Maker tech hub — AI · 3D print · Pi · ESP32 · plus the classic tech archive.

Free ESP32 kit · AI tools directory · Books · Archive

Classic Tech Tips Archive

Salvaged posts from the original averyjparker.com tech blog — Windows, Linux, security, and hardware troubleshooting. Preserved for SEO value and long-tail usefulness.

1,836 posts preserved from the original WordPress blog.

Looking for modern maker content? Start here · Projects · Free ESP32 kit (PDF) · AI tools · Archive → modern map
  • Spyware, viral cleanup disabling system restore
    Dec 29, 2005

    Sorry, but to get into the guts of what I found in the wake of the WMF exploit, I did leave out another important step in the cleanup process. IF you are trying to clean up an infested machine one of…

  • Update on the WMF exploit - more sites to block
    Dec 29, 2005

    I haven't checked to see if these are already on other block lists for the WMF exploit, but the following addresses are advised to be blocked (from f-secure).... toolbarbizbiz toolbarsitebiz toolbart…

  • http://60.topnssearch.com popups in infestation
    Dec 29, 2005

    One other note from the previous series on WMF exploit infestation cleanup. Among the multiple popups that came when launching internet explorer, most were directed at the site http://60.topnssearch.…

  • Cleaning up after WMF Exploit - summary
    Dec 29, 2005

    Can I say enough times that after a bad trojan infestation you should format and reinstall? I've cleaned up the infested image that I "sacrificed" to the WMF exploit and as I've said you're pestware …

  • Cleaning up after WMF exploit - BHO removal
    Dec 29, 2005

    Browser helper objects (BHO's) are listed in the registry and load with explorer when it runs (Internet Explorer/ File explorer are so closely tied it affects both.) I've used BHOdemon in the past to…

  • Cleaning up after WMF exploit - is it clean?
    Dec 29, 2005

    So, I've got most of the baddies cleaned out and I'm not getting popups anymore. No nags on boot, the boot process is quicker, but is it really clean? I found a few files (winlogon.exe, alg.exe in pa…

  • C:\windows\system32\kernels64.exe not found
    Dec 29, 2005

    On the next boot I was greeted with the above message C:\windows\system32\kernels64.exe not found please make sure the path......correct.... blah blah blah. Back to msconfig. Everything there now loo…

  • Cleaning up after WMF exploit third party boot disc
    Dec 29, 2005

    At this point, I needed to rename or delete some files that windows would not let me touch. I had this winlogon.exe running from a suspect directory c:\windows\inet20001 and windows wouldn't let me k…

  • Removing items from MSCONFIG after WMF exploit
    Dec 29, 2005

    OK, so, I'm busy killing off running processes and fire up MSConfig to try to keep them from coming back on the next boot. To launch msconfig go to start, run... type in msconfig and click ok. The st…

  • Task Manager Suspicious Processes after WMF exploit
    Dec 29, 2005

    After getting into Task Manager I saw a number of suspicious processes. There were a lot of things running as my user that I didn't recognize. kernels64.exe, vxgame6.exe, vxgame4.exe, mm4.exe, vxh8jk…

  • Task manager has been disabled by your administrator
    Dec 29, 2005

    The first problem I ran into in cleaning up after my infested Windows XP image was this error message. One of the first things I do in cleaning an infested system is try to kill off running process t…

  • Cleaning up after the WMF exploit
    Dec 29, 2005

    OK, I mentioned that I infested a virtual machine with the current WMF 0-day exploit. First I should probably clarify. An exploit is a means of getting in to a system. The payload is the software tha…

  • Microsoft Security advisory on WMF exploit
    Dec 29, 2005

    I've read the security advisory and unfortunately Microsoft doesn't give any real workarounds. (There have been several announced from other sources.) Unfortunately, Microsoft: 1)urges caution in ope…

  • WMF 0-day update
    Dec 29, 2005

    Last night while I was in the midst of infecting a virtual machine, Microsoft issued a release that there's a "possible vulnerability"... fortunately, their technical document is a bit more straightf…

  • WMF zero-day exploit first hand experience
    Dec 29, 2005

    Well, I've just spent the better part of 6 hours (maybe a bit more) "sacrificing" a virtual machine to the zero-day Windows Meta File (WMF) exploit and all the malware that comes in. I picked one sit…

  • Joystick calibration under linux
    Dec 29, 2005

    I don't know off the top of my head of a graphical joystick calibrator for linux, but there is a command line utility that's dead easy to use.... jscal I found the tip in a flightgear mailing list af…

  • Building RPM's - building from tarballs
    Dec 28, 2005

    Again - I'm NOT an expert on the subject, but have had some success with building rpm's from either src.rpms (covered last time) and building from tarballs... This entry will talk about the simplest …

  • Converting spaces in filenames to underscores
    Dec 28, 2005

    Linux supports long file names, in some (many?) ways better than windows. However, when I moved over to linux I had tons of files with spaces in the name. This isn't really a problem usually, but it …

  • Another workaround for WMF exploit
    Dec 28, 2005

    There are at least two other workarounds for the Windows Meta File (WMF) exploit that I've been looking into this afternoon. These from sunbelt blog. First up... 2. Change file associations for WMF f…

  • Workaround for zeroday WMF exploit
    Dec 28, 2005

    It's worth repeating a few things here. There is a nasty exploit in the way that WMF images are parsed in Windows. This means that WITHOUT user intervention a system can be remotely exploited and thr…

  • Workaround for the critical WMF zero-day exploit
    Dec 28, 2005

    The Windows Meta File (WMF) zero-day (0-day) exploit is apparently, VERY nasty, no user intervention required (unless running firefox or opera). Just VISITING a malicous site (viewing a malicious ema…

  • Windows Metafile zeroday exploit
    Dec 28, 2005

    There's more on the WMF 0-day exploit... According to f-secure it's being used to distribute the following nasties.... Trojan-Downloader.Win32.Agent.abs Trojan-Dropper.Win32.Small.zp Trojan.Win32.Sma…

  • More on the Windows WMF zero-day exploit
    Dec 28, 2005

    There seems to be quite a bit developing on the Windows Meta File (WMF) zero-day (0-day) exploit which was first reported yesterday. Sans has raised their alert level to yellow in an effort to get at…

  • Small Ethernet Print Server
    Dec 28, 2005

    The Hawking Technology Print Server (HPS1P) is a nice little parallel port to ethernet print server that can be configured to make a single printer available to multiple machines on a LAN (local area…

  • Network Security guide for the home or small business network - Part 16 - Learn about the enemy
    Dec 28, 2005

    I remember I had a geography teacher once that was a former Marine and he said when he was growing up it was the height of the cold war and geography was interesting to him from a "know your enemy" p…