OK, so, I’m busy killing off running processes and fire up MSConfig to try to keep them from coming back on the next boot. To launch msconfig go to start, run… type in msconfig and click ok. The startup tab is where we’re looking for programs running at startup (makes sense…) This is a bit easier and more straightforward than visiting the run entry in the registry. It does combine a few locations into one place.
Category: Tech Support
-
Task Manager Suspicious Processes after WMF exploit
After getting into Task Manager I saw a number of suspicious processes. There were a lot of things running as my user that I didn’t recognize. kernels64.exe, vxgame6.exe, vxgame4.exe, mm4.exe, vxh8jkdq2.exe, netsh.exe, cmd.exe, winstall.exe, vxgamet4.exe, vxgame2.exe covers most of the list of suspect entries. netsh and cmd are both legit programs, but were likely being used as remote shells. In other words they were legit, but not something that I expected to be running. (I didn’t have a cmd shell open..)
-
Task manager has been disabled by your administrator
The first problem I ran into in cleaning up after my infested Windows XP image was this error message. One of the first things I do in cleaning an infested system is try to kill off running process that look suspect (or at least identify them.) On using ctrl-alt-delete I got the message “Task manager has been disabled by your administrator” To be honest I haven’t seen that one before and it sent me Googling…
-
Cleaning up after the WMF exploit
OK, I mentioned that I infested a virtual machine with the current WMF 0-day exploit. First I should probably clarify. An exploit is a means of getting in to a system. The payload is the software that is installed. In the case of my experience there was a long list of pests installed. Given that the exploit enables any software to be installed, your experience may be different. That’s the first thing I want to make clear, depending on where and when you were affected you may see vastly different malware.
-
Joystick calibration under linux
I don’t know off the top of my head of a graphical joystick calibrator for linux, but there is a command line utility that’s dead easy to use…. jscal I found the tip in a flightgear mailing list after having a hard time with one of the first flights. The stick was very far off center, I had to pull almost all the way to the right to keep level. Anyway… here’s the tip.
-
Building RPM’s – building from tarballs
Again – I’m NOT an expert on the subject, but have had some success with building rpm’s from either src.rpms (covered last time) and building from tarballs… This entry will talk about the simplest kind of rpm build from tarballs. This is a situation where the developer’s in their great foresight have actually got a spec file in the tarball (and it’s kept current).
-
Converting spaces in filenames to underscores
Linux supports long file names, in some (many?) ways better than windows. However, when I moved over to linux I had tons of files with spaces in the name. This isn’t really a problem usually, but it can be a bit annoying having to enclose the filename in quotes for everything… anyway. Most of these were mp3’s that I had ripped from my collection of cd’s to store on the server. The script I used to automatically play through the music archive had problems dealing with the spaces (and I didn’t want to figure out how to make it work…) so I found another solution….
-
Automatically downloading a file mp3 with a bash script
Linux systems give you many possibilities and one of them is good scheduling (cron), another is good scripting capabilities. I’ve done things with linux fairly easily that with Windows would have been next to impossible and required me to download several other things to make it happen. Anyway, I recently saw mention of a linux, bash scripted podcatching client. Basically you tell what podcasts you subscribe to and it downloads them on a schedule. It reminded me of a couple scripts I’ve got running that do similar things, but not from a true rss/podcast feed.
-
Building RPM’s from Source RPMs
Let me start by saying I am FAR from being an expert on the subject of building rpm’s… RPM’s are binary packages for use in red-hat based distributions. They are used (*in my case on Mandriva) with urpmi to install. Urpmi is a “wrapper” around the rpm utility that figures out what dependencies a program has and then installs those dependencies along with that program. One problem under linux is that binaries are not necessarily portable from one version of a distribution to another. For instance, some of the rpm’s for cooker may not be compatible with an old 10.0 system. But, there are src.rpm’s that can be rebuilt.
-
Kaffeine no sound
Ok – so now post upgrade to Mandriva 2006 I sit down to try something out. Put a dvd in the drive and see what happens. I rarely sit and watch dvd’s on the desktop, but it’s always been a possibility… So, when I pop the disc in, kaffeine pops up with it’s “install” sequence – checks to see what’s on the system and what’s not what version of kde, libdvdcss, dvd, dvb hardware, etc….
So, the disc pops up and no sound…. hmm. maybe it’s just kaffeine…