Wndows XP/Security Tool

View previous topic View next topic Go down

Wndows XP/Security Tool

Post by storm361 on 21st December 2009, 12:49 pm

My daughter clicked on a pop up on our PC -- she thought it was because the AVG antivirus was alerting her, but then she immediately realized something was wrong. I had not yet installed the Malwarebytes software, so I managed to get downloaded with the "Security Tool" pop ups kept coming, blocking the view of the screen. Then the blue screen, and the computer shut down. I am ticked off at myself because I have been too busy to backup the files on that computer, but that's not the issue now -- how do we get rid of this "Security Tool" malware?

storm361
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-12-21
OS OS : Windows XP
Points Points : 25558
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by Belahzur on 21st December 2009, 6:36 pm

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by storm361 on 21st December 2009, 6:48 pm

The program won't even let me into Explorer...I am on my laptop right now. The first thing I get is the "Security Tool" window, which overlaps a blank IE window. It does a scan and tells me I have "33 infections" and lists various worms, malware, trojans, rogues...but I can't get to a window to open anything else...

storm361
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-12-21
OS OS : Windows XP
Points Points : 25558
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by storm361 on 21st December 2009, 7:08 pm

Tried again...managed to get around the "security tool" windows, but is blocking the download -- message says it's infected.

storm361
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-12-21
OS OS : Windows XP
Points Points : 25558
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by Belahzur on 21st December 2009, 7:22 pm

You've managed to download it though right? if not, we may need to use another machine ans transfer tools over via USB or CD.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by storm361 on 21st December 2009, 8:13 pm

It is downloaded to the laptop I am using right now...I can't tell whether it downloaded successfully to the PC because the pop ups keep saying it's a malicious download...

storm361
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-12-21
OS OS : Windows XP
Points Points : 25558
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by Belahzur on 21st December 2009, 9:02 pm

Okay, well we'll have to go with the method of transferring tools from your laptop, and see if you can run them then.

Let me know how that goes.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by storm361 on 21st December 2009, 9:09 pm

uhhhh help... Can't Believe It can I just download HijackThis directly to the USB disk, or do I copy the file? Thanks for taking the time to help me!!!!!!!

storm361
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-12-21
OS OS : Windows XP
Points Points : 25558
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by Belahzur on 21st December 2009, 9:13 pm

Yeah, download onto your USB, then carry across onto the infected machine, then try running it on that machine and see if it works.

Let me know if it doesn't.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by storm361 on 21st December 2009, 9:55 pm

:sad: Had difficulty getting past the "Security tool" screens, when I finally did and accepted the terms, thehe "Security Tool" popped back up and said "HijackThis.exe is infected with worm lsas.blaster.keyloger and is attempting to send my credit card details to a remote host". Wont let me go past these pop ups again.

storm361
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-12-21
OS OS : Windows XP
Points Points : 25558
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by Belahzur on 21st December 2009, 10:07 pm

Thought so, can you try renaming HijackThis.exe to explorer (so it's called explorer.exe) and see if it will run.

If not, let me know.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by storm361 on 21st December 2009, 11:19 pm

The program pops up, but it appears the "system tool" is blocking it. I managed, somehow, to get the malwarebytes to run from the start menu..hopefully it can quarantine this...the "system tool" popups just stay on the screen. no icons visible unless I cut the computer off and back on. Malwarebytes has been running a little over 50 minutes now...

storm361
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-12-21
OS OS : Windows XP
Points Points : 25558
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by Belahzur on 22nd December 2009, 1:09 am

Full scan mode or quick scan?
See if you can get a log when done.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by storm361 on 22nd December 2009, 5:27 am

I have two logs from full scans -- one from HackThis and the other from Malwarebytes. How do I get these to you?

storm361
Novice
Novice

Posts Posts : 8
Joined Joined : 2009-12-21
OS OS : Windows XP
Points Points : 25558
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Wndows XP/Security Tool

Post by Belahzur on 22nd December 2009, 6:02 pm

You'll need to transfer from over from USB if you can't post them from the infected machine itself.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum