Jump to content
Cubert

"Flu Shot" Antivirus & Malware plugin for LabTech

Recommended Posts

Thanks Cubert, I followed your instructions this morning and all seems to be working again!

 

Hi Richard, i tried to do this myself and it didnt work. Did you end up applying the tables manually?

 

Logs table


CREATE TABLE `plugin_sw_flushot_logs` ( `ClientID` int(11) NOT NULL,  `ComputerID` int(11) NOT NULL,  `Logs` longtext,  `LogDate` varchar(45) NOT NULL, PRIMARY KEY (`ComputerID`,`LogDate`)) ENGINE=InnoDB DEFAULT CHARSET=utf8

 

Configs table

CREATE TABLE `plugin_sw_flushot_config` (  `ClientID` int(11) NOT NULL,  `ComputerID` int(11) NOT NULL,  `ScanType` varchar(45) DEFAULT NULL,  `RK` varchar(8) DEFAULT NULL,  `MEM` varchar(8) DEFAULT NULL,  `TRACE` varchar(8) DEFAULT NULL,  `COOKIES` varchar(8) DEFAULT NULL,  `PUP` varchar(8) DEFAULT NULL,  `ZIP` varchar(8) DEFAULT NULL,  `NTFS` varchar(8) DEFAULT NULL,  `AC` varchar(8) DEFAULT NULL,  `FileAction` varchar(45) DEFAULT NULL,  `NurseCheck` int(11) DEFAULT NULL,  PRIMARY KEY (`ComputerID`)) ENGINE=InnoDB DEFAULT CHARSET=utf8

Share this post


Link to post
Share on other sites

Great work. Thanks for all the work you put into all your plugins!

 

For an idea, maybe put an option to email once scan is complete?

Share this post


Link to post
Share on other sites
Thanks Cubert, I followed your instructions this morning and all seems to be working again!

 

Hi Richard, i tried to do this myself and it didnt work. Did you end up applying the tables manually?

 

I didn't have to add the tables manually, from my LT server I removed the Flushot 1.1 plugin, went in to SQLYOG and removed the one table I did have, then reopened labtech and installed the newer version of the plugin, closed the plugin manager, reopened it, ticked the box beside flushot and restarted LT one more time to find all was working.

Share this post


Link to post
Share on other sites
Thanks Cubert, I followed your instructions this morning and all seems to be working again!

 

Hi Richard, i tried to do this myself and it didnt work. Did you end up applying the tables manually?

 

I didn't have to add the tables manually, from my LT server I removed the Flushot 1.1 plugin, went in to SQLYOG and removed the one table I did have, then reopened labtech and installed the newer version of the plugin, closed the plugin manager, reopened it, ticked the box beside flushot and restarted LT one more time to find all was working.

 

Yeap thats the typical process

Share this post


Link to post
Share on other sites
Thanks Cubert, I followed your instructions this morning and all seems to be working again!

 

Hi Richard, i tried to do this myself and it didnt work. Did you end up applying the tables manually?

 

Logs table


CREATE TABLE `plugin_sw_flushot_logs` ( `ClientID` int(11) NOT NULL,  `ComputerID` int(11) NOT NULL,  `Logs` longtext,  `LogDate` varchar(45) NOT NULL, PRIMARY KEY (`ComputerID`,`LogDate`)) ENGINE=InnoDB DEFAULT CHARSET=utf8

 

Configs table

CREATE TABLE `plugin_sw_flushot_config` (  `ClientID` int(11) NOT NULL,  `ComputerID` int(11) NOT NULL,  `ScanType` varchar(45) DEFAULT NULL,  `RK` varchar(8) DEFAULT NULL,  `MEM` varchar(8) DEFAULT NULL,  `TRACE` varchar(8) DEFAULT NULL,  `COOKIES` varchar(8) DEFAULT NULL,  `PUP` varchar(8) DEFAULT NULL,  `ZIP` varchar(8) DEFAULT NULL,  `NTFS` varchar(8) DEFAULT NULL,  `AC` varchar(8) DEFAULT NULL,  `FileAction` varchar(45) DEFAULT NULL,  `NurseCheck` int(11) DEFAULT NULL,  PRIMARY KEY (`ComputerID`)) ENGINE=InnoDB DEFAULT CHARSET=utf8

 

Thanks Cubert this solved the issue. No idea why removing it and re-adding it didnt work.

Share this post


Link to post
Share on other sites

I found and fixed the issue with the tables not being created during upgrades from earlier versions. So many 1's and 0's I should of taken the RED pill.

 

 

 

Cubert :ugeek:

Share this post


Link to post
Share on other sites

Hi Cubert,

 

First off, love your work !!!

 

Having trouble running the scripts. Install Plugin, Imported the Scripts (had to move them into the correct folder).

 

Got Stuck on Looking for 7za.exe in Transfer/Software, I manually got it from Transfer\Utilities\7 Zip\ and moved it in

 

Script is now stuck looking for Emsisoft\emsisoft.bat which I cannot find ? (did I import this correctly ?)

 

Cheers

 

Christian

Share this post


Link to post
Share on other sites

Nope should of give that as part of plugin manager but since everything was In the wrong place may have not been created

 

I can post all tools needed and send that out when I get back from synergy boot camp Thursday

Share this post


Link to post
Share on other sites

Works really well but I am wondering if you have any plans for a whitelist? I am seeing some labtech used executables being flagged and removed.

 

mailpv.exe detected: Riskware.Win32.PSWTool.MailPassView (A)

ProduKey.exe detected: Riskware.Win32.ProductKey (A)

Share this post


Link to post
Share on other sites

Hi Cubert,

 

I'm not finding i'm having much luck running this on PC's. I've only just had time morning to really look in to it, i've just ran the script on a test PC and after an hour or so I can see the second script fails, and in the commands I See the following:

 

Error with powershell script:Could not load file or assembly 'System.Management.Automation, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.

 

Any ideas?

 

Cheers again,

 

Richard

Share this post


Link to post
Share on other sites
Hi Cubert,

 

I'm not finding i'm having much luck running this on PC's. I've only just had time morning to really look in to it, i've just ran the script on a test PC and after an hour or so I can see the second script fails, and in the commands I See the following:

 

Error with powershell script:Could not load file or assembly 'System.Management.Automation, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.

 

Any ideas?

 

Cheers again,

 

Richard

 

Nevermind... got my ID's mixed up, that log was from an XP machine that didn't have powershell.

Share this post


Link to post
Share on other sites

yeap, upgrade to powershell V2 as a minimum. That will give you the default mods needed to parse files

Share this post


Link to post
Share on other sites
Nope should of give that as part of plugin manager but since everything was In the wrong place may have not been created

 

I can post all tools needed and send that out when I get back from synergy boot camp Thursday

 

Looks like I'll need them, too.

Share this post


Link to post
Share on other sites

Ok we just released version 1.2.1 that now includes several fixes and new client tab with Excel reporting.

Share this post


Link to post
Share on other sites
Cubert, it's still failing for me with no emsisoft.bat. Any chance you could just post its contents here?

 

Doh,

 

I forgot I was connected via http to console when I exported scripts, this causes it to not include files I use.

 

I re-exported it now with the files included in script and also included the scripts as externally (just in case..)

 

Enjoy!

Share this post


Link to post
Share on other sites

A new version of 1.2.1 has been uploaded, This should resolve any issues with last script not including the script files.

Share this post


Link to post
Share on other sites

Ok, at this point, it fails with "No EXE Available, UnZip must of failed.."

 

It does download necessary files, and runs the bat, but even in testing, I'm unable to see any files appear in LTSvc\Emsisoft when extracted. Even when I run "7za.exe x a2cmd.zip" manually from a command line. It appears to extract, and if I run it again, it asks if I want to overwrite, but it's not in ltsvc\emsisoft.

 

Any ideas? could it be an outdated 7za.exe or something?

Share this post


Link to post
Share on other sites

I am not able to duplicate the issue,

 

Have you tried to just unzip app directly using windows? Does app extract under any circumstance?

 

I will look at what it will take to have script just pull the exe across from LT transfer dir and get that out as an extra script.

Share this post


Link to post
Share on other sites

Interesting...

 

First I have changed a few things in the script so anyone having issues with the unzip and or files not showing up can now place a "a2cmd.exe" along with its supporting files in the C:\windows\ltsvc\Emsisoft directory and the script will see it and skip all the downloads and unzipping and go strait to updating defs and launching scans.

 

 

Next as for the Invalid Char in Base64 String, I am working on that, i have made a few changes that could cause that and have updated the DLL. I was not able to recreate here on my systems so I am not sure if this was the fix. Please give it a try and see if that corrects it or if you get the same thing again.

 

New zip uploaded with new script and dll files 501kb, dated 10-06-2014 4:11:30 PM

Edited by Guest

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×