Previous Topic Next Topic

I got the Security Tool Malware

Solved/Closed
not too bright - Feb 21, 2010 at 05:51 PM
xpcman Posts 19530 Registration date Wednesday October 8, 2008 Status Contributor Last seen June 15, 2019 - Feb 25, 2010 at 07:00 PM
Hello,
I got the Security Tool Malware infection last night. I spent hours trying to open my computer in safe mode. The ST kept blocking any anti virus down loads, system restore, and eventually would log my lap top off.
After hours of foul language I was able to log in on SAFE MODE. I ran my antivirus program and it did not find anything. I then went to System Restore and was able to set my lap top back to the 18th. This seemed to work , my desk top looked normal and there was no Security Tool popping up. I then downloaded a newer version of my anti virus and ran another full scan--still nothing found. I went to Malwarebytes and downloaded the malware detection /removal ware (free version). I ran a full scan and still nothing found. OK...if you have not yet fallen asleep, MY QUESTION IS--is the Security Tool still hidden somewhere on the lap top or did the System Restore "get rid" of it? My lap top is booting up perfectly but now I am afraid to use any program with a password. Is there something else I should do to make sure it is gone? I have Windows Vista on my lap top.
Thanks for your patience
Related:

2 responses

Answer 1 / 2
xpcman Posts 19530 Registration date Wednesday October 8, 2008 Status Contributor Last seen June 15, 2019 1,825
Feb 21, 2010 at 06:42 PM
Hello,

1. Download Process Explorer and save it in C:\ folder.
Download link: http://live.sysinternals.com/procexp.exe

2. Rename procexp.exe to explorer.exe and double-click to run it.
3. Select Security Tool process from the list. Should be 4946550101.exe or similar and press "Delete" button to end the process.
4. Close Process Explorer and download MalwareBytes anti-malware:
https://www.2-spyware.com/review-malwarebytes-anti-malware.html

5. Rename mbam-setup.exe to explorer.exe and double-click to run it. Install, update and run MalwareBytes anti-malware. Then perform full computer scan and remove all found infections.

Good luck!
0
not too bright Posts 1 Registration date Sunday February 21, 2010 Status Member Last seen February 21, 2010
Feb 21, 2010 at 07:04 PM
Hi xpcman,

So what you are telling me is the Security Tool is still on my laptop even if it is not popping up any more?

If so what you sent me is a little complicated. I do not know how to rename something. Will you give me instruction for the "not so bright"? I am not familiar with too much pc stuff. Will I have to download Malwarebytes if I have already downloaded it yesterday?
0
not too bright
Feb 25, 2010 at 06:26 PM
Hi PC Man,

I downloaded the sysinternals like you said. It did not give me a chance to rename it I just downloaded it and it started running. I looked on the list but could not find Security Tool or anything just beginning with a number. I have downloaded 3 different anti spyware programs and not one could find anything.

When I got the Security Tool I was suspicious right away. I never registered the product.

What is your professional opinion? If you have any other advise I will need easy step by step instructions.

I am sorry to keep bothering you. For me this will really give me a sense of accomplishment if I can handle this without going to the pc repairman.
0
xpcman Posts 19530 Registration date Wednesday October 8, 2008 Status Contributor Last seen June 15, 2019 1,825 > not too bright
Feb 25, 2010 at 07:00 PM
It would appear that you have removed the virus. Good Job.
0
Answer 2 / 2
xpcman Posts 19530 Registration date Wednesday October 8, 2008 Status Contributor Last seen June 15, 2019 1,825
Feb 21, 2010 at 09:08 PM
The renaming is done to outwit any virus. The virus file was not deleted by the restore. It's still there but has nothing to execute it. It would be nice to find and remove it.

In explorer you right click the file and then select "rename" and then over type the name. We choose "explorer.exe" because the virus WILL always allow that program to run.

I would still download a fresh copy of Malwarebytes to be extra sure you get the latest version.

Good Luck
0

Similar discussions

Firewall blocking internet connection
thomas10 -
Nivi -

11 responses
Facebook
Kasonde -
ElenaKM -

1 response
My Facebook Account Is In Security Check
Nizam -
HelpiOS -

1 response