Page 1 of 1 [ 9 posts ] 

Anna4077
Snowy Owl
Snowy Owl

User avatar

Joined: 12 Jun 2006
Age: 55
Gender: Female
Posts: 146

21 Nov 2009, 4:41 am

My (very basic netbook) PC has become infected recently. Something called Security Tool is now on my start-up menu, my toolbar and my hard drive and I can't get rid of it. I've had viruses before but I managed to get rid of them using Spybot. When I try running Spybot on this sucker, my PC shuts down. :evil:
Oh, and theres the delightful side effect of a window popping up on my screen every 20 seconds or so urging me to use Security Tool. :evil:

Any recommendations about what to would be much appreciated.



Jaydog1212
Toucan
Toucan

User avatar

Joined: 8 Jan 2009
Age: 42
Gender: Male
Posts: 257

21 Nov 2009, 4:58 am

Anna4077
Snowy Owl
Snowy Owl

User avatar

Joined: 12 Jun 2006
Age: 55
Gender: Female
Posts: 146

21 Nov 2009, 5:58 am

^^^How? What does that entail?



sacrip
Veteran
Veteran

User avatar

Joined: 17 Oct 2008
Age: 50
Gender: Male
Posts: 844

21 Nov 2009, 8:38 am

Download Malwarebytes from download.com. It helped me with a similar problem.


_________________
Everything would be better if you were in charge.


Jono
Veteran
Veteran

User avatar

Joined: 10 Jul 2008
Age: 43
Gender: Male
Posts: 5,603
Location: Johannesburg, South Africa

21 Nov 2009, 4:04 pm

Anna4077 wrote:
^^^How? What does that entail?


In Jadog's post, move your mouse cursor over the words Remove Security Tool. It's a clickable link that takes you to a website with removal instructions of the said malware.



peterd
Veteran
Veteran

User avatar

Joined: 25 Dec 2006
Age: 71
Gender: Male
Posts: 1,347

22 Nov 2009, 2:48 am

I got one yesterday: started running, flashed up warning messages of virus infection, left things in the registry to restart itself, thoroughly nasty little bugger.

Restart Windows in Safe Mode with Networking - hold the power key down for ten seconds or so to turn it off, then bounce on F8 while its restarting and proceed from there. There are web pages that'll give you clues - or let you download tools - to cleaning up from there. Don't be fooled though, it's not a real virus and its messages about infection are just to scare you into obeying its commands.



Anna4077
Snowy Owl
Snowy Owl

User avatar

Joined: 12 Jun 2006
Age: 55
Gender: Female
Posts: 146

22 Nov 2009, 7:33 am

Thanks for the suggestions, guys. Much appreciated! :wink:



Keith
Veteran
Veteran

User avatar

Joined: 12 Aug 2008
Age: 40
Gender: Male
Posts: 2,321
Location: East Sussex, UK

22 Nov 2009, 8:26 am

10 seconds? That's exactly 2.5 times longer than is required. Many computers based on the ATX format will power off when the power switch is held in position for 4 seconds.

In the terms of viruses, it is better to power off, remove the battery - wait 30 seconds; longer does no harm, and start the computer up, but I would avoid safe mode with networking as this could encourage the active use of an internet connection and therefore re-instate itself. I would recommend pure safe mode if you should want to do so. But Safe mode is only for those "hard to reach spots" that can't be got at without conventional ways.

In the terms of a laptop/netbook, you should get a logo of the device you get, once that disappears, start pressing the F8 (fate dunno why I like to call it that) if you select nothing, it will resume normal start up in 30 seconds by default. This can be adjusted.

In the terms of powering off a full desktop PC, it would be best to power off, switch off (some computers have rocker switches) and unplug. Then hold the power button on for a few seconds to drain the capacitors which WILL still have a charge in them.

I myself use safe mode rarely as there aren't many instances that call for it



superboyian
Veteran
Veteran

User avatar

Joined: 9 Sep 2009
Age: 32
Gender: Male
Posts: 14,704
Location: London

27 Nov 2009, 11:17 am

What I would recommend you to do, to get Spyware Doctor from Google Packs and then install Spyware Doctor.... Once that is installed, update it immediately.

Once finished updating.... Restart your computer...

When this part of your computer starts up.... Image may vary depending on computer models.
Image

Hold f8 or rapidly press it till the the menu should come up and it should look something like this....
Image

Select Safe mode.....


Now you are at safe mode, all you need to do is run spyware doctor full scan, hopefully it should find all the results... hopefully it should be able to remove the virus which it is most likely to do.

Good luck, superboyian :D

---------
Extra information incase no luck... (this part of the information is from 2-spyware.com website)

Kill processes:
4946550101.exe

Delete registry values:
HKEY_CURRENT_USER\Software\Security Tool
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "4946550101"

Delete files:
4946550101.bat
4946550101.cfg
4946550101.exe
Security Tool.lnk
Security Tool.lnk

Delete directories:
%UserProfile%\Application Data\4946550101

Hopefully should help :)


_________________
BACK in London…. For now.
Follow my adventures on twitter: @superboyian
Please feel free to help my aspie friend become a pilot: https://gofund.me/a9ae45b4