Alan's Blog – Page 39 – "Yeah. I wrote a script that will do that."

Another Conficker Removal Tool

Posted on April 3, 2009March 3, 2018 by Alan

BitDefender has a nice tool for removing Conficker for single PCs and PCs in the Windows Domain. http://www.bdtools.net/

Quickest check for Conficker

Posted on April 2, 2009June 27, 2015 by Alan

A very nice and easy test for infection by Conficker: http://www.confickerworkinggroup.org/infection_test/cfeyechart.html. Also note that your Windows Update and Background Intelligent Transfers services will be disabled.

Make RDP files

Posted on April 2, 2009April 2, 2009 by Alan

MakeRDPFiles.vbs is a vbscript based on the RDP History script posted earlier. It take your RDP history and creates a folder with connection files for each of the systems you have previously connected to. Rename from .txt to .vbs.

Remotely Enable Terminal Services and RDP

Posted on April 2, 2009April 2, 2009 by Alan

You build a Windows 2003 server and forget to enable RDP. Very annoying. Or you want to RDP to a workstation, and it is not set up. Very annoying. EnableTS_RDP.vbs allows you to remotely enable RDP.

Get a unique list from a text file

Posted on April 1, 2009April 26, 2009 by Alan

This script UniqueList.vbs extracts, counts and writes a unique list of items from a text or CSV file. You can drag a file onto it or use the command line syntax below. If a CSV file, the unique list is just the first column. Command line syntax: uniquelist.vbs filewithdupes.txt newfile headerNote that header is YES or…

The Conficker Non-Event

Posted on April 1, 2009April 4, 2009 by Alan

If you do your job well, the threatened doom becomes a “non-event”. Year Y2K was seen as a non-event, and for well prepared enterprises Conficker – April 1 was also a “non-event”. In both cases we worked hard to avoid serious impact to our users. Calling these “non-events” devalues the hard work that IT professionals…

Conficker Info and Cleaning

Posted on March 31, 2009June 8, 2025 by Alan

I have been busy today making sure we are not vulnerable to the Conficker Worm. Do you need reliable information about Conficker? Try the SANS page at http://isc.sans.org/diary.html?storyid=5860. Signs of infection include being unable to get to security sites. Because of this I am putting the McAfee Conficker Stinger Tool as an attachment on my website. …

gzinflate base64 decode

Posted on March 30, 2009February 4, 2023 by Alan

I was looking at some alternate themes for my blog and downloaded a few nice ones to try. At the bottom of the test page was a URL in Russian. When I went to footer.php, I found a line that looked like this: eval(gzinflate(base64_decode(“fVHRSsMwFH1W8B+…”))); This sort of encoding is a little scary to see, especially…

Auditing SSNs and DOBs in files

Posted on March 24, 2009March 24, 2009 by Alan

FileAudit.cmd is a batch file used to check for files with sensitive DOB or SSN information. It is really, really slow, but it works. Rename from .txt to .cmd.

IP Info Script

Posted on March 22, 2009June 17, 2009 by Alan

This script, IPinfo.vbs, gets IP and network information from a local or remote windows PC. The results can be copied to your clipboard and look like this; NIC: MyNicNAME IP Address: 192.168.0.100 IP Subnet: 255.255.255.0 Default Gateway: 192.168.0.1 MAC Address: 0C:1F:3C:CB:41:8C DHCP Enabled: True DHCP Server: 192.168.0.10 DNS Domain: mydom.com DNS Domain Suffix Search Order:…