Saturday, August 19, 2006

Irritating Malware - Family should read this

Courtney's computer recently got infected with a really irritating virus.

Every time she opened IE, she got a warning that her computer might be infected, and she should run a "system integrity scan wizard".

This is ironic, because the infection she had was the program that was offering to scan her computer, and remove the infection.

Here's how you get rid of it. Be really careful if you do this.

Start-Run
Type regedit, and hit enter
Go to HKEY_CURRENT_USER/Software/Microsoft/Windows/Current Version/Run
Look for a program on the right side that is just random letters stuck together, ending with .exe. In Courtney's case, the path (value) for this program was under c:\documents and settings\local settings
Write down the full path to the file, and pay particular attention to the filename.
Hit Ctrl-F
Type in the file name, hit enter
Every place you find the name, hit the delete button, to remove the reference.

Then, go to the folder that you wrote down, and delete the .exe file that you just removed from your registry. A restart, and everything should be fine.

9 comments:

micaman said...

If only more computer users would investigate as well as you did before clicking on the malware. I scrub many machines from this type of infection. I come across machines that the owners have landed on an unknown website with a banner ad saying "Windows is dying - click here to save it" and they click the stupid banner ad and infect their machine!

Families need to educate the whole family about "fake alerts" and malware tactics.

Anonymous said...

thanks for the heads up...luckily haven't been hit yet, but sure is nice to know there is a fix

Cullen Waters said...

No problem, that's what us geeks are for...

Anonymous said...

Why aren't you using firefox???hehehehehe

Anonymous said...

thnx, now my pc won't boot.

Anonymous said...

i'd like to kick your ass. you shouldn't be allowed to use a computer, let alone give advice. now i'll have to reinstall my os/programs & i'll never be able to replace the years of hard work i had on it.

Anonymous said...

is there anyone local that knows this guy? can you drive over & kick his ass? please keep this idiot away from this site with faulty pc repair advice. signed-no boot now.

Cullen Waters said...

All advice given on this blog is provided as-is, with no warranty expressed or provided.

That said, Mr Anonymous, if you don't know how to use regedit, that's your fault, not mine.

Feel free to come visit me, and we'll talk about whose ass gets kicked. Funny that someone too cowardly to identify themselves is talking about kicking ass.

Anonymous said...

Get him Cullen...with an right then a left and a swift kick..outta here. Bye bye Mr Anonymous. Oh and Cullen what's a regedit? LOL...