Solved

Need a script that will disable the system restore remotely.

Posted on 2008-06-16
12
1,643 Views
Last Modified: 2008-06-16
Hi,

Need a script that will disable the system restore remotely.

Need a way to be able to disable the system restore from all the machines in the file.

Any way to do this...

Need help urgent,.... Many of my machines has got virus within the folder of system restore.

Regards
Sharath
0
Comment
Question by:bsharath
  • 7
  • 4
12 Comments
 
LVL 26

Expert Comment

by:farhankazi
ID: 21792241
Hi Sharath,

Disable "System Restore Service" service on client machines.
I think you already has a script that read files for computer names and disable mentioned service.
0
 
LVL 11

Author Comment

by:bsharath
ID: 21792304
Hi Farhan

Yes i have it but not doing it on a list of machines...
Its a per machine script if i am not wrong
0
 
LVL 11

Author Comment

by:bsharath
ID: 21792305
Hi Farhan

Yes i have it but not doing it on a list of machines...
Its a per machine script if i am not wrong
0
 
LVL 26

Accepted Solution

by:
farhankazi earned 500 total points
ID: 21792514

:: BATCH SCRIPT START 

@ECHO OFF

SETLOCAL EnableDelayedExpansion

SET InputFile=Machines.txt

SET OutputFile=SRSDisableStatus.txt

 

IF NOT EXIST "%InputFile%" ECHO "%InputFile%" file does not exist. &GOTO :EndScript

FOR %%R IN ("%InputFile%") DO IF %%~zR EQU 0 ECHO "%InputFile%" file is empty. &GOTO :EndScript

IF EXIST "%OutputFile%" DEL /F /Q "%OutputFile%"

 

FOR /F %%c IN ('TYPE "%InputFile%"') DO (

	ECHO Processing: %%c

	PING -n 1 -w 1000 %%c|Find /I "TTL" >NUL

	IF NOT ERRORLEVEL 1 (

		SC \\%%c STOP "srservice" >>%OutputFile%

		SC \\%%c config "srservice" start= disabled >>%OutputFile%

	)ELSE (ECHO Unable to connect %%c: system may be offline.))

 

ECHO. &ECHO Script complete. Check "%OutputFile%" file.

:EndScript

ENDLOCAL

EXIT /B 0

:: BATCH SCRIPT END

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
ID: 21792542
Farhan

Does this just stop or restart

I get this in the file


SERVICE_NAME: srservice
        TYPE               : 20  WIN32_SHARE_PROCESS  
        STATE              : 3  STOP_PENDING
                                (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x3a98
[SC] ChangeServiceConfig SUCCESS
0
 
LVL 11

Author Comment

by:bsharath
ID: 21792543
Farhan

Does this just stop or restart

I get this in the file


SERVICE_NAME: srservice
        TYPE               : 20  WIN32_SHARE_PROCESS  
        STATE              : 3  STOP_PENDING
                                (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x3a98
[SC] ChangeServiceConfig SUCCESS
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 26

Expert Comment

by:farhankazi
ID: 21792559
First it will stop the service then it will disable the service.
0
 
LVL 11

Author Comment

by:bsharath
ID: 21793523
Ok what does the above code mean...
has it stopped and disabled?
0
 
LVL 26

Expert Comment

by:farhankazi
ID: 21794308
Above output shows that the service is process of STOP.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21795486
Sharath,

I know you wanted a scripting method to do this, but have you seen the method provided by Group Policy to achieve the same? See http://www.theeldergeek.com/re-enable_system_restore.htm (although do it in Group Policy Management  and not through gpedit.msc!)

Matthew
-tigermatt
0
 
LVL 11

Author Comment

by:bsharath
ID: 21795531
Matthew but i need to do this just for selected computers that have virus sitting inside the restore folder...
So a script is useful...Any ways thanks for the link would be useful some time....
0
 
LVL 11

Author Comment

by:bsharath
ID: 21799395
Thanks Farhan
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Background What I'm presenting in this article is the result of 2 conditions in my work area: We have a SQL Server production environment but no development or test environment; andWe have an MS Access front end using tables in SQL Server but we a…
Whether you’re a college noob or a soon-to-be pro, these tips are sure to help you in your journey to becoming a programming ninja and stand out from the crowd.
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…
The viewer will learn how to clear a vector as well as how to detect empty vectors in C++.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now