Welcome to my nightmare! Just found this site yesterday and I've been learning alot about malware and viruses. On a scale of 1 - 10 for computer smarts I'm a one... so bare with me : )
Yesterday I recieved a bogus email that convinced me to dowload 'SecurityTool' and I have been fighting all kinds of malware since.
I have 6 machines and it turns out all of them had malware problems. Aftering learning of this site and reading through all the forums I have manged to 'win' the battle almost... curing, I think, 5 of the 6 machines.
The "SecurityTool" thing was freeky, this is my first experience with a virus and I thought I was being hacked when it spammed all the fake warnings and blocked my trusty system restore button! I learned here about starting in safemode and from there I was able to do a system restore on that machine to succesfully get rid of "SecurityTool" *whew*, but..
I still have one machine that appears to have something blocking it from doing a windows update, accessing any microsoft webpages or even entering safemode. I cannot download most anti-virus or spyware.. I can't even get the 90 dollar anti-virus disc I bought to work, its seems to block all ways to fix anything. Doing a system restore as far back as I can go doesn't help either. Nothing I have tried seems to work, so far I have...
... Ran Malwarebytes. Luckily I was able to download it as the other 20 I tried were blocked. It removed (worm.conficker) and "" HKEY_LOCAL_MACHINE\Microsoft\Security Center\antivirusDisableNotify (Disabled.SecurityCenter)"" and "" \FirewallDisableNotify (DisabledSecurityCenter)"".
... Ran 'rkill' it deleted some things I think, it's all a big haze to me now!
It still wont let me access windows update, or any microsoft sites or enter safemode. I have ran malwarebytes 4 times since and it comes up clean. I am stumped as to how I can fix this. Any help would be greatly appreciated.
p.s I am using windows xp on a satelite connection
Edited by kreep, 26 February 2010 - 06:14 PM.