I am attempting to execute the vbs script below so that it will execute on selected Windows Clients to perform cleanup within various temporary folders using Windows built-in cleanmgr.exe /sagerun:1 utility.   The vbs script seems to launch but within a flash it is gone from the screen and the utility does not run....

At one point, I had the utility running but when the 32bit KACE client executed the vbs script instead of making the appropriate changes within the "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches" it instead made the changes in the "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches".

Also:  The script itself works flawlessly when manually executed from the commandline.

2 Questions:
1: Why is the script not executing properly?
2: How can I alter the script to force write into the "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches"

KACE Steps:
Added CleanUp.vbs as dependancy.
Task 1: On success > Launch $(KACE_SYS_DIR)\cscript.exe with params $(KACE_DEPENDENCY_DIR)\CleanUp.vbs
Permissions are set to runas Local Machine.

CleanUp.vbs Script:

Option Explicit
On Error Resume Next

SetRegKeys
DoCleanup


Sub DoCleanup()
Dim WshShell
Set WshShell=CreateObject("WScript.Shell")
WshShell.Run "C:\WINDOWS\SYSTEM32\cleanmgr /sagerun:1"
End Sub

Sub SetRegKeys
Dim strKeyPath
Dim strComputer
Dim objReg
Dim arrSubKeys
Dim SubKey
Dim strValueName
Const HKLM=&H80000002


strKeyPath="SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches"
strComputer="."
strValueName="StateFlags0001"

Set objReg=GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
objReg.Enumkey HKLM ,strKeyPath,arrSubKeys

For Each SubKey In arrSubKeys

objReg.SetDWORDValue HKLM,strKeyPath & "\" & SubKey,strValueName,2

Next

End Sub


3 Comments   [ + ] Show Comments

Comments

  • The agent runs in the 32bit context and that is the problem in my opinion.
    I found this article that explains how to read the 64bit registry from a 32bit process using WMI: I believe that there are analogous calls to write the registry as well:
    http://www.gunnalag.com/2014/06/05/accessing-64bit-registry-keys-via-32bit-scripting-languages-2/
    Kind regards,
    Marco - StockTrader
  • Thanks kindly for the reply and link. This is going to take some time to digest. I wish that there were a simple way to accomplish this via KACE.
  • Here is a Powershell script that I found... It works, but it requires me to run the script twice, once using "Administrator" credentials, and once using "Logged on user" credentials.

    Admin credentials performs the "Sageset" and Local Credentials performs the Sagerun. Any idea's on how to combine this into a scheduled offline kscript that can be run on login?



    Admin credentials performs the "Sageset" and Local Credentials performs the Sagerun. Any idea's on how to combine this into a scheduled offline kscript that can be run on login?
    • #region Script Settings
      #<ScriptSettings xmlns="http://tempuri.org/ScriptSettings.xsd">
      # <ScriptPackager>
      # <process>powershell.exe</process>
      # <arguments />
      # <extractdir>%TEMP%</extractdir>
      # <files />
      # <usedefaulticon>true</usedefaulticon>
      # <showinsystray>false</showinsystray>
      # <altcreds>false</altcreds>
      # <efs>true</efs>
      # <ntfs>true</ntfs>
      # <local>false</local>
      # <abortonfail>true</abortonfail>
      # <product />
      # <version>1.0.0.1</version>
      # <versionstring />
      # <comments />
      # <company />
      # <includeinterpreter>false</includeinterpreter>
      # <forcecomregistration>false</forcecomregistration>
      # <consolemode>false</consolemode>
      # <EnableChangelog>false</EnableChangelog>
      # <AutoBackup>false</AutoBackup>
      # <snapinforce>false</snapinforce>
      # <snapinshowprogress>false</snapinshowprogress>
      # <snapinautoadd>2</snapinautoadd>
      # <snapinpermanentpath />
      # <cpumode>1</cpumode>
      # <hidepsconsole>false</hidepsconsole>
      # </ScriptPackager>
      #</ScriptSettings>
      #endregion

      Try{
      $OS = Get-WmiObject Win32_OperatingSystem
      $VName = "StateFlags0001"
      $DirPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches"
      #Folders Names which will been cleaned.

      $TempFolders_Win7 = @("Active Setup Temp Folders", "Content Indexer Cleaner", "Downloaded Program Files", "GameNewsFiles", "GameStatisticsFiles", "GameUpdateFiles",
      "Internet Cache Files", "Memory Dump Files", "Offline Pages Files", "Old ChkDsk Files", "Previous Installations", "Setup Log Files",
      "System error memory dump files", "System error minidump files", "Temporary Files","Temporary Setup Files",
      "Temporary Sync Files", "Thumbnail Cache", "Upgrade Discarded Files", "Windows Error Reporting Archive Files",
      "Windows Error Reporting Queue Files", "Windows Error Reporting System Archive Files", "Windows Error Reporting System Queue Files", "Windows Upgrade Log Files")

      $TempFolders_Win8 = $TempFolders_Win7 + @("BranchCache", "Internet Cache Files", "Service Pack Cleanup", "User file versions", "Windows Defender", "Windows ESD installation files")

      $TempFolders_WinXP =@("Active Setup Temp Folders","Compress old files", "Content Indexer Cleaner", "Downloaded Program Files","Internet Cache Files",
      "Memory Dump Files", "Microsoft Office Temp Files ", "Offline Files", "Offline Pages Files", "Office Setup Files", "Old ChkDsk Files", "Remote Desktop Cache Files", "Setup Log Files",
      "System Restore", "Temporary Files", "Temporary Offline Files", "Uninstall Backup Image", "WebClienr and WebPublisher Cache")

      if($OS.Caption.Contains("8")) {
      $TempFolders = $TempFolders_Win8
      }
      elseif($OS.Caption.Contains("7")) {
      $TempFolders = $TempFolders_Win7
      }
      elseif($OS.Caption.Contains("XP")) {
      $TempFolders = $TempFolders_WinXP
      }

      for($i=0;$i -lt $TempFolders.Count; $i++) {
      $RegKey = $DirPath + "\" + $TempFolders[$i]
      $StateValue = (Get-ItemProperty $RegKey).$VName
      if (-not $StateValue) {
      New-ItemProperty -Path $RegKey -Name $VName -Value "2" -PropertyType "dword" | Out-Null
      }
      else {
      Set-ItemProperty -Path $RegKey -Name $VName -Value "2"
      }
      $RegKey = $DirPath
      }
      CLEANMGR /sagerun:32
      foreach($TemFolder in $TempFolders) {
      Write-Host $TemFolder
      }
      Write-Host "Script Check passed"
      Exit 0
      }
      Catch {
      Write-Host "Script Check Failed"
      Exit 1001
      }
Please log in to comment

Answers

0
there may 2 ways to solve this.

1. On success > Launch c:\windows\sysnative\cscript.exe with params $(KACE_DEPENDENCY_DIR)\CleanUp.vbs
and
2. WshShell.Run "C:\WINDOWS\sysnative\cleanmgr /sagerun:1"


Answered 12/17/2015 by: SMal.tmcc
Red Belt

  • also are the keysets constant under volumecaches or can that be unpredictable?
    • SMal.tmcc, thank you for the reply. Can you please expound on your solution? In your "2 ways to solve" solution my above steps indicate that I have tried Option 1. I am unsure what you are requesting in Option 2... Should I revise the VBS script or is this a Task within KACE that I should add. Also, if I am understanding your question regarding the keysets, I believe that the answer is: Yes, they are constant and need a HEX value of 1.

      Thank you for your help!!!
      • the part 2 is to change that in your script if part 1 does not solve it.

        The reason I asked is to see if you even need to use a vbscript to do this or can you just use kace script tasks. You could in your script under verify "launch a program" cmd.exe with parameters /c cleanmgr sagerun:1. Then under the "on success" set the needed registry keys using "set a registry value" and do as many of those as you need to set.
Please log in to comment
Answer this question or Comment on this question for clarity