Heehee, sorry, NOT used to not being blamed for everything that goes wrong on someone’s computer.
Display too big? CALL YOUR ISP AND BITCH!
Can’t print from Word? CALL YOUR ISP AND BITCH!
Can’t turn on your computer? CALL YOUR ISP AND BITCH!
::ahem::
Sorry. It’s been a long few days. 
The following post is for the benefit of those who are already familiar with using “The Microsoft Windows 2000/XP Registry Editor”.
In my experience, a truckload of programs (some malicious, some just plain annoying) look for the presence of a certain registry key in either of the following registry directories…
(1) “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run”
(2) “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run”
To my knowledge, almost every worm or virus which has hit Windows in the last 4 years has been programmed to write a new registry key in either of those two directories. And in case you didn’t know, they are the inner sanctums of what gets fired up automatically by default when you (1) turn on the machine, and then (2) log in on your own account.
However, one of the downsides to trying to “temporarily stay on air” if you delete a registry key left behind by a virus/worm is this… the virus/worm often shows up again while you’re doing your “emergency steps” and looks for the presence of it’s “trojan horse” registry key, and if it’s not there, it writes a new one. And then, in effect you’re back to square one.
What I’ve discovered is pretty neat - if you identify a registry key which you’re suspicious about, or if it’s one which you simply don’t want to be activated at bootup time, you can make that registry key inert by EDITING it’s contents so that the program within the key is no longer valid. Hence, when the virus/worm comes along later and looks for the presence of the registry key, it gets an affirmative, but the contens remain inert.
And it doesn’t have to be a virus/worm bit of software either. Some examples of vendor software which do this are AIM by AOL, and Real One Player. It’s infuriating, and arguably not legal, but they do it anyway. So I made their registry keys inert by (for example) changing the content of the key where it says “nkvmon.exe” to “nkvmon.fuckoff” and from there, that key is useless. But it’s not deleted and it won’t get overwritten.
Over the last 24 months, more than a few very professional System Admins have been extremely grateful for my little discovery.
Doesn’t seem to work with RealOne Player - whatever modifications I make to its entry (‘TKBellExe’), it overwrites the next time I run it. My solution is simply to avoid running it unless I absolutely have to, and if I do I immediately delete the HKLM/bla bla/Run entry.
Of course, having posted that, I immeditately think of the obvious solution - just rename/delete realsched.exe (the program it attempts to launch from the registry). You still have the registry entry, but it doesn’t do anything.
The really fun thing about this is that while the patch for this exploit had been out for about 3 weeks, a lot of us haven’t installed it because it makes about 5% of the Windows 2000 machines that run it stop booting completely!
MS has know about the problem since the patch was released but they still hadn’t done anything to fix it until this worm came out. Now that millions of peope are installing the patch and it is fucking up a lot more computers, they suddenly decide that they should get a hotfix for the problem caused by the patch.
Hello!!! The fucking patch has been broken for 3 goddamn weeks! And you only decide to fix it now?
That brilliant, that is. :rolleyes:
Sorry, it hasn’t been a real good week here either…
::sigh::
Still innundated with calls about Sasser. And Blaster on top of it. I want this to go AWAY!
Hatestabhate!
Buy a non-Windows computer.
Tell everyone that you will now only provide tech support for your non-Windows computer, since you have better things to do with your life than to keep plugging holes in Microsoft’s inherently insecure POS product.
Watch your tech support calls and virus infestations drop to zero.
(Lost a dan and a half at work due to Sasser. Wish I had worn my “Smug Virus-Free Mac-Using Bastard” shirt today… )
I am wearing my “Mac is a shitty OS” shirt today
NOOO! No platform wars!
I <3 Macs! I <3 Windows! I … don’t have much experience with *nix but I <3 it too!
My rant wasn’t aimed at Microsoft so much as just the frustration of not being able to help people who think it’s our problem when indeed it’s not.
Let’s all shake hands and um, sing kumbaya.
Yeah really. That’d suck worse than having to deal with these calls.
What the hell? You <3 Windows? How can you look at yourself in the mirror and not be ashamed? HOW CAN YOU SUPPORT THOSE SOULLESS MONSTERS AT M$$$$$$$$$$$$$$$$$(the $ is because they are capatalist pigs. Now here’s $12 000, I’m sure that’ll be enough to get you a mid-end Mac).
Hm.
Cuz… without Windows, I wouldn’t really have a job. Well, ok that’s not entirely true, but it’s true enough. I honestly don’t prefer one OS over the other. I’m more familiar with Windows than the Mac OS but I grew up using Macs. I dig XP. I dig Mac OSX, it makes me want to lick the screen cuz it looks like candy.
Good enough? Can I still love Windows now?