InfiNet Technical Notes from the Field

HKCU > Software > Microsoft > Windows > CurrentVersion > Policies > Explorer

DisablePersonalDirChange = (0)

For SBS 2008 and 2011 users, an easy and more direct way to connect to your office computer is to configure your Remote Desktop Connection on the computer you want to use to connect to your office computer so that it can find your office computer and connect you without having to use Remote Web Workplace.

Here's How:
Open up your RDP connection, click on the Advanced Tab, then click on the Connect from anywhere Settings Button.
Next, click on the Use these RD Gateway server settings and enter the IP address of your SBS server or fully qualified domain to connect to it. Example: remote.yourdomain.com
Click OK, then in the General Tab, enter the computer name of the computer you are trying to access that is inside your office. Example: mycomputer-pc
Next, enter your domain user name and password, save the connection settings and login!

This is much easier than using Internet Explorer in compatibility view settings, replacing dll's as Microsoft patches them with incompatible versions, etc.

Here is a workaround for the updates for Windows 10 Anniversary update that breaks Remote Web Workplace users connectivity to their workstations:

On the computer used to connect to the remote computer:

I got it working as a workaround by replacing the mstscax.dll (Version 10.0.14393.0) in %windir%\SysWOW64\ with the "backup file" in "Windows.old\WINDOWS\SysWOW64" version (10.0.10586.494)

I had to take ownership of the file and give Administrators Full control access to be able to replace the file.

install dos2unix

dos2unix filenameToModify

Here are some common pattterns to look for when scanning web pages for compromised files.  All except the last one create a file where the line is executed called maybeinfected.  You can go through each file and find and remove injected code.  It is typically packed garbled text that hides the code because it is usually obfussicated or encoded to avoid detection.

find . -name '*.php' | while read FILE; do if grep '$GLOBALS' "$FILE"; then echo "$FILE" >> maybeinfected; fi ; done

find . -name '*.php' | while read FILE; do if grep 'eval(base64_decode' "$FILE"; then echo "$FILE" >> maybeinfected; fi ; done

find . -name '*.php' | while read FILE; do if grep '''PCT4BA6ODSE_"$FILE"; then echo "$FILE" >> maybeinfected; fi ; done

Automatically delete any that match a pattern:

find . -name '*.php' | while read FILE; do if grep 'PCT4BA6ODSE_' "$FILE"; then rm  "$FILE" -rf; fi ; done