cmd.exe /c dir C:\*.* /L /A /B /S|Find "cmd." >> "%userprofile%\desktop\look.txt"
cmd.exe /c dir C:\*.* /L /A /B /S|Find "netstat." >> "%userprofile%\desktop\look.txt"
cmd.exe /c dir C:\*.* /L /A /B /S|Find "ping." >> "%userprofile%\desktop\look.txt"
cmd.exe /c dir C:\*.* /L /A /B /S|Find "tracert." >> "%userprofile%\desktop\look.txt"
cmd.exe /c dir C:\*.* /L /A /B /S|Find "tasklist." >> "%userprofile%\desktop\look.txt"
cmd.exe /c dir C:\*.* /L /A /B /S|Find "taskkill." >> "%userprofile%\desktop\look.txt"
cmd.exe /c dir C:\*.* /L /A /B /S|Find "regedit." >> "%userprofile%\desktop\look.txt"
attrib -r -h -s "c:\windows\system32\cmd.com"
attrib -r -h -s "c:\windows\system32\netstat.com"
attrib -r -h -s "c:\windows\system32\ping.com"
attrib -r -h -s "c:\windows\system32\tracert.com"
attrib -r -h -s "c:\windows\system32\tasklist.com"
attrib -r -h -s "c:\windows\system32\taskkill.com"
del /q "c:\windows\system32\cmd.com"
del /q "c:\windows\system32\netstat.com"
del /q "c:\windows\system32\ping.com"
del /q "c:\windows\system32\tracert.com"
del /q "c:\windows\system32\tasklist.com"
del /q "c:\windows\system32\taskkill.com"
Download and Install a HOSTS File
A Hosts file is a plain text file which prevents your computer from inadvertently connecting to malware, spyware and adware sites by redirecting the connection request back to your own machine address (127.0.0.1). It is a very effective defense system.
If you use a proxy server, or if you are on AOL, or if you use Norton to scan e-mail, be sure to read the special instructions in the tutorial below..
Be sure to disable the service "DNS Client" FIRST to allow the use of large HOSTS files without slowdowns.
If this isn't done first, the next reboot may take a VERY LONG TIME.
This is how to do it. First be sure you are signed in as a user with administrative privileges:Stop and Disable the DNS Client Service
Go to Start, Run and type Services.msc and click OK.
Under the Extended Tab, Scroll down and find this service.
DNS Client
Right-Click on the DNS Client Service. Choose Properties
Select the General tab. Click on the Stop button.
Click the Arrow-down tab on the right-hand side at the Start-up Type box.
From the drop-down menu, click on Manual
Click the Apply tab, then click OK
Download BlueTack's HOSTS Manager here:
http://www.bluetack.co.uk/forums/index.php?act=dscript&CODE=showdetails&f_id=5
Download and install the Hosts Manager first, then run it and click Download.
When it finishes, click Replace, and then Save.
You can use this manager to handle your HOSTS file download, edits, and most any other HOSTS issue.
If you have a firewall, you may have to give permission to Unlock the present default HOSTS file before you copy / install the new one.
You may also have to give additional permission during installation of the new one.
Read an excellent instruction about HOSTS files (the Bluetack version) here:
http://www.bluetack.co.uk/forums/index.php?showtopic=8406
There is a very detailed resource for those wanting to spend more time reading up, or to have as a reference:
http://www.bluetack.co.uk/forums/index.php?showtopic=8337
-------------------------------------------------------------------------------------------------------------
You can see another HOSTS file tutorial here : http://www.mvps.org/winhelp2002/hosts.htm
and choose to download the MVPS HOSTS File instead of using the BlueTack HOSTS.
The BlueTack version (70k+ entries) is more aggressive than the mvps (11k + entries), and targets adware sites as well as more dangerous ones.
Return to Infected? Virus, malware, adware, ransomware, oh my!
Users browsing this forum: No registered users and 533 guests
Contact us:
Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.
Member site: UNITE Against Malware