Hi,
Do you have a working worklet for Fireeye agent removal?
We have a batch file to remove the agent. Is there a way to create a worklet using a batch file?
Thanks
Userlevel 3
Hi
This is something the Automox Worklet Team can take a look at!
I will send you a DM to get some details and see what we can put together.
Have a great rest of your week!
Userlevel 4
Howdy FerOz,
This has worked for me in the past, including yesterday with another client!
#cd is required only if the .bat file is already on the endpoint somewhere. If you have the .bat attached as a payload of the Worklet, just run the second command
cd "C:\your\custom\directory\"
.\mycustomscript.bat
The ‘.\’ is required since Automox Worklets runs in 32-bit powershell.
Userlevel 5
+1
I’d checkout the new WDK. Pretty powerful tooling here.
The code could legit look like this
Get-Win32App | Where-Object {$_.Name -Match 'FireEye Endpoint Agent'} | Remove-Win32App
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.