Security Tool removal help

Discussion in 'Malware Help (A Specialist Will Reply)' started by ragexzero, Jan 5, 2010.

  1. ragexzero

    ragexzero Private E-2

    My dad has downloaded the "Security Tool" virus and the computer is a whole mess now. I cant run most programs because Security Tool doesnt allow me and the pop-ups about viruses are endless.

    Please help me remove this demon from my computer!

    I cant even post any logs, since Security Tool wont let me run any anti-spyware programs! Help!
     
    ragexzero, Jan 5, 2010
    #1
  2. ragexzero

    ragexzero Private E-2

    I seem to have removed it. I went into safe mode and then I was able to run MBAM and SAS. MBAM took care of it at the first try. I think it wont be necessary to post the logs right? or to run ComboFix or MGTools.

    Thanks anyway. These forums are so helpful, you guys provide a great service here.
     
    ragexzero, Jan 5, 2010
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    TimW, Jan 8, 2010
    #3
  4. ragexzero

    ragexzero Private E-2

    Here's the requested logs.

    Everything ran smoothly with the exception of RootRepeal, which froze for a long time and I couldnt get a log from it. Its not the first time this has happened. Last time I was here cleaning this same computer, same thing.

    I thought I should mention that when I ran ComboFix, it gave me a weird message that said "Warning: There is CD-emulation software running on this computer. ComboFix will disable it temporarily".

    This had never happened before. Ive ran ComboFix a lot on this computer before, and I never got that message. Could it have something to do with the fact that my DVD drive opens by itself randomly and wont close? Just curious. I think the drive is toast and needs to be exchanged.

    Thanks for your help and attention.
     

    Attached Files:

    ragexzero, Jan 8, 2010
    #4
  5. ragexzero

    ragexzero Private E-2

    SAS log attached here.
     

    Attached Files:

    ragexzero, Jan 8, 2010
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Thanks for taking your time to attach the logs. They are clean. :)

    You may want to post in the hardware section for your DVD player....(;)).

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real-time protection. They are useful as backup scanners.They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    7. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore ato create a new clean Restore Point.
    8. After doing the above, you should work thru the below link:
     
    TimW, Jan 10, 2010
    #6
  7. ragexzero

    ragexzero Private E-2

    Thanks for the help.

    I was curious tho, why do you think ComboFix gave me that message all of a sudden, that theres a CD Emulation program running? I dont recall installing anything along those lines. Unless my sisters BIG mistake of installing EZ-Tracks download manager counts as that. It should have been uninstalled by the time I ran ComboFix tho.

    Just wondering.
     
    ragexzero, Jan 10, 2010
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Not a clue.....sorry. That is why I suggested trying the software forum. They are good with ghosts. :)
     
    TimW, Jan 10, 2010
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds