Malware

Nopetya Vaccination and Immunization

Performs the Vaccination as described in this article, by creating a few read only files which should prevent NotPetya/Petya/Petna/SortaPetya infections.

Read More

Detect Crypto-X (Ransomware)

Checks various registry entries for indicators of a Crypto infection. Also, generates a “honeypot” document, If the document becomes encrypted the script will alarm as well.. Able to report with $CryptoAudit$, $CryptoYES$. Acknowledgments: Many thanks to MarcR, MattK from Kaseya Community for inspiration as posted on http://community.kaseya.com/resources/m/knowexch/86518.aspx#pi5230=2 This script is provided “AS-IS”. Please make sure…

Read More

ComboFix – Download latest version

Download latest version of ComboFix to temp directory.  Renames the file to CMBOFX2010.

Read More

HiJack This – Silent Run record log file

Silently installs HiJack This 2.02.   Updates a registry file so that you don’t have to acknowledge the new version.  Then runs a full scan and stores it on c:tempHijackThisHiJackThis.log.

Read More

MalwareBytes D/L & Scan (x64)

Script will test to see if the latest version of MalwareBytes is loaded, and download it and install it if it isn’t.  It will then show a message to the customer that a scan is going to happen.  It will scan the system, and send an email in 50 min (you need to customize email…

Read More

McAfee Stinger (DL & Scan)

Script downloads txt files with current dl location. Script then downloads McAfee stinger, runs scan and fixes any infections. Script then writes results to script log and emails log file to to email address entered at script scheduling. Script then deletes exe and all txt files.

Read More

RKill DL & Run

Downloads and runs RKill.exe, need to review log file on systemrootrkill.log. Script downloads txt file with dl location then executes and writes to script log if successful.

Read More

Spybot (DL & Install)

Script downloads installer and installs with /verysilent /nocancel /noicons /components=”main”. Script then deletes installer and writes to script log if successful.

Read More

Ad-Aware 8.2.0 Silent Install

Downloads installer to temp directory, then runs with the /S argument. Writes to script log if successful.

Read More

HiJack This – Silent Run record log file

Silently installs HiJack This 2.02.   Updates a registry file so that you don’t have to acknowledge the new version.  Then runs a full scan and stores it on c:\temp\HijackThis\HiJackThis.log.

Read More