Computer Tips -Tech Info

On the next boot I was greeted with the above message C:\windows\system32\kernels64.exe not found please make sure the path……correct…. blah blah blah. Back to msconfig. Everything there now looks clean. I check the running processes, again everything there looks clean I don’t see anything that I’ve been fighting. So, I start the registry editor (start, […]

At this point, I needed to rename or delete some files that windows would not let me touch. I had this winlogon.exe running from a suspect directory c:\windows\inet20001 and windows wouldn’t let me kill it, or remove it’s start entry in the registry. So, I booted my image from a dsl linux cd and opted […]

OK, so, I’m busy killing off running processes and fire up MSConfig to try to keep them from coming back on the next boot. To launch msconfig go to start, run… type in msconfig and click ok. The startup tab is where we’re looking for programs running at startup (makes sense…) This is a bit […]

After getting into Task Manager I saw a number of suspicious processes. There were a lot of things running as my user that I didn’t recognize. kernels64.exe, vxgame6.exe, vxgame4.exe, mm4.exe, vxh8jkdq2.exe, netsh.exe, cmd.exe, winstall.exe, vxgamet4.exe, vxgame2.exe covers most of the list of suspect entries. netsh and cmd are both legit programs, but were likely being […]

The first problem I ran into in cleaning up after my infested Windows XP image was this error message. One of the first things I do in cleaning an infested system is try to kill off running process that look suspect (or at least identify them.) On using ctrl-alt-delete I got the message “Task manager […]

OK, I mentioned that I infested a virtual machine with the current WMF 0-day exploit. First I should probably clarify. An exploit is a means of getting in to a system. The payload is the software that is installed. In the case of my experience there was a long list of pests installed. Given that […]

I’ve read the security advisory and unfortunately Microsoft doesn’t give any real workarounds. (There have been several announced from other sources.) Unfortunately, Microsoft: 1)urges caution in opening email and links from untrusted sources, and 2) wants you to call them if you’ve been affected by this. (1-866-PCSAFETY) and 3) make sure you have all updates […]

Last night while I was in the midst of infecting a virtual machine, Microsoft issued a release that there’s a “possible vulnerability”… fortunately, their technical document is a bit more straightforward… technet advisory here. Spyware Confidential also has a good roundup on the coverage so far. There’s a bit more disturbing stuff coming too…    […]

Well, I’ve just spent the better part of 6 hours (maybe a bit more) “sacrificing” a virtual machine to the zero-day Windows Meta File (WMF) exploit and all the malware that comes in. I picked one site from the sunbeltblog list to infect the virtual machine with and can attest to it being quite nasty. […]

I don’t know off the top of my head of a graphical joystick calibrator for linux, but there is a command line utility that’s dead easy to use…. jscal I found the tip in a flightgear mailing list after having a hard time with one of the first flights. The stick was very far off […]