Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox .js copy


  • Please log in to reply
1 reply to this topic

#1 JohnnyJammer

JohnnyJammer

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:12:38 AM

Posted 29 March 2016 - 10:52 PM

I wrote a lot of VBS scripts and converted them to batch files the last week because i have implemented the no scripting (noscript.exe) policy on the client nodes.

This means that wsf, vbs and js files wont run directly and execute using wscript and cscript, the same thing ransomeware uses.

anyway a link to Windows 10 nagware can be found here http://www.bleepingcomputer.com/forums/t/609409/windows-10-nagware-uninstaller/

That used to uninstall the 3 critical updates MS is pushing to install GWX, or as many know it Windows Bloatware.

 

The technique they are using to install and download other KB updates is amazing and something hat malware does, very sneaky instead because you cannot find anything on the other KB updates.

 

Anyway, the other main issue i had was copy our custom .js file to users Mozilla Firefox profiles (It has a proxy details in the .js file).

Add this to a Userconfig/startup/logon script as a batch file.

@ECHO OFF
cd "%APPDATA%\Mozilla\Firefox\Profiles\*.defaul*"
XCOPY /I /e /q /y "\\YourServer\netlogon\user.js"
::We used cvustom mime types for custom software, you dont need this line below if you dont
XCOPY /I /e /q /y "\\YourServer\netlogon\mimeTypes.rdf"
cd \
exit

Change computer name at user logon

@ECHO OFF
reg ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D} /ve /d %computername% /t REG_SZ /f
exit

get Auto cad settings (I like to make sure everyone uses the correct templates and plotters(CBT files etc))

Note that <<Unnamed Profile>> is changed to that of a default one created for end users IE(AutoCad2016)

@ECHO OFF
IF EXIST \\YourServer\SomeSharedFolder\AutoCADSettings\%computername%_CADSettings.txt del \\YourServer\SomeSharedFolder\AutoCADSettings\%computername%_CADSettings.txt /f /q
ping -n 5 127.0.0.1 > %TMP%\PING
FOR /F "skip=2 tokens=2,*" %%A IN ('REG QUERY "HKCU\Software\Autodesk\AutoCAD\R19.1\ACAD-D002:409\Profiles\<<Unnamed Profile>>\General" /v "PrinterConfigDir"') DO SET plot=%%B
FOR /F "skip=2 tokens=2,*" %%A IN ('REG QUERY "HKCU\Software\Autodesk\AutoCAD\R19.1\ACAD-D002:409\Profiles\<<Unnamed Profile>>\General" /v "PrinterDescDir"') DO SET pmp=%%B
FOR /F "skip=2 tokens=2,*" %%A IN ('REG QUERY "HKCU\Software\Autodesk\AutoCAD\R19.1\ACAD-D002:409\Profiles\<<Unnamed Profile>>\General" /v "PrinterStyleSheetDir"') DO SET plotstyles=%%B
FOR /F "skip=2 tokens=2,*" %%A IN ('REG QUERY "HKCU\Software\Autodesk\AutoCAD\R19.1\ACAD-D002:409\Profiles\<<Unnamed Profile>>\General" /v "QnewTemplate"') DO SET qnew=%%B
FOR /F "skip=2 tokens=2,*" %%A IN ('REG QUERY "HKCU\Software\Autodesk\AutoCAD\R19.1\ACAD-D002:409\Profiles\<<Unnamed Profile>>\General" /v "TemplatePath"') DO SET template=%%B
ECHO CAD 2014 Plotters=%plot% >> \\YourServer\SomeSharedFolder\AutoCADSettings\%computername%_CADSettings.txt
ECHO CAD 2014 PMP=%pmp% >> \\YourServer\SomeSharedFolder\AutoCADSettings\%computername%_CADSettings.txt
ECHO CAD 2014 Plotstyles=%plotstyles% >> \\YourServer\SomeSharedFolder\AutoCADSettings\%computername%_CADSettings.txt
ECHO CAD 2014 QNew=%qnew% >> \\YourServer\SomeSharedFolder\AutoCADSettings\%computername%_CADSettings.txt
ECHO CAD 2014 Template=%template% >> \\YourServer\SomeSharedFolder\AutoCADSettings\%computername%_CADSettings.txt
EXIT  

Disable custom desktop background for terminal server

@ECHO OFF
::TerminalServer would be that of your RDP server
if /I %computername:~0,6% EQU TerminalServer (
    GOTO 1
) else (
    wmic process call create "\\YourServer\NETLOGON\Bginfo.exe \\YourServer\NETLOGON\BGInfo.bgi /nolicprompt /SILENT /TIMER:00"
    )
:1
exit

Enjoy


Edited by JohnnyJammer, 29 March 2016 - 11:00 PM.


BC AdBot (Login to Remove)

 


#2 JohnnyJammer

JohnnyJammer
  • Topic Starter

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:12:38 AM

Posted 30 March 2016 - 04:48 PM

If no one is keen just let me know and i will remove the scripts that are not related to Mozilla .js user prefs file.

Just note that i also have batch files that pull software keys from the registry hive using similar methods above. very handy for auditing!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users