Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $vmhost = '*'
- $vcenter = 'vcenter.domain.local'
- $vcenter_user = 'administrator@vsphere.local'
- # Save an encrypted password to a file and retrieve it later for use in a script
- # Read-Host -AsSecureString | ConvertFrom-SecureString | Out-File vc_password.txt
- $vcenter_password = Get-Content 'vc_password.txt' | ConvertTo-SecureString
- if(-not $global:DefaultVIServers) {
- $creds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $vcenter_user, $vcenter_password
- Connect-VIServer $vcenter -Credential $creds
- }
- $vm = 'vm_name'
- $orig_vm_name = $vm
- # Check power state
- $power_state = Get-VM $vm | select PowerState
- if ($power_state.PowerState -eq 'PoweredOn') {Stop-VM -VM $vm -Confirm:$false; while ((Get-VM -Name $vm).PowerState -ne 'PoweredOff') {sleep 2}; $power_state = Get-VM $vm | select PowerState}
- # Rename VM
- Set-VM -VM $vm -Name "$vm-INFECTED" -Confirm:$false | Out-Null
- $vm = "$vm-INFECTED"
- Get-VM $vm
- # Bring snapshot clone online
- # Register VM
- # Get original MAC address
- $original_mac = Get-VM $vm | get-networkadapter | select Name, MacAddress
- # Enable console copy/paste
- $vm = $orig_vm_name
- Get-VM $vm | New-AdvancedSetting -name "isolation.tools.paste.disable" -Value $false -Confirm:$false -Force
- Get-VM $vm | New-AdvancedSetting -name "isolation.tools.copy.disable" -Value $false -Confirm:$false -Force
- # Disconnect NICs
- # Power on
- # Validate virus free
- # get-psdrive -psprovider filesystem | foreach {gci -Path $_.Root -recurse -filter *.locked -ea silentlycontinue}
- # get-scheduledtask -taskname mssystemwatch | unregister-scheduledtask -confirm:$false
- # resolve-path C:\Users\*\AppData\Local\Temp\msnet | remove-item -confirm:$false -force -recurse
- # Scan with Webroot
- # Restore original MAC address
- Write-Output $original_mac
- # Connect NICs
- # Reboot
Add Comment
Please, Sign In to add comment
