It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Extreme Malicious Attack

page: 1
0

log in

join
share:

posted on Oct, 23 2009 @ 12:25 AM
link   
Guess that's about right, got a phone call from my mum.

Said her computer was all messed up, after she went to a link, I won't name the name, because, then you'll get it lol.

Well it blocked her desktop, and all you can see is SecurityTool, you have 30 new viruses, Keyloger, credit information is being exchanged, and on and on and on.

I tried helping her out, for a few hours, then gave up.

She cannot go or download anything from anywebsite, it refuses, you cannot run the computer is safe mode, you cannot go to the Ctrl Alt Delete command, you cannot run a command.

You can only navigate around SecurityTool bs pop up...

Now I know its a scam but I had her contact the banks and have things changed and locked till everything is in the clear, just to be on the safe side.

She has one virus prevention detector, but it's compromised and unable to open.

There is really nothing you can do from what i've tried, if anyone has any help it's much appreciated...

She got if off of facebook though.




posted on Oct, 23 2009 @ 01:49 AM
link   
reply to post by Republican08
 


Download a few,take them over to your mom's

FREE Bootable Antivirus Rescue CD's

Bootable AntiVirus Rescue CD, a bootable CD source that performs scans and removes computer virus without booting operating system first. Most of bootable Rescue CD builds based on Linux Live CD distribution whereby it can load a simple operating system without writing any system files on your hard drive.


If your "GEEKY" use this one

Hiren's boot CD
How to Remove Spyware from your Computer


[edit on 23-10-2009 by The Utopian Penguin]



posted on Oct, 23 2009 @ 08:25 AM
link   
How to remove security tool

I'd also use these on a regular basis...

Malwarebytes Anti Malware

Ccleaner

Glarys


I have Commodo Anti Virus and Firewall on my laptop.
AVG anti virus and Zone Alarm on my Desktop.

I run Ccleaner and Glarys daily on both after using the PC's.

I run a Virus scan every week.

Every month, I run complete scans using :

AVG
Commodo
Malwarebytes
Spybot Search and Destroy
Ccleaner
Glarys
Defraggler

Update each of those programs before using, it's a one click dealio.

Simple maintenance = great performing PC's

[edit on 23-10-2009 by elevatedone]



posted on Oct, 23 2009 @ 08:38 AM
link   
You'll find that going to any anti-virus websites will be stopped as the trojan horse has taken over these sites.

What I recommend is doing the following as my brother had a similar problem and we managed to get through it this way

1) Edit windows hosts file. Cannot remember the name, but its in the windows\system or system32 under either lmhosts or hosts file. Put every anti-virus/anti-malware website in here pointing to a different site.

so...

202.202.202.202 antivirus1
202.202.202.203 antivirus2

The above IP addresses matches the IP addresses of the websites you're going to. So now do a 'nslookup' in CMD of the anti-virus and anti-malware websites and place them here.

2) go to antivirius1...

etc...

3) Download the program

4) RENAME the executable file of the program so if its avg.exe rename it to avgrun.exe

5) Run the program necessary.

6) If the program needs to download an update and the trojan is PREVENTING you to do so go to point "1" ie, edit the HOSTS file and place the update website there.

Once you run the program, it should locate and remove the trouble maker.

Good luck

Marty



posted on Oct, 23 2009 @ 09:01 AM
link   
I have seen this bugger before.

I comes from people who use face-book... seriously.

Security tool is a virus masquerading as antivirus program.

Elevated has the right idea, but left out one important step
(you noob, you)

Try launching the computer in "SAFE MODE".

Hit the power button and begin hitting the F8 button on the keyboard.

Safe mode starts the computer without most programs running.

You can "NOW" do a search of the hard-drive for securitytool.

remove all signs of it that are found. (delete them)

Make sure you go to C>programfiles>securitytool and delete it.

Also, you WILL need to remove it from the registry.

From the run line type,"regedit"

From the toolbar right-click edit and type in securitytool

Keep hitting "find next" and removing all signs of securitytool.

Now you can install all the programs elevated suggested.

Update each and run them until each program stops finding things.

However, run them in this order:

Ccleaner, glary's utilities, malwarebytes(hey I don't name em), AVG antivirus.

(The Utopian penguine's advise is very good and accurate, but may be a bit more complex for those less knowledgeable.

If you still have issues, you can do "MSCONFIG" from the run line and uncheck securitytool from the startup list.

Don't feel bad, this one is a real buggger to get.



posted on Oct, 23 2009 @ 09:06 AM
link   
reply to post by mrmonsoon
 


Some of these new "virus'" are removing your ability to boot into safe mode. At least the one I had.

So, yes mrmon is correct, safe mode.

2 of the fixes I've seen for the latest round of malware required downloading the fix and then renaming it so that it could be executed.


*bows to master*



posted on Oct, 23 2009 @ 09:08 AM
link   
Keep in mind...

this mawlare really isn't "hurting" your PC.

They're trying to get you to buy thier "product" which doesn't really exist.

Never Never, enter your CC info to buy a "fix" for malware or virus'. There's almost always enough info on the web to get it removed yourself.

Or, a friend who can help via long distances and manny chats.



posted on Oct, 23 2009 @ 09:15 AM
link   
reply to post by elevatedone
 


Respectfully, you are mistaken.

This virus opens a backdoor and allows Trojans in, so it IS a problem having it on computer.





posted on Oct, 23 2009 @ 09:56 AM
link   
reply to post by mrmonsoon
 


Oooops.

Ok, the one that I had was only asking for money. my bad.


I hope.






[edit on 23-10-2009 by elevatedone]



posted on Oct, 23 2009 @ 11:31 AM
link   
This is why I love ATS, always a helping hand


Thanks guys I look forward to taking a crack at this.



posted on Oct, 23 2009 @ 11:51 AM
link   
reply to post by Republican08
 


Our invoices will be in the mail shortly. Cash only please.





posted on Oct, 23 2009 @ 01:22 PM
link   
forget it man, before formating the partitions just delete them,so the sectors can reconstruct them selfs,some viruses are left even after formating.
so use the windows xp cd to delete and format the partitions and start a new.smart thing that you calld the banks,better teach your mother to not click links



posted on Oct, 23 2009 @ 07:34 PM
link   
I had a virus / trojan earlier this year and started a thread to ask for help:

www.belowtopsecret.com...

I am sure the advice you have received already is very good, but I thought you might like to read my thread too as there is some very helpful information there. ATS members took a lot of trouble and were very good to me.

[edit on 23-10-2009 by berenike]



new topics

top topics



 
0

log in

join