I am not able to Block Rogue.SystemTool

[Hadriel]

I am with XP Home Edition desktop is running MSE for anti-virus. I occasionally have to fire up MalwareBytes Anti-Malware to remove stuff which gets by MSE. I had to do that yesterday, and MBAM killed a bunch of malware (it reported that it had nailed everything it found). In morning I found the PC infected with what is called Rogue.SystemTool. Any suggestions for what I could do to protect my PC better? Spending WAY too much time on cleanup. Would the paid version of MBAM make sense, for instance?

[Nipmuc]

You need to make certain that he is up-to-date with Adobe Flash, Adobe Reader, and JAVA (and other Internet enabled apps) that he might have installed. The most common infection vector these days is by visiting a compromised legitimate web site or one deliberately setup for the purpose of dumping c-rapware on visitors to the web site. The bad guys use whatever vulnerability they can, possibly even some not yet known to the good.

[Visala28]

The user needs to review the websites he does visit and be extremely cautious about clicking on a link received in an Email. Hacking into someone Email account and then using it to send Emails to contacts found in the hacked account from that account is very common right now. The Emails typically contain just a link (commonly disguised so that one doesn't really know where the link is going to take them) or they contain a minimal amount of text designed to get you to click on the link, for example "They got me, did they get you too?" and then a link.

[Candace]

I use the free Avast anti-virus and turn off the file scanner. I also have Windows XP. Firewall is turned off and I have the services for Remote Access and file sharing turned off. I am behind a router and you never said if your friend is. It may make a difference. Every time I run Malware Bytes I have never seen more than one medium threat. Except on my wife’s computer. My wife likes to click on everything so I installed Spybot and use the browser immunity function but nothing else. Now Malware Bytes shows no threats on every other day scans.

[Hadriel]

Hello thank you for your replies. MSE is supposed to do anti-malware, in addition to anti-virus, right? So I'm not thrilled at the idea of two programs doing real-time scans at the same time. Actually I am facing issue of slowness right now <grin>. MSE is up-to-date and ran its scheduled scan on Saturday, so I'm wondering how come it didn't stop this Rogue.SystemTool. You need to make certain that he is up-to-date with Adobe Flash, Adobe Reader, and JAVA (and other Internet enabled apps) that he might have installed.

[Wguy2008]

Fighting Internet c-rapware is akin to being a duel where you always grant your opponent the first shot. If he kills you with that one, then he wins. The quickness with which the good guys learn about new c-rapware (and real malware for that matter) and then get defs back out to their customers does matter. In general for that reason I still prefer a paid product such as the Symantec Norton products which can do burst updates and can literally update your computer about every few minute should they so choose.

[Pennacook]

MalwareBytes seems to be a bit quicker on the draw with c-rapware, I think most likely because they are much smaller and so a whole lot less people have to give their OK before a definition actually gets released to the general public. I'm also certain that Symantec Norton is likely to spend more time testing a proposed new def for possible false positive type problems than a smaller Corporation. I hope this will help you thank you.