I got a computer with the Security tool virus infection. I could not access my task manager, or run antivirus software since the program would keep shutting it down.
I booted a ubuntu live cd and opened up the terminal command line
sudo fdisk -l
mkdir disk1/
sudo mount /dev/sda3/ disk1/
Then I went to disk1/ProgramData/ and I saw a random number folder:
15567630 and inside was 15567630.exe which after reading around online I suspected to be the executable. So I deleted it.
rm 15567630/ -R
Then I rebooted the computer into windows (NOT RESUME, new reboot). This allowed me to install mbam-setup.exe (walwareby Anti Malware) to scan and do a complete removal). I did not see any signs of the virus before hand and I may have been good but I wanted to do a full scan anyway.
I also noticed that a desktop shortcut to security tools was broken (cause I deleted it :) ).
Post questions and I'll do my best to answer
Thursday, December 24, 2009
Subscribe to:
Posts (Atom)