Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I am infected with Security Tool


  • Please log in to reply
3 replies to this topic

#1 miboiler

miboiler

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:13 PM

Posted 21 March 2010 - 01:37 PM

I am running XP with all of the updates, IE 7 with all of the updates. Clicked into a site and Security Tool appeared. I have tried to run some of the suggestions mentioned here but Security Tool has my Desk Top blanked so I can't see it. I ran the MS Scan and it recognizes 2 problems but does not fix them. I tried to go to system restore but there are no restore points to go to.

Any suggestions to get rid of this parasite...

BC AdBot (Login to Remove)

 


#2 trollocks

trollocks

  • Members
  • 369 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England
  • Local time:12:13 AM

Posted 21 March 2010 - 01:49 PM

http://www.bleepingcomputer.com/virus-remo...e-security-tool

#3 miboiler

miboiler
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:13 PM

Posted 21 March 2010 - 02:38 PM

I followed instruction downloaded programs to usb flash. Open the window for desk top and tried to run rkill.com. Dos box flashes on the screen but never runs. Any tricks to get this to run?

#4 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:12:13 AM

Posted 21 March 2010 - 03:16 PM

Hi miboiler

Try this:

Please note these programs must be downloaded to the Desktop.

Downloads
  • Download OTL to your desktop.
    if you have problems, try this download link:
    OTL
    right click on the link and select 'Save Link/Target As'.

  • Download OTH to your desktop.
right click on the link and select 'Save Link/Traget As'.

Open Notepad - it must be Notepad, not Wordpad.
Copy the text below in the code box by highlighting all the text and pressing Ctrl+C
netsvcs
msconfig
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
Go to the Notepad window and click Edit >> Paste
Then click File >> Save
Name the file Scan
Make sure that the Save as Type is set to Text Documents
and save to the Desktop.

Run Programs
  • Click on the OTH icon to run the program.

    Posted Image
  • Click on the Posted Image button.
    Your Desktop will go blank.
  • Now click on the Posted Image button.

    Posted Image
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Double click in the Custom Scans/Fixes window (under the blue bar)
  • A message box will popup asking if you want to load a custom scan from a file
  • Select the file you saved earlier (Scan.txt)
  • Now click on the Posted Image button.
When the scan has completed, click on the Posted Image button.
This will load your browser so that you can copy/paste the OTL.txt and Extra.txt reports in your next reply.
Once posted:
Click on the Posted Image button to restart your computer.

If IE won't run when you click the button, click on the 'Start Misc Program' button and select an alternative browser.

Thanks.

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users