script Cleanwipe and PsExec

    Posted Jan 28, 2011 01:21 PM

    CleanWipe is not designed to work with any SAVCE version before version 9.x

     

    MJD