Script Category: Security

Bad Rabbit Vaccine

From Kaseya’s Automation Exhange. You can find the original here.

This is an Agent Procedure to protect Windows endpoints against the Bad Rabbit Malware.
The procedure create 2 files (C:\Windows\cscc.dat and C:\Windows\infpub.dat) and disable inheritance from these files.
Link for more information on the new ransomware: http://www.zdnet.com/article/bad-rabbit-ten-things-you-need-to-know-about-the-latest-ransomware-outbreak/
Link about the vaccine: https://www.cybereason.com/blog/cybereason-researcher-discovers-vaccine-for-badrabbit-ransomware

WMI AntiVirus Info – Field Update

Script downloads vbs file to determine what AntiVirus, Version, and if AntiVirus is up to date, by checking several WMI classes. Script writes all info to script log. You are able to run a report to gather info by searching Agent Procedure Logs for $AVInfo$ $Audit$ $OOD$. Script sends email to stored variable in step… Continue Reading

Dell root cert Audit

Script audits machines for the presence of two certificates identified by checking Registry keys.  Results of audit recorded in the Agent Procedure log using the tag $DellCert$.   If you ONLY want to see machines that have the certificates, then filter on $OOD$. Continue Reading

Dell root cert fix

Uses the DellCertFix.exe tool, downloaded from Dell to apply the Fix. Problem is outlined in this article: http://en.community.dell.com/dell-blogs/direct2dell/b/direct2dell/archive/2015/11/23/response-to-concerns-regarding-edellroot-certificate Continue Reading

Disable Local Password Caching(Local Machine)

Adds two registry DWORD values to disable local password caching. Works on the current logged on user & local machine (any new users). Writes to script log if successful. WARNING: Users will not be able to log on if Domain Controller is down. Also stops passwords from getting out of sync. Continue Reading

Copyright ©2014-2016 Network Depot LLC.

12040 South Lakes Drive Suite 202 Reston, VA 20191 USA

Terms of Service - Refund Policy - Privacy Policy

Skip to toolbar