Personal computing discussed
Moderators: askfranklin, renee, emkubed, Captain Ned
MixedPower wrote:I decided to clean my keyboard a few days ago, but in my haste to get back to playing Arkham City I must not have dried a few of the caps sufficiently because I have about a dozen or so keys that no longer work.
axeman wrote:Try Kapersky's tool for removing some of the more common rootkits:
http://support.kaspersky.com/faq/?qid=208283363
just brew it! wrote:since (for reasons I can't fathom) almost nobody uses the Task Scheduler, opting instead to use an always-resident background app that periodically "phones home" to check for new versions.
bthylafh wrote:just brew it! wrote:since (for reasons I can't fathom) almost nobody uses the Task Scheduler, opting instead to use an always-resident background app that periodically "phones home" to check for new versions.
I think Task Scheduler requires you to enter your password for each task that gets created.
just brew it! wrote:MixedPower wrote:I decided to clean my keyboard a few days ago, but in my haste to get back to playing Arkham City I must not have dried a few of the caps sufficiently because I have about a dozen or so keys that no longer work.
Try using a blow dryer on it, or baking it on your oven's lowest setting. You've got nothing to lose since it is already dead.
just brew it! wrote:Wow, that's devious. It didn't even occur to me that you could do that.So that Kaspersky tool appeared to disable the rootkit successfully, but RootkitRevealer was still saying there was something there. After a bit more digging, I discovered why: malware files were still present, in a folder which was hidden by having a reparse point (symbolic link) with the same name. The reparse point linked to an innocuous folder elsewhere in the Windows system folder hierarchy, effectively disguising the folder with the crap in it.
I wonder if the SysInternals' Junction tool (with the -d option) would've worked? There's also the delrp.exe tool from the old Win2K Resource Kit, but if the permissions were an issue you probably would've been forced to move it to another machine as a non-system drive regardless.XP would not allow me to remove the reparse point even in Safe Mode or Recovery Console (Access Denied in all cases),
UberGerbil wrote:just brew it! wrote:So that Kaspersky tool appeared to disable the rootkit successfully, but RootkitRevealer was still saying there was something there. After a bit more digging, I discovered why: malware files were still present, in a folder which was hidden by having a reparse point (symbolic link) with the same name. The reparse point linked to an innocuous folder elsewhere in the Windows system folder hierarchy, effectively disguising the folder with the crap in it.
Wow, that's devious. It didn't even occur to me that you could do that.
paulWTAMU wrote:You're both more skilled and more dedicated than I am!
bthylafh wrote:I wonder if you could have deleted that directory from Knoppix without bothering with the reparse point stuff; we've used Knoppix sometimes to get into ACL'd folders and copy data out because it ignores those ACLs.