Kaseya Community

What are you using for spyware scans?

  • Besides Spybot, what other spyware utilities are you guys using?

    Considering:

    Malwarebytes with proper licensing for auto removal.

    Legacy Forum Name: What are you using for spyware scans?,
    Legacy Posted By Username: Jsolano
  • Malwarebytes has worked very well for us. We use it daily.
    www.f1networks.com

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: jrvandy
  • We use Malwarebytes, which has done a good job. It's easy to script too. We use a script that tests to see if it is installed, then updates and scans, and of course installing first if necessary. Very helpful if someone installs something harmful.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: bjfreeman
  • Check out AppRanger. I havent ran across any infection it was not able to remove. http://appranger.com

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: BT4Denovo
  • Thos using Malwarebytes are you usinig the full version or the technician license?

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: scootrz32
  • We just use the free license for the most part. We have looked at a corporate license to add on for our KES clients. 500 licenses at just under $5.00 each and waiting on final approval before we purchase these. The full version is nice because of automatic removal.

    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: JonJohnston
  • this post is fantastic teens virgin clips >:-( young teenage squirt tmsiva child cps snohomish dun young girls 12y nyz pink little *** 119436 bikini women legs 152247 horny bikini teens >:D youngest teens tgp %( cute soccer boys zqqg little sexy teen 0191 young nude gays %D young bdsm comix :-P pretty women bikinis 5158 ranchi gateway warning 3191 sexy young nimphet hjsvl naked asians kids 897 cpaslead com 99068 virginiafarmsforsale =OOO soft porn bikinis >:)) wet young xxx :-]]]


    [edited by: Anonymous at 10:23 AM (GMT -7) on 5-18-2011] this post is fantastic teens virgin clips >:-( young teenage squirt tmsiva child cps snohomish dun young girls 12y nyz pink little *** 119436 bikini women legs 152247 horny bikini teens >:D youngest teens tgp %( cute soccer boys zqqg little sexy teen 0191 young nude gays %D young bdsm comix :-P pretty women bikinis 5158 ranchi gateway warning 3191 sexy young nimphet hjsvl naked asians kids 897 cpaslead com 99068 virginiafarmsforsale =OOO soft porn bikinis >:)) wet young xxx :-]]]
  • mwolter
    Would you mind sharing them?


    Here is what we use. If someone has better please share it. Uses free program (at this time at least) so automatic removal is not available

    Script Name: MBAM Scan
    Script Description: New MBAM Script

    IF Test File
    Parameter 1 : C:\Program Files\Malwarebytes' Anti-Malware\changes.rtf
    Contains :Version 1.37 (or whatever the current version of the program is)
    THEN
    Send Message
    Parameter 1 : The Heldesk staff is currently scanning your machine for infections. Please do not close the Malwarebytes program as it will interrupt the scan. We will be notified automatically when the scan finishes and will contact you to remove any infections. Thank you. Helpdesk Team.
    Parameter 2 : 1
    OS Type : 0
    Execute Shell Command
    Parameter 1 : "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runupdate
    Parameter 2 : 1
    OS Type : 0
    Pause Script
    Parameter 1 : 20
    OS Type : 0
    Set Registry Value
    Parameter 1 : HKEY_CURRENT_USER\Software\Malwarebytes' Anti-Malware\selectedrives
    Parameter 2 : C:\|
    Parameter 3 : REG_SZ
    OS Type : 0
    Execute File
    Parameter 1 : "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
    Parameter 2 : /fullscan
    Parameter 3 : 0
    OS Type : 0
    Pause Script
    Parameter 1 : 3000
    OS Type : 0
    Get Variable
    Parameter 1 : 6
    Parameter 2 :
    Parameter 3 : MachineID
    OS Type : 0
    Send Email
    Parameter 1 : support@domain.com
    Parameter 2 : MBAM Scan
    Parameter 3 : It has been 50 minutes since the MBAM scan has been started on #MachineID#. Please remote in and check to see if the scan is finished. If so remove any found infections.
    OS Type : 0
    ELSE
    Delete File
    Parameter 1 : C:\temp\mbam.exe
    OS Type : 0
    Get URL
    Parameter 1 : http://www.malwarebytes.org/mbam/program/mbam-setup.exe
    Parameter 2 : C:\temp\mbam.exe
    Parameter 3 : 2
    OS Type : 0
    Send Message
    Parameter 1 : The Helpdek staff is currently scanning your machine for infections. Please do not close the Malwarebytes program as it will interrupt the scan. We will be notified automatically when the scan finishes and will contact you to remove any infections. Thank you. Helpdesk Team.
    Parameter 2 : 1
    OS Type : 0
    Pause Script
    Parameter 1 : 40
    OS Type : 0
    Execute Shell Command
    Parameter 1 : "C:\temp\mbam.exe" /SP- /VERYSILENT /NOCANCEL
    Parameter 2 : 1
    OS Type : 0
    Pause Script
    Parameter 1 : 20
    OS Type : 0
    Execute Shell Command
    Parameter 1 : "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runupdate
    Parameter 2 : 1
    OS Type : 0
    Pause Script
    Parameter 1 : 20
    OS Type : 0

    Set Registry Value
    Parameter 1 : HKEY_CURRENT_USER\Software\Malwarebytes' Anti-Malware\selectedrives
    Parameter 2 : C:\|
    Parameter 3 : REG_SZ
    OS Type : 0
    Execute File
    Parameter 1 : "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
    Parameter 2 : /fullscan
    Parameter 3 : 0
    OS Type : 0
    Pause Script
    Parameter 1 : 3000
    OS Type : 0
    Get Variable
    Parameter 1 : 6
    Parameter 2 :
    Parameter 3 : MachineID
    OS Type : 0
    Send Email
    Parameter 1 : support@domain.com
    Parameter 2 : MBAM Scan
    Parameter 3 : It has been 50 minutes since the MBAM scan has been started on #MachineID#. Please remote in and check to see if the scan is finished. If so remove any found infections.
    OS Type : 0


    Legacy Forum Name: Scripts Forum,
    Legacy Posted By Username: JonJohnston
  • Well, I was busy off re-inventing my own wheel to script an mbam scan (also just using the free version) and I'm rolling along fine, with one little hitch.  I'd like to just write a standard log file into something like c:\kworking\mbam-log.txt so I can come along later and set a variable to the contents of that file and email it to us so we have the results of the scan in a ticket.  

    I thought I could use the /logotofile switch to do that, but it doesn't work.  The command line switch documentation I'm looking at doesn't say that I need to be registered or paid up for the /logotofile switch to work, but it doesn't seem to work.  I've tried it all with one execution of mbam such as:

    mbam.exe /logotofile c:\kworking\mbam-log.txt /scan -full -log     <-- this didn't want to then run at all.

    I tried to "execute command" steps in my procedure, first one is mbam with just the /logotofile switch and file destination, and then the second step does the scan.  In that procedure, the scan runs, but it still writes the log file back into my App Data\blah\blah directory.

    Anyone know if I have to buy this for real before I can set the logotofile to something other than the default?

    Thanks,

    Don

  • dang the typos!!  I meant "I tried TWO "execute command" steps...

  • You can change the location of the log file in the registry. Take a look at HKLM\Software\Malwarebytes

    Also, you really should consider getting a license if you plan on using the product commercially. Or hold off until integration with Kaseya...

  • if your using the free version how do you get around the fact that you cannot clean with the free version without interacting with the GUI.

    this means your users have a box on their screen saying you have X number of infections what do you want to do.. this is the only reason we stopped using MBAM as good as it is.

  • Oh sweet - just watched the new release webinar - Malwarebytes is going to be just part of Kaseya (with proper licensing of course)!  I think that's the way to go for sure...  I love how well agent procedures work, but anytime I can trade writing my own scripts for managing the software through the consoles, I'll take the console!  Good job Kaseya, keep on adding good stuff!