Security Tool Virus

[Detective Tommy]

SAS and Malwarebytes finally came up with clean scans.
But when I started normally, the virus popped up.

I'm currently trying combofix. But I have to go to work.
Combofix won't run. Something about admin command...

[Walbuls]

rightclick - run as admin maby?

Im at my ends for virus killing. If nothing works, look up the name of the fake virus tool and look for a specific guide or forum dedicated to killing it.

[baka1412]

Then you might wanted to log-in into your PC using Administrator account, since the current user should be your personalize account (e.g TOMMY)


I've never tried those anti-virus you're using, but it may seems like that they need Administrator access/privilege to fully fun their application.

[Akonyl]

grasping at straws here, but question, when did the virus pop up after the clean scan?

any chance it was when you clicked on a program or something?

[Abs.]

Going to laugh if it was just a pop-up that automatically came up again because his browser is set to re-open the last pages he was on.

[Akonyl]

Going to laugh if it was just a pop-up that automatically came up again because his browser is set to re-open the last pages he was on.

the guess I was going for was that some viruses bind .exes to open the virus instead of the exe itself, so that even after you shut it down it can pop back up if you don't clean out your registry (though I dunno if his system would come up clean in a scan in this case).

although, that would be pretty funny too.

[Detective Tommy]

@Walbuls, I tried right click --> run as admin but it didn't work. Thanks for all the help though! I asked the tech-guy forums.

@baka1412, I only have one account on my computer... Nobody uses it but me. Also, when pressing f8 there are only 3 options... 1) Safe Mode 2) Safe Mode w/ Networking 3) Safe Mode Command Prompt.

@Abs., No. My browser doesn't automatically re-open. The virus came out as soon as my computer opened. I typed in my password, and the Security Tool thing showed.

@Akonyl, How do I clean out my registry? I used rkill too, but it didn't remove anything..


ComboFix still doesn't work. I redownloaded SAS and Malwarebytes and I'm going to keep rescanning things.

[baka1412]

Try CCleaner, you'd be able to clean up all your internet caches, cookies (in case Abs was correct), and its also capable of cleaning your registries.

Btw, are you using Windows XP ? You could only access the Administrator account inside the safe mode, it will show up in the welcome screen above your personal profile account (if i remember correctly, its been a while...)

[Detective Tommy]

Try CCleaner, you'd be able to clean up all your internet caches, cookies (in case Abs was correct), and its also capable of cleaning your registries.

Btw, are you using Windows XP ? You could only access the Administrator account inside the safe mode, it will show up in the welcome screen above your personal profile account (if i remember correctly, its been a while...)

I already ran CCleaner when I was in safe mode. Also, no. I have vista.

[baka1412]

If only you still got the installer CD it would be much simpler to fix the registries.

You just need to run the installer and there should be an option to repair your corrupted / missing registries using the ones from the CD

[Detective Tommy]

If only you still got the installer CD it would be much simpler to fix the registries.

You just need to run the installer and there should be an option to repair your corrupted / missing registries using the ones from the CD

My CD drive is broken...

[Walbuls]

well, we could emulate a CD drive, but that wouldnt help since we would need to boot from that image, not just run it. If the tech forums cant kill it, your best bet would be to replace the drive or the PC so you can start anew.

[sstimson]

If only you still got the installer CD it would be much simpler to fix the registries.

You just need to run the installer and there should be an option to repair your corrupted / missing registries using the ones from the CD

My CD drive is broken...

I could try to help you as one of my hobbies is fixing software errors.

Questions
1) did you do a system restore
2) list all Firewalls,Anti spyware & antivirus programs
3) if you can do an online virus scan
4) update all programs you can including windows
5) set your antivirus program to do a boot scan
6) get an anti rootkit program like gmer
7) Pm me if you think I might be ablue to help

[Akonyl]

@Akonyl, How do I clean out my registry? I used rkill too, but it didn't remove anything..

as I said, rkill's purpose isn't to remove the malware. Its purpose is to kill the processes so that what's currently running stops running, so you can then kill off the virus with other spyware removal software.

as for editing your registry, I'll have to get back to you on that later when I can actually do things.

[ranger]

It may be time my friend... ;(