Help
I had a PITA rougeware called security tool on a 7 machine. I would erase it via safe mode,SAS + Malwarebytes and reboot and it would still be there. It drove me nuts and I was banging my head. I saw the post about running rkill,scan/delete,run the batch file, delete and exchange the windows host file. That did the trick I have to read more into the host file and what it does. Anyways thanks for help, this forum rules.
The link I used can be found here http://www.bleepingcomputer.com/virus-remo...e-security-tool
Page 1 of 1
Thank you BC forums and rkill
Back to top
#2
- Bleepin' Janitor
-
- Group: Global Moderator
- Posts: 25,514
- Joined: 09-July 05
- Gender:Male
- Location:Virginia, USA
Posted 21 September 2010 - 08:31 AM
Thanks for the kind words and you're welcome on behalf of the Bleeping Computer community.
Tips to protect yourself against malware and reduce the potential for re-infection:
• Keep Windows and Internet Explorer current with all critical updates from Microsoft which will patch many of the security holes through which attackers can gain access to your computer. If you're not sure how to do this, see Microsoft Update helps keep your computer current.
• Avoid gaming sites, porn sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs (i.e. Limewire, eMule, uTorrent). They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Malicious worms, backdoor Trojans IRCBots, and rootkits spread across P2P file sharing networks, gaming, porn and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Porn sites can lead to the Trojan.Mebroot MBR rootkit and other dangerous malware. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.• Beware of Rogue Security software as they are one of the most common sources of malware infection. They infect machines by using social engineering and scams to trick a user into spending money to buy a an application which claims to remove malware. For more specific information on how these types of rogue programs and infections install themselves, read How Malware Spreads - How did I get infected.
• Keeping Autorun enabled on USB (pen, thumb, jump) and other removable drives has become a significant security risk as they are one of the most common infection vectors for malware which can transfer the infection to your computer. To learn more about this risk, please read:Microsoft Security Advisory (967940): Update for Windows Autorun
How to Maximize the Malware Protection of Your Removable Drives
• Security Resources from Microsoft:
Tips to protect yourself against malware and reduce the potential for re-infection:• Keep Windows and Internet Explorer current with all critical updates from Microsoft which will patch many of the security holes through which attackers can gain access to your computer. If you're not sure how to do this, see Microsoft Update helps keep your computer current.
• Avoid gaming sites, porn sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs (i.e. Limewire, eMule, uTorrent). They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Malicious worms, backdoor Trojans IRCBots, and rootkits spread across P2P file sharing networks, gaming, porn and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Porn sites can lead to the Trojan.Mebroot MBR rootkit and other dangerous malware. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.• Beware of Rogue Security software as they are one of the most common sources of malware infection. They infect machines by using social engineering and scams to trick a user into spending money to buy a an application which claims to remove malware. For more specific information on how these types of rogue programs and infections install themselves, read How Malware Spreads - How did I get infected.
• Keeping Autorun enabled on USB (pen, thumb, jump) and other removable drives has become a significant security risk as they are one of the most common infection vectors for malware which can transfer the infection to your computer. To learn more about this risk, please read:
- When is AUTORUN.INF really an AUTORUN.INF?
- Nick Brown's blog: Memory stick worms
- USB-Based Malware Attacks
- Danger USB! Worm targets removable memory sticks
Quote
...Disabling Autorun functionality can help protect customers from attack vectors that involve the execution of arbitrary code by Autorun when inserting a CD-ROM device, USB device, network shares, or other media containing a file system with an Autorun.inf file...
How to Maximize the Malware Protection of Your Removable Drives
• Security Resources from Microsoft:
- Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP
- Threats and Countermeasures - Security Settings in Windows Server 2008 and Windows Vista
- Microsoft Solutions for Security: The Antivirus Defense-in-Depth Guide
- Simple and easy ways to keep your computer safe and secure on the Internet
- Hardening Windows Security - Part 1 & Part 2
- How to Stop 11 Hidden Security Threats
- Your Guide To Staying Safe Online
- Configuring Internet Explorer for Practical Security and Privacy
- How to Secure Your Web Browser
- Safe Web practices - How to remain safe on the Internet
- Use Task Manager to close pop-up messages to safely exit malware attacks
- Bleeping Computer's Freeware Replacements For Common Commercial Apps
- Bleeping Computer's List of Virus & Malware Resources
Microsoft MVP - Consumer Security 2007-2012 
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Share this topic:
Page 1 of 1