Quote:
Originally Posted by james44754
Some**** called Security Tool i've never saw in my life it keeps on changing the supposed amount of infections though so I don't buy it.
|
DEFINITELY Malware. Just had to delete it from my little sister's computer 2 weeks ago. Just Google "Security Tool Virus" and you'll hear all about it.
Anyway, there are plenty pages on google that address how to do it and even some more crap they want you to download, but I'll give you the quick & dirty manual version because it's still quite fresh in my mind:
(The following applies to Windows machines. I don't use a Mac, so if that's what you're on, then you'll have to do some Googling)
1.
While you're logged in, hit CTRL+ALT+DEL to bring up your task manager. In Vista, you'll actually have to choose the task manager option. While trying to dodge all the ridiculous pop ups and crap, hit the
PROCESSES tab and start scrolling down the list until you find a .exe with a name that's just random numbers. The one I had to get rid of was called "
4946550101.exe", so if it's the same, lucky you. If not, it's going to be a random string of numbers. Write the random string of numbers down.
2.
Reboot your computer and boot into SAFE MODE.
(For instructions on how to do this, see the note at the end of the steps)
3.
Open up COMPUTER and navigate to your
C: drive, then
DOCUMENTS AND SETTINGS, then your
USERNAME. If you DON'T see a folder called
APPLICATION DATA, then you're going to have to enable hidden folders. To do this, simply click
TOOLS on the menu up top, then
FOLDER OPTIONS, then
VIEW. Look in the drag box and select
SHOW HIDDEN FILES AND FOLDERS. Click
OK. Now you'll see
APPLICATION DATA. Go there.
4.
Look at your little piece of paper with the random string of numbers, and scan all the folders in the APPLICATION DATA folder you're in until you find the folder named the same random string of numbers. You can look in it if you want for sh
its and giggles, but you don't need to. Delete the whole folder. If any dialog box pops up, yes to everything. The whole folder goes bye bye.
(If you get a dialog that says a file is in use, open your task manager again and locate the random string then right click it and click "end process", then hurry and delete the folder... Because the .exe will try to come back like night of the living dead. You're literally shooting the zombie in the head by deleting the folder that contains the .exe, so get 'r done.)
5.
Click your START button and in your run/search bar (Vista) or by clicking run (XP) you want to type MSCONFIG. Once the config dialog pops up, hit the
Startup tab and check to see if the random string of numbers is in there. If so, it probably has a check next to the box. Uncheck it. This will prevent you from getting any popups about the program being missing when you start your computer. You can go further by actually deleting the startup item, but it's not necessary and will require further steps.
6.
Restart your computer back into normal mode. Just simply restart it. You won't have to press any keys. Once in Windows, verify that you're not getting any more popups. You'll probably get a popup saying you made changes to your
MSCONFIG file. That's fine. Just OK it. It won't come up any more after that.
If Security Tool put a desktop icon on your desktop, delete that. Empty your recycle bin. Eat a Twinkie.
Now, you will still have the registry key for Security Tool in your registry, which you can leave it there if you want, but it's always a good idea to have a nice and clean registry to get rid of old, unused keys, as it allows your registry to be read faster... so if you want to do this safely without di
cking around in the registry, just download
CCLEANER from Google and run the registry cleaner along with anything else in there. Useful program. I love the hell out of it.
7.
Stop clicking internet popups. Security tool is a user-initiated install. Meaning, something popped up on the internet and you clicked it. They're tricky bastards in that sometimes they'll encode a download/self-installing package
INTO AN OK/CANCEL BUTTON. This means that sometimes when you THINK you're clicking OK to close a popup... you're really downloading their trash. Easiest way to evade those popups when you're not sure is to go to your task manager and under your programs, right click your browser and press
END TASK. You usually have to do that because they lock the browser until you click their popup. Killing the whole browser is sometimes the only way, but it's perfectly safe, as long as you aren't in the middle of doing something like I'm doing now, typing a billion words without having saved any of it.
So that should do you. If not, then tell me exactly what didn't work and we'll fix that. I'm just working from rote memory here, so it's completely possible I left something out. But the basic thing is Find the program, delete it in safe mode, remove the startup trigger, and reboot.
If I assumed you were well versed in computer operation, I would have just said that... but... I'm an IT guy and this is just my thing.
::::SAFE MODE PROCEDURE::::
You'll need to hit the hot-key that brings up your boot menu. Watch your screen when you're rebooting and you should see a message on the black background saying "
Press F12 for boot menu". It could be a different hot-key, but F12 is usually pretty standard. If not and you can't figure it out, just google your computer model and add the following key words to the search: "boot menu hotkey". When you've got the boot menu, you'll see a list of options... Choose "
SAFE MODE". Don't worry about safe mode with networking or any of that other stuff. When you start booting, you'll see a bunch of drivers loading and all... Perfectly normal. Windows will load up, and your screen will look like crap because Windows only loaded its generic 16-bit video driver. Perfectly normal.