compromise? Well, I have. Perhaps it was from downloading a fake key-gen, or perhaps it was a bad torrent that was packed with malware, or I clicked on a link that took me to a spoofed site with ActiveX whatchamuhdoohickies that were bad for me. This time's offender was 'Antispyware Soft'. They wanted like $50 to get the malware off my computer that they perpetrated. There are others in existence, and they are known as 'rogue antispyware programs'. Whatever the case, I got smacked with a trojanhorse and I needed to get it off. Here's what I did...
1. I rebooted into safe mode (without networking or command prompt).
2. However you can, get to a 'Run Window', from the Start Menu, and run msconfig.
3. In msconfig, on the 'General Tab', select 'Diagnostic Startup' and reboot when it prompts you.
4. Somehow, someway (and I know this may be hard for some folks) get onto another computer and download a free trial version of Norton 360 version 4.0 (or whatever is current at the time). With 'Antispyware Soft', it blocks any applications from opening, and it reroutes http requests to its malignant and bastard site. Symantec products are descent, they at least try to solve your problems in the trial version. Although, their tech support is HORRIBLE! No matter what your problem is, their support staff in New Delhi will only steer you into a dead-end of useless DIY (Do-It-Yourself) tips, or their effin expensive personal assistance (even for band-aid problems).
5. After you have installed Norton 360, immediately conduct a Live Update. And then do it again a few times, after a series of reboots, to make absolutely sure you are completely current.
6. Run a scan. Quick Scan is fine, it sufficed for me. Then just watch Norton destroy what it can find. Take note of the programs and their locations that Norton finds. Their HKEYs in your registry may still linger afterwards.
7. Here is where you take EXTRA caution. You mess your window's registry, you can screw yourself over more than the malware set out to accomplish. Note the location of any of the baddies that Norton discovered, particularly their filenames. Open msconfig again to see if any of those baddies are in your Startup tab. Note the location, and write it down VERBATIM. Keep in mind that the first part in the location could be in acronym form (e.g. HKCU\SOFTWARE\Microsoft\..). You can figure out pretty quickly where HKCU starts you out when you run REGEDIT.
8. Navigate appropriately, and when you arrive to the offending key, delete it.
If you wanna make certain you got everything, go to microsoft's malware removal site and download your appropriate malware removal program. I downloaded and ran: windows-kb890830-x64-v3.7.exe.
They update it every month, the second tuesday of the month.
This should take care of your malware problem. However, I noticed one lingering nuisance that remained after I took care of the malware. I couldn't get online!!! The malware did something to turn off my browsing ability. Nothing seemed to make sense, I had an ip address, I was connected to the LAN. I could even ping yahoo.com. WTF?! (THIS WAS THE PROBLEM SYMANTEC TECH SUPPORT WAS TOO DUMB TO FIX). I played around a little bit, and discovered that I could browse secured https on port 443. This prompted me to go snooping around in internet explorer's internet options. I didn't know what was wrong, but I figured I could pick it out. Under the 'Connections' tab, there is an option to configure LAN Settings. Go there. Make sure under automatic settings, your browser is set to 'Automatically detect settings'. Then make sure nothing else is selected including 'use a proxy server...'. Problem solved. Can you believe Symantec wanted to charge me their premium rate to figure that out?! Glad we have customer-focused corporations out there that aren't trying to screw their customers out of hard-earned cash because they want to draw the line in an unreasonable place. Would have taken 5 minutes to realize that the malware I contracted may have turned this option off. To put it in prospective, it's like trying to do chemotherapy when all I wanted to know was where the light-switch was in this dark room. Thumbs down, Symantec.
Post an answer, or a response. I would like to keep this question alive for anyone else who may come across this problem. Yeah, yeah....bad me d/ling torrents, who here has never done anything wrong?
1. I rebooted into safe mode (without networking or command prompt).
2. However you can, get to a 'Run Window', from the Start Menu, and run msconfig.
3. In msconfig, on the 'General Tab', select 'Diagnostic Startup' and reboot when it prompts you.
4. Somehow, someway (and I know this may be hard for some folks) get onto another computer and download a free trial version of Norton 360 version 4.0 (or whatever is current at the time). With 'Antispyware Soft', it blocks any applications from opening, and it reroutes http requests to its malignant and bastard site. Symantec products are descent, they at least try to solve your problems in the trial version. Although, their tech support is HORRIBLE! No matter what your problem is, their support staff in New Delhi will only steer you into a dead-end of useless DIY (Do-It-Yourself) tips, or their effin expensive personal assistance (even for band-aid problems).
5. After you have installed Norton 360, immediately conduct a Live Update. And then do it again a few times, after a series of reboots, to make absolutely sure you are completely current.
6. Run a scan. Quick Scan is fine, it sufficed for me. Then just watch Norton destroy what it can find. Take note of the programs and their locations that Norton finds. Their HKEYs in your registry may still linger afterwards.
7. Here is where you take EXTRA caution. You mess your window's registry, you can screw yourself over more than the malware set out to accomplish. Note the location of any of the baddies that Norton discovered, particularly their filenames. Open msconfig again to see if any of those baddies are in your Startup tab. Note the location, and write it down VERBATIM. Keep in mind that the first part in the location could be in acronym form (e.g. HKCU\SOFTWARE\Microsoft\..). You can figure out pretty quickly where HKCU starts you out when you run REGEDIT.
8. Navigate appropriately, and when you arrive to the offending key, delete it.
If you wanna make certain you got everything, go to microsoft's malware removal site and download your appropriate malware removal program. I downloaded and ran: windows-kb890830-x64-v3.7.exe.
They update it every month, the second tuesday of the month.
This should take care of your malware problem. However, I noticed one lingering nuisance that remained after I took care of the malware. I couldn't get online!!! The malware did something to turn off my browsing ability. Nothing seemed to make sense, I had an ip address, I was connected to the LAN. I could even ping yahoo.com. WTF?! (THIS WAS THE PROBLEM SYMANTEC TECH SUPPORT WAS TOO DUMB TO FIX). I played around a little bit, and discovered that I could browse secured https on port 443. This prompted me to go snooping around in internet explorer's internet options. I didn't know what was wrong, but I figured I could pick it out. Under the 'Connections' tab, there is an option to configure LAN Settings. Go there. Make sure under automatic settings, your browser is set to 'Automatically detect settings'. Then make sure nothing else is selected including 'use a proxy server...'. Problem solved. Can you believe Symantec wanted to charge me their premium rate to figure that out?! Glad we have customer-focused corporations out there that aren't trying to screw their customers out of hard-earned cash because they want to draw the line in an unreasonable place. Would have taken 5 minutes to realize that the malware I contracted may have turned this option off. To put it in prospective, it's like trying to do chemotherapy when all I wanted to know was where the light-switch was in this dark room. Thumbs down, Symantec.
Post an answer, or a response. I would like to keep this question alive for anyone else who may come across this problem. Yeah, yeah....bad me d/ling torrents, who here has never done anything wrong?