Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SecurityTool malware keeps coming back

Status
Not open for further replies.
ITGuyLA

ITGuyLA

IS-IT--Management
Sep 29, 2009
12
US
I can’t believe this, a customer brings back his laptop for the 3rd time, and this malware keeps coming back! The customer brought his computer (Dell Inspiron 1150) infected with SecurityTool malware. I found info here how to remove it, did all the steps, installed and scanned with Malwarebytes' Anti-Malware and then with AVG – both with latest definitions. Malwarebytes' Anti-Malware found bunch of Trojans as well, I removed all, then did a follow up full scan with both programs, it all came out clean. The computer was working properly. Gave it back to the guy. This morning he calls me again “the virus is still there”!

So either the virus hid somewhere really cleverly, or he keeps getting his PC re-infected from the internet. In this case, how to I immunize his system against getting it again?

I wanted to format the hard drive and do clean OS install, but to complicate things, he does not have OEM Windows CD that came with his laptop. On the label it says that system came with Windows XP Home edition, now he has Windows XP Professional running, with different product key obviously. Should I try using generic OEM Windows XP Home CD and then plug the product key from the label on his laptop, and then download and install drivers for that model from Dell's site?
 
Sort by date Sort by votes
I expect this has been "resolved", but for future reference...

As for the Windows - I would just install Home to coincide with the license. My guess would be that the XP Pro that is on there is hacked and cracked.

As for the malware - I have had enormous success with Spybot Search & Destroy. Load the Tea Timer and IE Blocker. The only downside to the software is that it does not auto-update.

Hope this helps.

"If it's stupid but works, it isn't stupid."
-Murphy's Military Laws
 
Upvote 0 Downvote
The absolute best removal tool i have found so far is ComboFix from bleepingcomputer.com

Between it and a combonation of malware bytes i have had great success

Network+ Inet+ MCP
 
Upvote 0 Downvote
Thank you everyone. The issue had been resolved after I disabled system restore went to safe mode and ran full scan with Malwarebytes' Anti-Malware. Then I installed all Windows updates. I left the OS that he had on the computer. Had himm get full version of Malwarebytes' Anti-Malware (which enables real time protection). He did not bring the computer back since.
 
Upvote 0 Downvote
I would have the user use Firefox and install WOT.

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

chakib
  • Question
hi guys , i have a virtual machine avaya system manager SMGR 8.0.1 , a local backup is failed ! please help me thanks, ChakibBRAIKI
Replies
0
Views
355
chakib
chakib
Okiewild
  • Locked
  • Question
Popup malware keeps coming back after scans
Replies
3
Views
71
manhunter2826
manhunter2826
little65
  • Locked
  • Question
New Malware Attack 1
Replies
9
Views
111
dglienna
dglienna
MakeItSo
  • Locked
  • Question
Hacker keeps returning - any chances of getting him? 2
2
Replies
21
Views
184
compuveg
compuveg
Amboyduke
  • Locked
  • Question
Server keeps losing CALS
Replies
3
Views
81
Amboyduke
Amboyduke

Part and Inventory Search

Sponsor

Back
Top