Page 1 of 1

Tools for PC Technicians / Network Administrators

Posted: 31 Dec 2016, 12:52
by mtodd
Over the last year and a half I have developed several tools for use in my job. All the tools are written in AutoHotkey except two which are in AutoIT (I guess I need to rewrite those).
I help manage and troubleshoot several thousand PCs at work. Two of the tools I use regularly are pictured below. For those who may have similar type of work, let me know if you are interested in the code. I will need to make some variables more generic as far as defaults and domain names used. Let me know what you think.

DocWatch - a utility to watch for file changes on local and network shares, can be used to alert on Crypto malware activity and when someone is making massive changes to a lot of files in a short time. Sends visible alerts and emails to the administrator. The program runs in the background and comes visible when either malware named files are being created or a certain number of file changes are occurring per minute. It is highly configurable. I use it to monitor several network shares which may have well over 10,000 file changes per day. Embedded is DocWatch Reporter that allows user to view current or earlier log files and sort/select in many ways or export to Excel.

Image
Image

--------------------------------------------------------------------------------------------------

PC Dashboard - a utility that allows for multiple lists of PCs to be monitored for hung processes (uses Process Monitor on those PCs to generate logs). It also allows for lists of PCs to be created that you want to inventory or control in many different ways. It uses many Windows, Systernals and Nirsoft utilities behind the scenes. Users MUST have Domain Admin rights on their network for most of the commands to return information.

Image
Image
Image
Image

General Overview from the program:

The PC Dashboard is used for up to two list of Computers:

1) A list of computers that are being monitored for application problems - their associated Log files are displayed in a list. These computers must be running the Process Monitor application which creates and updates their Log file. Use the Inject Monitor option to copy Process Monitor and its shortcut to the user's PC so it will run the next time they log on.

2) A list of computers of your choice that you regularly work with or are helping other users with. These may be desktops, laptops, VDI terminals, servers and printers. But, very little information will be gathered unless the PC is a user desktop or laptop. VDI Terminals and Printers may be browsed to with Internet Explorer. Servers may be remote controlled via Bomgar, RDP and SCCM.

With both lists, each computer may be checked for Online status, Logged on user plus various other pieces of information. Any computer can be remote controlled, restarted, browsed, task listed, any task killed, and pinged. A password is required to restart any system. As a bonus function, you may reset a user's AD password and unlock their account with the Reset Password menu option. [If a computer has a Note associated with it then it will be checked. (Use Alt-N to create Notes)

These utilities are bundled with the PC Dashboard executable:

CSVFileView -> Log file viewer
PSlist -> Get PC Tasks
PSkill -> Kill PC Task
PSinfo -> Displaying PC Info and software
PSloggedon -> Get PC logged on user Info
SwithMail -> Generate email alerts
Process Monitor -> For injecting process monitor into another PC
IP_Scanner -> Allows users to enter a range of IPs and retrieve PC names to help create a List of PCs
Lockoutstatus -> Allows users retrieve Login info for selected user, unlock account, reset password

The program also uses the following commands and applications:

Net -> used to add/remove users as Administrators on a PC
ChkDsk -> Check Disk utility for use when disk errors are posted in a PC's System Event log
TaskKill -> Windows standard taskkill, has the option to kill all non responding apps
DsQuery -> used to retrieve user fullname, computer OU
DsMod, DsGet -> used to DsQuery to unlock an AD account and reset the user's password
WMIC -> Windows Machine Instrumentation Command line is used to retrieve PC Hardware Vendor, Model, RAM, BIOS Date
*CmRcViewer -> SCCM Remote Control Viewer, user must install
Mstsc -> Microsoft Remote Desktop
*Bomgar -> Bomgar Remote Control app, user must install

Re: Tools for PC Technicians / Network Administrators

Posted: 03 Jan 2017, 05:12
by semihselcuktest
Nice work!

Yes. Please post codes here. For sure I will use it. :D

Re: Tools for PC Technicians / Network Administrators

Posted: 03 Jan 2017, 14:50
by Ruevil2
Users MUST have Domain Admin rights on their network for most of the commands to return information.
The user performing the lookups or every user on the network? I am really not stoked about the idea of every user having domain admin rights.

Re: Tools for PC Technicians / Network Administrators

Posted: 03 Jan 2017, 20:50
by mtodd
Just the person running the script needs Domain Admin rights.

You will need to tweak it for your network. Do find/replace on .hrc.corp with your domain name/suffix for starters.
Also note all of the File Installs. All are freeware tools or already come with Windows. Microsoft LAPS and RSAT will need to be downloaded from their site. Bomgar and SCCM Remote Viewer are paid for apps. Remote Desktop comes with Windows.

You should be able to download it from this link. It's over 5,000 lines so far.

http://s355751075.onlinehome.us/wp-cont ... 2.ahk_.txt

After you get started with it I can upload a Zip file with the associated Icons. On my system I have all of the file installs and icons in my c:\temp folder.

Mike

Re: Tools for PC Technicians / Network Administrators

Posted: 03 Jan 2017, 21:33
by Ruevil2
I see. I misunderstood what you meant by User there. Thanks for the clarification! I will have a look through it as there is a ton of functionality in there. I need something to monitor the less skilled computer users on my network.

Posted: 04 Jan 2017, 03:57
by Best-Code-in-Use
Really nice Work...
I'm very interested on your DocWatch Script...

Can you share it?

Re: Tools for PC Technicians / Network Administrators

Posted: 04 Jan 2017, 04:19
by jNizM
@BCiU
its based on this: WatchFolder()

Re: Tools for PC Technicians / Network Administrators

Posted: 04 Jan 2017, 04:32
by hoppfrosch
@mtodd: You also use "CSVFileView.exe" Where can I get it?

Re: Tools for PC Technicians / Network Administrators

Posted: 04 Jan 2017, 04:51
by jNizM
@hoppfrosch
CSVFileView by NirSoft

Re: Tools for PC Technicians / Network Administrators

Posted: 04 Jan 2017, 05:12
by hoppfrosch
@jNizM: Thanks!

Posted: 06 Jan 2017, 01:32
by Best-Code-in-Use
@jNizM:

Greetings and thank you for:
its based on this: WatchFolder()

Re: Tools for PC Technicians / Network Administrators

Posted: 18 Feb 2019, 05:54
by shadad
the link is down.

any new link for this amazing tool?

Re: Tools for PC Technicians / Network Administrators

Posted: 18 Feb 2019, 12:14
by tank
since you have not posted a script I am moving this topic to OffTopic

Re: Tools for PC Technicians / Network Administrators

Posted: 23 Feb 2019, 22:08
by SOTE
shadad wrote:
18 Feb 2019, 05:54
the link is down.

any new link for this amazing tool?
Seems that mtodd hasn't been around for a little bit. However, a copy of the file (PC-Dashboard) still exists on the Wayback Machine. Can't say if the version shown is the latest that exists or not. Here is the link-
https://web.archive.org/web/20170905064909/http://s355751075.onlinehome.us:80/wp-content/uploads/PC-Dashboard2.ahk_.txt

He also has a blog, so you might contact him there and ask him to update his post personally or if you just wish to contact him. Link-
http://s355751075.onlinehome.us/