Re: Updating Ad-Aware SE Personal i SpyBot S&D from command line?

• Previous message: Winged: "Re: Incoherent E-mails"
• In reply to: David H. Lipman: "Re: Updating Ad-Aware SE Personal i SpyBot S&D from command line?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 12 Oct 2005 21:14:16 -0500

David H. Lipman wrote:
> From: "John_2001" <John.2001@gmail.com>
>
> | Greetings!
> |
> | I am using Ad-Aware SE Personal and Spy S&D 1.3 on all computers in my
> | domain.
> | Is it possible to update this programs from command line?
> | Is there any other way to update them using Group Policy (scripts or
> | something else)?
> |
> | Best regards
> |
> | John
> |
>
> I hope that you are using Ad-aware SE v1.06.
>
> You need to remove SpyBot S&D v1.3 and then install and update SpyBot S&D v1.4. It is
> greatly improved.
>
> The latest Ad-aware definations are at the url;
> http://download.lavasoft.de.edgesuite.net/public/defs.zip
> You can then download; wget.exe http://users.ugent.be/~bpuype/wget/
> and; unzip.exe - http://patriot.net/~bmcgin/unzip.exe
>
> Place; unzip.exe, wget.exe and the DLL files in the Windows directory [ %windir%,
> c:\windows or c:\winnt ]
>
> Then you can use a batch file such as...
>
> Update.CMD
> ------------------
> @echo off
> wget -N http://download.lavasoft.de.edgesuite.net/public/defs.zip
> copy defs.ref defs.bak
> unzip -j -o defs.zip
>
> Save the BAT or CMD file in the folder where Ad-Aware.exe is located and then create a link
> (LNK) file on the DeskTop that points to the BAT or CMD file.
>
> SpyBot and S&D does not lend itself to scripted updates.
>
> As a network Administrator I use the KiXtart script interpreter (http://kixtart.org KiXtart
> is CareWare) as my Domain Login Script. I can see that on ta server you can create a task
> in the server's MS Tasker to run the above batch file and then in the login script simply
> copy defs.ref to the workstation where Ad-Aware.exe is located. This can be done when the
> user logs on. This way every time they logon they will have the latest definition file.
> It also has the advantage of only one PC, the server, going out to the Internet and getting
> the update and then distributing the file rather that the workstatiosn all going out to the
> Internet.
>
>

When using spybot 1.04 do not stop with scan and immunization. Change
the mode to advanced and look at installed BHOs, activeX controls,
startup items, running processes and use their host file. The host file
option is a fairly good list of known spyware sources that get blocked.
  Get familiar with the Winsock LSPs that belong as I have seen several
bad guys use that for sniffing. That is a weak point in spybot as it
does not provide much information, and their are other ways to get the
same information, but it is easy access point. Once you become familiar
with what belongs the bad guys stand out. Typically if a bad guy has
modified the Winsock LSP it will be the last entry in the list (provided
you have added nothing to modify the LSP list). Here are Spybot command
parameters:

Here is a list of command line parameters that the Spybot-S&D main
executable (spybotsd.exe) supports:

/taskbarhide
Runs Spybot-S&D completely hidden (no window, no taskbar icon), so make
absolutely sure you use it only in combination with /autoclose
(otherwise it would remain in memory sitting idle). Useful only in
combination with /autocheck, /autoupdate or /autoimmunize, as it cannot
be controlled when completely invisible.
/minimized
Starts the window minimized.
/uninstall
Uninstalls Spybot-S&D. This command line parameter is very outdated -
unins000.exe should be used instead!
/blinduser
Starts with support for blind users (special menus).
/autoupdate
Does an update after starting the program.
/autocheck
Starts scanning immediately.
/autofix
Fixes problems after scan.
/autoclose
Closes program after it has scanned or updated.
/autoimmunize
Runs the immunization at program start.
/onlyspyware
Fixes only spyware (red) entries with /autofix, leaving all usage tracks
as they are.
/easymode
Starts with easier interface for beginners.

Additionally you can get the update file from authors site and install
it prior via script directly so the users will not need to get the update.

this allows /taskbarhide /autocheck /autoimmunize /autoclose to take
place without users being involved.

I have found spybot a useful educational tool to get users to understand
it is a big bad world out there, however this is usually a one on one
with problematic users and not an effective use of time. I do have a
guide for road warriors on product use.

I am surprised how many users run the tool independently and
surprisingly break very little (You can break things using tool
improperly depending on user perms). Most of our users I speak with run
it on their home systems as well.

In our environment we can not run lavasoft product due to licensing
issues (we never bought it).

The deficiencies of this is you do not see what BHOs or ActiveX controls
are installed but we use SMS query to retrieve that type information for
review.

Winged

How do you spell job security? Microsoft

• Previous message: Winged: "Re: Incoherent E-mails"
• In reply to: David H. Lipman: "Re: Updating Ad-Aware SE Personal i SpyBot S&D from command line?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]