Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security Tool


  • Please log in to reply
3 replies to this topic

#1 weirdace

weirdace

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 22 February 2010 - 09:02 PM

I've been going around in circles trying to learn this site so I apologize if I'm doing it wrong and would appreciate any clues on what I'm supposed to be doing. Some program called Security Tool took over my computer last night. It lets me do some things, but will not let me run any programs that remove it. As as I click "run" it comes up in a window (and constantly comes up anyhow). I've tried a few free downloads and even the Combofix which was recommended by my out-of-state computer friend. Same deal. Have gotten a blue screen twice as well. Any help would be greatly appreciated.

Edited by Orange Blossom, 22 February 2010 - 09:11 PM.
Move to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 Sashacat

Sashacat

  • Members
  • 372 posts
  • OFFLINE
  •  
  • Local time:01:34 AM

Posted 23 February 2010 - 03:28 PM

Remove Security Tool and SecurityTool (Uninstall Guide)
Posted by Grinler on September 25, 2009

http://www.bleepingcomputer.com/virus-remo...e-security-tool


Follow the steps in the removal guide named above, and reply back with the results of the Malwarebytes' scan.
Copy/paste the entire contents of the Malwarebytes' log into your next reply.

Also, please advise what, if any, symptoms you are still experiencing.
If we don't change the direction we are going,
We are likely to end up where we are headed.

#3 weirdace

weirdace
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 23 February 2010 - 07:31 PM

Malwarebytes' Anti-Malware 1.44
Database version: 3781
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

2/23/2010 7:14:16 PM
mbam-log-2010-02-23 (19-14-16).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 285426
Time elapsed: 46 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\09920323 (Rogue.Multiple.H) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\ProgramData\09920323 (Rogue.Multiple.H) -> Quarantined and deleted successfully.

Files Infected:
C:\ProgramData\09920323\09920323.exe (Rogue.Multiple.H) -> Quarantined and deleted successfully.
C:\Users\Barbara\Downloads\Christmas.exe (Trojan.Zbot) -> Quarantined and deleted successfully.
C:\Users\Barbara\Desktop\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.


I don't have non-stop popups anymore so I assume it's gone. THANK YOU SO MUCH!!!! Please let me know if you need any additional information.

#4 Sashacat

Sashacat

  • Members
  • 372 posts
  • OFFLINE
  •  
  • Local time:01:34 AM

Posted 23 February 2010 - 08:16 PM

Hello :thumbsup: That's GREAT news! :flowers:

Thanks to Grinler for the awesome tutorial: Remove Security Tool and SecurityTool (Uninstall Guide)

Your Malwarebytes' log shows the database version 3781.
I just checked my Malwarebytes' (updated it), and the most current database version (as of right now) is version 3782.
New trojans/viruses/malware are written every day.
It is VERY important for you to have the most current updates, so make sure to update yours.
You may want to update your Malwarebytes' and run another scan after updating, just to be sure that that it finds zero infections.

I encourage you to take advantage of the EXCELLENT information available on the bleepingcomputer.com site.
Here are a few topics that will be of tremendous help to you:

How Malware Spreads - How did I get infected

by quietman7 (Global Moderator)
http://www.bleepingcomputer.com/forums/t/287710/how-malware-spreads-how-did-i-get-infected/

How did I get infected?, With steps so it does not happen again!

by Grinler (Admin)
http://www.bleepingcomputer.com/forums/t/2520/how-did-i-get-infected/

The Ten Most Dangerous Things Users Do Online
by quietman7 (Global Moderator)
http://www.bleepingcomputer.com/forums/t/69440/the-ten-most-dangerous-things-users-do-online/

Warm Regards,
Sashacat :trumpet:
If we don't change the direction we are going,
We are likely to end up where we are headed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users