Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Tool malware cure


  • This topic is locked This topic is locked
1 reply to this topic

#1 Mark_Cumbria

Mark_Cumbria

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:47 AM

Posted 20 December 2010 - 05:47 AM

Hello again.
I'm no computer wizard as can be seen from my previous post. thought I'd better put a new title up.
'System Tool' infected my computer. In safe mode with networking, I discovered and used the guide supplied by bleeping computer. It was a relief to find something because 'System Tool' stops you using Task Manager or anything else you can use to identify it and destroy it manually.
Everything in the guide worked fine through using RKill, Malwarebytes anti-malware to over-riding the Windows permissions in order to delete the corrupted file C:\Windows\System32\Drivers\etc\Hosts file.
Unfortunately I cannot get permission from Windows to save the replacement file in this directory.
I don't dare shut down the PC in case it won't re-boot without this file in place.
Can anyone help me to save this file where it should be?
Thanks from one tired computer novice !

Hope this isn't classed as bumping. If so, it was not intentional. I'm new to these sites and not familiar with information I need to supply. Apologies if I caused offence.

Operating system is Windows Vista, by the way. Forgot to mention that, too.
Hope that is all the information you need. I understand how busy you are, so don't expect instant replies.
Just wish someone would catch the idiots that design these malware infections.
At least I knew to keep tapping F8 to start windows in safe mode after turning the computer on, otherwise I wouldn't have got this far.

Success! After a bit of fiddling I have the clean Hosts file in the System32 folder where it belongs. The trick which is probably obvious to a lot of people (but wasn't to me!) is to use explorer to find the folder, change ownership to myself, then alter my own permissions to allow me to write to it or modify it.

The PC restarted normally, with no sign of the System Tool infection. Thanks to bleeping computer for the rest of the fix, though. I don't think that I would ever have managed it on my own.

No need for any advice, now (I hope) but thanks again.

Edited by Mark_Cumbria, 20 December 2010 - 11:30 AM.


BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:02:47 AM

Posted 28 December 2010 - 01:57 PM

Responded to your other thread, just in case. :)

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users