|
Register | Blogging | Today's Posts | Search |
|
Thread Tools | Display Modes |
04-02-2010, 07:14 PM | #351 (permalink) |
Dazed and confuzzled
Join Date: Jul 2008
Location: England
Posts: 1,552
|
Yeah, this is mallware, however. A lot of places will install something on your computer and then tell you that there are hundreds of these on your computer. But wait, funnily enough we can clear it all for you for just a small fee, lol.
__________________
I have acquired four score and nineteen difficulties, but a wench cannot be counted among them |
04-03-2010, 10:59 PM | #358 (permalink) | |
Partying on the inside
Join Date: Mar 2009
Posts: 5,584
|
Quote:
Anyway, there are plenty pages on google that address how to do it and even some more crap they want you to download, but I'll give you the quick & dirty manual version because it's still quite fresh in my mind: (The following applies to Windows machines. I don't use a Mac, so if that's what you're on, then you'll have to do some Googling) 1. While you're logged in, hit CTRL+ALT+DEL to bring up your task manager. In Vista, you'll actually have to choose the task manager option. While trying to dodge all the ridiculous pop ups and crap, hit the PROCESSES tab and start scrolling down the list until you find a .exe with a name that's just random numbers. The one I had to get rid of was called "4946550101.exe", so if it's the same, lucky you. If not, it's going to be a random string of numbers. Write the random string of numbers down. 2. Reboot your computer and boot into SAFE MODE. (For instructions on how to do this, see the note at the end of the steps) 3. Open up COMPUTER and navigate to your C: drive, then DOCUMENTS AND SETTINGS, then your USERNAME. If you DON'T see a folder called APPLICATION DATA, then you're going to have to enable hidden folders. To do this, simply click TOOLS on the menu up top, then FOLDER OPTIONS, then VIEW. Look in the drag box and select SHOW HIDDEN FILES AND FOLDERS. Click OK. Now you'll see APPLICATION DATA. Go there. 4. Look at your little piece of paper with the random string of numbers, and scan all the folders in the APPLICATION DATA folder you're in until you find the folder named the same random string of numbers. You can look in it if you want for shits and giggles, but you don't need to. Delete the whole folder. If any dialog box pops up, yes to everything. The whole folder goes bye bye. (If you get a dialog that says a file is in use, open your task manager again and locate the random string then right click it and click "end process", then hurry and delete the folder... Because the .exe will try to come back like night of the living dead. You're literally shooting the zombie in the head by deleting the folder that contains the .exe, so get 'r done.) 5. Click your START button and in your run/search bar (Vista) or by clicking run (XP) you want to type MSCONFIG. Once the config dialog pops up, hit the Startup tab and check to see if the random string of numbers is in there. If so, it probably has a check next to the box. Uncheck it. This will prevent you from getting any popups about the program being missing when you start your computer. You can go further by actually deleting the startup item, but it's not necessary and will require further steps. 6. Restart your computer back into normal mode. Just simply restart it. You won't have to press any keys. Once in Windows, verify that you're not getting any more popups. You'll probably get a popup saying you made changes to your MSCONFIG file. That's fine. Just OK it. It won't come up any more after that. If Security Tool put a desktop icon on your desktop, delete that. Empty your recycle bin. Eat a Twinkie. Now, you will still have the registry key for Security Tool in your registry, which you can leave it there if you want, but it's always a good idea to have a nice and clean registry to get rid of old, unused keys, as it allows your registry to be read faster... so if you want to do this safely without dicking around in the registry, just download CCLEANER from Google and run the registry cleaner along with anything else in there. Useful program. I love the hell out of it. 7. Stop clicking internet popups. Security tool is a user-initiated install. Meaning, something popped up on the internet and you clicked it. They're tricky bastards in that sometimes they'll encode a download/self-installing package INTO AN OK/CANCEL BUTTON. This means that sometimes when you THINK you're clicking OK to close a popup... you're really downloading their trash. Easiest way to evade those popups when you're not sure is to go to your task manager and under your programs, right click your browser and press END TASK. You usually have to do that because they lock the browser until you click their popup. Killing the whole browser is sometimes the only way, but it's perfectly safe, as long as you aren't in the middle of doing something like I'm doing now, typing a billion words without having saved any of it. So that should do you. If not, then tell me exactly what didn't work and we'll fix that. I'm just working from rote memory here, so it's completely possible I left something out. But the basic thing is Find the program, delete it in safe mode, remove the startup trigger, and reboot. If I assumed you were well versed in computer operation, I would have just said that... but... I'm an IT guy and this is just my thing. ::::SAFE MODE PROCEDURE:::: You'll need to hit the hot-key that brings up your boot menu. Watch your screen when you're rebooting and you should see a message on the black background saying "Press F12 for boot menu". It could be a different hot-key, but F12 is usually pretty standard. If not and you can't figure it out, just google your computer model and add the following key words to the search: "boot menu hotkey". When you've got the boot menu, you'll see a list of options... Choose "SAFE MODE". Don't worry about safe mode with networking or any of that other stuff. When you start booting, you'll see a bunch of drivers loading and all... Perfectly normal. Windows will load up, and your screen will look like crap because Windows only loaded its generic 16-bit video driver. Perfectly normal. Last edited by Freebase Dali; 04-03-2010 at 11:13 PM. |
|
04-04-2010, 04:36 AM | #359 (permalink) |
Account Disabled
Join Date: Oct 2009
Location: Scotland
Posts: 4,483
|
When I press ctrl alt delete it pops up saying "taskmgr.exe is infected with worm Lsas.Blaster.Keylogger this worm is trying to send your credit card details using taskmgr.exe as a remote host" so it's not bringing up task manager.
|
04-04-2010, 05:08 AM | #360 (permalink) | |
Partying on the inside
Join Date: Mar 2009
Posts: 5,584
|
Quote:
Anyway, you might just have to first restart into Safe Mode and find the folder I mentioned that will have a random string of numbers as its name. These damn Malware progs change and get smart... But before you do all that, ensure that it's Security Tool that you're infected with, because if it's actually something else, their file might use a different naming convention and I'll need to find it online to let you know what to look for, so let me know on that. Key characteristics of Security Tool Virus will be the addition of the Security Tool program on your desktop (shortcut) and will pop up a program that looks like it's scanning for viruses and will tell you your "infections", which are all false. At the very least, reboot into Safe Mode and open up Task Manager and type to me all the processes that are currently running in the dialog box. I'll be able to identify which one doesn't belong, even if it takes a little research. Thing is, this dam Security virus isn't going to go away and you'll be plagued by it, so we need to get this licked ASAP. If you can't open task manager while in safe mode, for some odd reason, then navigate to the folders I was talking about (Application data) and write a list of the folder names in there. If it comes up that we can't find the offending file folder, we'll go from there. |
|
|