Kaseya Community

I'm looking to write a procedure to look for Browser Hijacks. The current wave of fake spyware is blowing trhough all of the KES and firewall products.

What I want is to see if the browser Shell Open Command has been sert to something other then the default, it so set an alert/alarm (can be via email) and possiblely put it back.

Anyone have such a script? I'm also looking for someone to write scripts for me on an On Demand basis. So often I know what I want but don't have the time to work out the syntax.

IE Values

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\""

Firefox
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\
“C:\Program Files\Mozilla Firefox\firefox.exe”

Chrome

DNS Hijack Risk

Agent procedure to read and report back Print Queue for print server

Adding Windows user script

Issue using write directory

Silent removal of Kaspersky Anti-Virus

Browser Hijacks