Kaseya Community

I'm looking to write a procedure to look for Browser Hijacks. The current wave of fake spyware is blowing trhough all of the KES and firewall products.

What I want is to see if the browser Shell Open Command has been sert to something other then the default, it so set an alert/alarm (can be via email) and possiblely put it back.

Anyone have such a script? I'm also looking for someone to write scripts for me on an On Demand basis. So often I know what I want but don't have the time to work out the syntax.

IE Values

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\""

Firefox
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\
“C:\Program Files\Mozilla Firefox\firefox.exe”

Chrome

DNS Hijack Risk

Monitoring for Reboots

Issue using write directory

Get Variable Expression Value oddity

Agent procedure to read and report back Print Queue for print server

Browser Hijacks