azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
949 Commits 3 Branches 0 Tags
6902645769587d9684b642b7bf84aac7a674dfbb
Commit Graph

231 Commits

Author SHA1 Message Date
Mike Swanson
6902645769 chore(submodule): advance guru-rmm — LHM removed from agent install 2026-05-27 19:51:12 -07:00
Howard Enos
47d6519220 chore: update guru-rmm submodule (SPEC-011 ARP registration fix) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 17:22:24 -07:00
Howard Enos
9e06c0bb27 chore: update guru-rmm submodule (SPEC-010 agent UX improvements) 
Picks up SPEC-010 — 2 bugs + 4 features from Howard Enos (2026-05-27).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 16:08:16 -07:00
Howard Enos
04684e816b sync: auto-sync from HOWARD-HOME at 2026-05-27 15:38:18 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-05-27 15:38:18
 2026-05-27 15:38:24 -07:00
Howard Enos
f94c0dfbe1 sync: auto-sync from HOWARD-HOME at 2026-05-27 11:24:44 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-05-27 11:24:44
 2026-05-27 11:25:34 -07:00
Howard Enos
72d98d2abd sync: auto-sync from HOWARD-HOME at 2026-05-27 09:46:32 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-05-27 09:46:32
 2026-05-27 09:46:41 -07:00
Mike Swanson
8edd26cb41 sync: auto-sync from GURU-5070 at 2026-05-27 08:37:07 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-05-27 08:37:07
 2026-05-27 08:37:12 -07:00
Howard Enos
9e2abd571c sync: auto-sync from HOWARD-HOME at 2026-05-27 08:17:59 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-05-27 08:17:59
 2026-05-27 08:18:07 -07:00
Howard Enos
5c89374937 sync: auto-sync from HOWARD-HOME at 2026-05-27 07:26:24 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-05-27 07:26:24
 2026-05-27 07:26:30 -07:00
Howard Enos
d5a352e43d sync: auto-sync from HOWARD-HOME at 2026-05-27 06:58:33 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-05-27 06:58:33
 2026-05-27 06:58:39 -07:00
Howard Enos
47517e93bf docs: update GuruScan README and module comments for current state 
- README: remove AdwCleaner from scanner chain and exit code/licensing
  tables; add AdwCleaner note explaining why it is temporarily excluded;
  fix Headless description (WindowStyle=Hidden, not NoNewWindow); add
  GuruRMM integration section with example JSON output structure
- GuruScan.psm1: fix Headless param docstring; update whitelist comment
  (Emsisoft + HitmanPro only); remove C:\AdwCleaner from Defender
  exclusion list; fix Invoke-Remediation example (-Scanners Emsisoft,MSERT)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 06:55:38 -07:00
Howard Enos
d5614ce558 chore: remove AdwCleaner from scanner chain 
AdwCleaner requires both elevated privileges and an interactive desktop
session simultaneously -- SYSTEM context is elevated but Session 0 (no
desktop), user_session has a desktop but a non-elevated WTS token.
Removing for now; will re-add with schtasks InteractiveToken dispatch
when that mechanism is implemented.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 06:52:25 -07:00
Howard Enos
98f875131e fix: use WindowStyle=Hidden instead of NoNewWindow in headless scanner dispatch 
NoNewWindow caused scanner processes to inherit PowerShell's stdout/stderr
pipe handles from the GuruRMM agent. If any scanner hung in Session 0
(e.g. AdwCleaner GUI init), it held the pipe open after PowerShell exited,
blocking the GuruRMM command for hours until the server-side reaper fired.

WindowStyle=Hidden gives each scanner its own window/console so pipe
handles are not inherited. Scanner processes that timeout are still killed
by Wait-ProcessWithTimeout; the overall scan completes normally.

Verified: full pipeline completes in ~7.5 min on RMM-TEST-MACHINE with
EICAR detection, GURUSCAN_RESULT_JSON emitted correctly.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 06:52:25 -07:00
Mike Swanson
87ac008b06 sync: auto-sync from GURU-5070 at 2026-05-27 06:45:16 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-05-27 06:45:16
 2026-05-27 06:45:19 -07:00
Howard Enos
dad9a68a0a sync: auto-sync from HOWARD-HOME at 2026-05-27 00:31:32 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-05-27 00:31:32
 2026-05-27 00:31:45 -07:00
Howard Enos
bad034cd15 fix(guru-scan): remove /quiet from HitmanPro -- UI allowed to show during scans 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 00:22:19 -07:00
Howard Enos
40e090c95a feat(guru-scan): fix exit code capture, add GURUSCAN_RESULT_JSON reporting, pre-scan hardening 
Exit code fix: add $proc.Handle caching after Start-Process -PassThru to prevent
the handle from being released before ExitCode is readable (known PS5.1 bug).

GuruRMM reporting: launcher now finds results.json after each scan and emits
GURUSCAN_RESULT_JSON:<compressed> to stdout. Agent CommandResult captures it;
server stores it in commands.stdout for retrieval via GET /api/commands/:id.

Pre-scan hardening:
- Pre-flight EXE check: warns about missing scanner binaries before run starts
- Windows Defender exclusions added for scanner/log paths before scan, removed after

AdwCleaner: add /path {LOG_ROOT} arg so logs write directly to scan log root;
update log_src to {LOG_ROOT}\Logs to match.

HitmanPro: add /quiet to scan and clean args to suppress GUI in headless runs.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 00:13:16 -07:00
Howard Enos
a8ee927db0 sync: auto-sync from HOWARD-HOME at 2026-05-26 22:05:31 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-05-26 22:05:31
 2026-05-26 22:05:38 -07:00
Howard Enos
f844054847 sync: auto-sync from HOWARD-HOME at 2026-05-26 21:58:00 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-05-26 21:58:00
 2026-05-26 21:58:09 -07:00
Mike Swanson
7513f21e00 sync: auto-sync from GURU-5070 at 2026-05-26 18:16:28 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-05-26 18:16:28
 2026-05-26 18:16:32 -07:00
Mike Swanson
28e9ecd650 sync: auto-sync from GURU-5070 at 2026-05-26 17:15:21 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-05-26 17:15:21
 2026-05-26 17:15:27 -07:00
Howard Enos
64374e3ecb sync: auto-sync from HOWARD-HOME at 2026-05-26 12:40:52 
Author: Howard Enos
Machine: HOWARD-HOME
Timestamp: 2026-05-26 12:40:52
 2026-05-26 12:40:56 -07:00
Howard Enos
3a0c83dd42 feat: add GuruScan standalone multi-scanner security suite 
Adds a complete PowerShell-based malware scanning toolkit:

- Invoke-GuruScan.ps1: main orchestrator running RKill, AdwCleaner,
  Emsisoft, HitmanPro, and ESET in sequence with pre/post cleanup,
  whitelist support, ForceRemove blacklist, and -Headless switch
- Invoke-PostRebootCleanup.ps1: post-reboot temp-user session that
  shows a fullscreen splash, verifies boot-time cleanup completed,
  removes scanner files, and restores the original user login name
- Download-Scanners.ps1: downloads/refreshes scanner EXEs
- Get-ScanSummary.ps1: parses results.json with optional Ollama AI analysis
- Invoke-Remediation.ps1: re-runs scanners in clean mode

Key features: exit-code-based reboot detection, whoami-based user
capture (SYSTEM-safe via quser fallback), domain\user and local
MACHINE\user restore on login screen after cleanup reboot.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 12:40:56 -07:00
Mike Swanson
464d28ae3d chore(submodule): advance guru-rmm — PRODUCT.md + .gitignore .claude/ 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 09:43:23 -07:00
Mike Swanson
6d726bfcc5 chore(submodule): advance guru-rmm — SPEC-008 expanded to multi-provider SSO 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 08:27:54 -07:00
Mike Swanson
b7c9d48e78 chore(submodule): advance guru-rmm — InventoryTab ReactNode fix 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 08:21:55 -07:00
Mike Swanson
02df84fe80 chore(submodule): advance guru-rmm — SPEC-008 SSO / Entra ID 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 08:17:35 -07:00
Mike Swanson
940e679943 chore(submodule): advance guru-rmm — SSO removed, deferred to feature request 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-26 08:15:00 -07:00
Mike Swanson
0bfd1d0478 chore(submodule): advance guru-rmm — BUG-011 :any elimination merged 
PR #27 merged (fix/bug-011-no-any -> main).
Merge SHA: 3aa9ea4fb08593f41bd6ed6f8d45c2fb20df85b7
Submodule HEAD: 1c09162e29ad3b031e8c0f9f0fb9873ad170ca1b

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 18:45:42 -07:00
Mike Swanson
ee6413655c chore(submodule): advance guru-rmm — BUG-009/010 isError handling merged 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 18:32:18 -07:00
Mike Swanson
b8a35b1790 chore(submodule): advance guru-rmm — BUG-008 metrics error leak fixed 2026-05-25 18:24:11 -07:00
Mike Swanson
da83bcbecc chore(submodule): advance guru-rmm — BUG-007 runtime sqlx fix merged 
Advances submodule pointer to ccf1361 (PR #24 merge commit 940ced1).
Converts remaining compile-time sqlx::query! macros to runtime queries,
unblocking offline/no-prepare builds.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 18:03:06 -07:00
Mike Swanson
414d303b3b chore(submodule): advance guru-rmm — feature/log-finding-dispatch merged 
Adds collapsible FindingCards with agent command dispatch to log analysis.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 17:49:50 -07:00
Mike Swanson
0e2335e8fa chore(submodule): advance guru-rmm to post-audit-2-remediation merge 
Points to main HEAD after merging fix/audit-2-remediation (BUG-002/003/006 fixes).
Feature branch feature/log-finding-dispatch preserved separately.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 16:03:59 -07:00
Mike Swanson
6a53072dfa sync: auto-sync from GURU-BEAST-ROG at 2026-05-25 15:03:03 
Author: Mike Swanson
Machine: GURU-BEAST-ROG
Timestamp: 2026-05-25 15:03:03
 2026-05-25 15:06:20 -07:00
Mike Swanson
30cb6a8f2b sync: auto-sync from GURU-5070 at 2026-05-25 14:23:41 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-05-25 14:23:41
 2026-05-25 14:23:44 -07:00
Mike Swanson
0d1085b145 sync: auto-sync from GURU-KALI at 2026-05-25 13:49:31 
Author: Mike Swanson
Machine: GURU-KALI
Timestamp: 2026-05-25 13:49:31
 2026-05-25 13:49:32 -07:00
Mike Swanson
6582f73f87 sync: auto-sync from GURU-BEAST-ROG at 2026-05-25 13:13:02 
Author: Mike Swanson
Machine: GURU-BEAST-ROG
Timestamp: 2026-05-25 13:13:02
 2026-05-25 13:13:08 -07:00
Mike Swanson
6f16d4bfc2 sync: auto-sync from GURU-5070 at 2026-05-25 12:47:09 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-05-25 12:47:09
 2026-05-25 12:47:12 -07:00
Mike Swanson
2161c1507f sync: auto-sync from Mikes-MacBook-Air.local at 2026-05-25 12:15:42 
Author: Mike Swanson
Machine: Mikes-MacBook-Air.local
Timestamp: 2026-05-25 12:15:42
 2026-05-25 12:16:49 -07:00
Mike Swanson
6945b4237e sync: auto-sync from GURU-5070 at 2026-05-25 09:21:41 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-05-25 09:21:41
 2026-05-25 09:21:44 -07:00
Mike Swanson
0502820cc2 chore: update guru-rmm submodule (SPEC-007 implementation) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 07:21:06 -07:00
Mike Swanson
362e0aadb7 chore: update guru-rmm submodule (SPEC-007 OS recognition) 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-25 07:01:02 -07:00
Mike Swanson
836268ba71 sync: auto-sync from Mikes-MacBook-Air.local at 2026-05-25 06:51:26 
Author: Mike Swanson
Machine: Mikes-MacBook-Air.local
Timestamp: 2026-05-25 06:51:26
 2026-05-25 06:51:27 -07:00
Mike Swanson
2491660b88 sync: auto-sync from GURU-5070 at 2026-05-25 06:00:45 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-05-25 06:00:45
 2026-05-25 06:01:37 -07:00
Mike Swanson
ce69ad2a9d sync: auto-sync from Mikes-MacBook-Air.local at 2026-05-25 05:50:34 
Author: Mike Swanson
Machine: Mikes-MacBook-Air.local
Timestamp: 2026-05-25 05:50:34
 2026-05-25 05:50:35 -07:00
Mike Swanson
5b82b1d15f sync: auto-sync from GURU-5070 at 2026-05-24 19:43:29 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-05-24 19:43:29
 2026-05-24 19:43:32 -07:00
Mike Swanson
a090397626 sync: auto-sync from Mikes-MacBook-Air.local at 2026-05-24 19:25:09 
Author: Mike Swanson
Machine: Mikes-MacBook-Air.local
Timestamp: 2026-05-24 19:25:09
 2026-05-24 19:25:10 -07:00
Mike Swanson
c3d87b6083 sync: auto-sync from GURU-5070 at 2026-05-24 16:54:32 
Author: Mike Swanson
Machine: GURU-5070
Timestamp: 2026-05-24 16:54:32
 2026-05-24 16:54:34 -07:00
Mike Swanson
359f50b2a4 sync: auto-sync from Mikes-MacBook-Air.local at 2026-05-24 16:22:23 
Author: Mike Swanson
Machine: Mikes-MacBook-Air.local
Timestamp: 2026-05-24 16:22:23
 2026-05-24 16:22:23 -07:00