![]() It's a "security" software built into the BIOS of many laptops called CompuTrace. It turns out the files are loaded from BIOS: And found some links (the second link is in Russian). I tried several antiviruses, manual registry search, SysInternals tools. I spent hours trying to figure, where this monster launches from. Imagine my frustration when those processes were back there, up and running! I decided to kill the process, delete those files from the "System32" folder and reboot the laptop. I opened Autoruns (God bless SysInternals #2) trying to find some registry key or something that launched this "rcpnetp" process. A-ha! The tool that is supposed to launch startup disk scan! This can't be a coincidence. Why hello there! The process has no "Description" and "Company Name" fields, it loads "rcpnetp.dll" via AUTOCHK.EXE. May be there's a virus preventing this? So I opened the Process Explorer tool (God bless SysInternals) and found a suspicious process called " rcpnetp.exe". The command went up to 47% and aborted with the error message "Windows Resource Protection could not perform the requested operation". So, I figured that the checkdisk file itself might be corrupted, so I ran "SFC /scannow" command that, supposedly, should restore it. I just couldn't launch checkdisk or schedule it for the next startup. I tried everything: rebooting to safe-mode, marking the disk as a "dirty" one with the "CHKNTFS" tool, booting with recovery disk - nothing helped. No big deal, right?Įxcept - there was no disk scan when I rebooted. No problem - I launched the "CHKDSK" utility and scheduled a disk scan on restart. And, to be honest, I'm angry as a bear.It all started with some corrupted files & folders on my wife's laptop. Please try to imagine where I am right now and please accept my apologies - I just finished dealing with this issue, like, 10 minutes ago. But first things first.įirst, let me apologize for the tone of this post and kinda incoherent writing. That even captured and sent-out screenshots of my wife's work. A non-removable malicious software application right from the manufacturer. ![]() Sorry for the offtopic, this post has nothing to do with startups, web-development or entrepreneurship, but I felt I should still write thisI've just discovered a built-in rootkit in my wife's brand new Toshiba laptop.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |