powershell

sethayes

·

step06

·

Powershell

·

Total Size: 2.18 KB

·

·

Created: 3 months ago

·

Edited: 3 months ago

$Log = "C:\User\Public\Log.txt" [bool]$restart = $false filter timestamp {"$(Get-Date -Format G) | $_"} $allShadows = Get-WmiObject Win32_ShadowCopy | Sort-Object InstallDate | Select-Object -Last 1 If ($null -eq $allShadows) { $drives = @(Get-WmiObject Win32_Volume | Where-Object {($_.DriveType -eq 3) -and (!($null -eq $_.DriveLetter))} | Select-Object DriveLetter).DriveLetter ForEach ($drive in $drives) { cmd.exe /c "vssadmin add ShadowStorage /For=$drive /On=$drive" } } Function isInstalled { $x86 = (Get-ChildItem "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" -ErrorAction SilentlyContinue | Where-Object {$_.GetValue("DisplayName") -like "*$program*"}).Length -gt 0; $x64 = (Get-ChildItem "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall" -ErrorAction SilentlyContinue | Where-Object {$_.GetValue("DisplayName") -like "*$program*"}).Length -gt 0; return $x86 -or $x64 } If (!(isInstalled -program "Sentinel Agent")) { Write-Output "Installing SentinelOne..." | timestamp Write-Output "Installing SentinelOne..." | timestamp | Out-File $Log -Append (New-Object System.Net.WebClient).DownloadFile("https://lt.msinetworks.com/labtech/Transfer/Software/Sentinelone-MSP/SentinelOne_windows_v2_6_3_5948.exe","C:\Users\Public\s1_v_2_635948.exe") cmd.exe /c "C:\Users\Public\s1_v2_635948.exe /quiet /qn /norestart" [bool]$restart = $true Write-Output "...Installed. Rebooting Now..." | timestamp Write-Output "...Installed. Rebooting Now..." | timestamp | Out-File $Log -Append } Else { Write-Output "SentinelOne is Already Installed" | timestamp Write-Output "SentinelOne is Already Installed" | timestamp | Out-File $Log -Append } If ([bool]$restart) { If (Test-Path C:\Users\Public\step06.ps1) { Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" -Name "ScriptStep" -Value "C:\Windows\System32\WindowsPowershell\v1.0\powershell.exe -File 'C:\Users\Public\step07.ps1'" } Restart-Computer -Force -Confirm:$false } Else { If (Test-Path C:\Users\Public\step06.ps1) { & "C:\Users\Public\step07.ps1" } }

0 bits

71 views

Are you sure you want to delete?