search
top

Security Tool Virus

Warning: Be careful, don’t believe anything this rogue software prompts to you and DO NOT delete the infected files found by it, because those are just legitimate files.

Security Tool and XP Security Tool 2010 are all new rogues (malwares) that are exactly the same program.

Security Tool is a rogue antivirus application that deliberately gives reports of false system security threats on your computer and displays fake security alerts or notifications to make you think your PC is infected with malware. The misleading application is from the same family as Total security 2009 and System Security. When installed, SecurityTool will be configured to start automatically when you log on into Windows. Then it will imitate system scan and display a variety of infections that can’t be removed unless you purchase the program. The files detected during the scan are either harmless or legitimate system files and can’t cause any damage to your computer.

Security Tool Popup

Security Tool is pushed through the use of Trojans, fake online anti-malware scanners and other malicious software. It is installed along with Trojans FakeAV that display fake security warnings and promote SecurityTool malware. Once running, the bogus program will block legit programs and especially anti-virus software. Another interesting thing is that if you click on Updates button, you will see “Updating”, but actually there is no network activity. It’s just another argument why Security Tool is classified as a rogue security application. What is more, this parasite will impersonate Windows Security Center and constantly display warnings/notifications about serious security threats and privacy issues. It may claim that your computer is under attack by an Internet virus or that private data can be stolen. For example:

“Security Tool Warning:”
Spyware.IEMonster activity detected. This is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs. Click here to remove it immediately with SecurityTool.

To make things worse, SecurityTool will hijack web browsers.  It also prevents you from launching your Windows Task Manager (to kill the program) or any other anti-virus tool/software.

How to remove this type of nasty virus?

  1. There are few FREE tools you need to download from the web to get rid of this virus, however, if your browser is being “hijacked”, then it will not allow you to go to any website except those spam sites carried by this Virus.  If this is the case, you must restart your computer in “Safe Mode With Networking”.  If you do not know how to do this, click here to learn how to start Windows in Safe Mode.
  2. Once you are able to get onto the web with your browser, goto http://www.technibble.com/rkill-repair-tool-of-the-week/ and download the rkill.com (or rkill.exe) tool.  Make sure you read the info about “rkill.”  Install and run rkill.com (or rkill.exe).  This will kill any of the virus process.
  3. Next you need to “Clean” all the Cookies that may contain the virus.  Goto http://www.piriform.com/ccleaner and download the FREE copy of the CCleaner Software.  Install and run it.  Please NOTE that the CCleaner will clear ALL the cookies in your PC, that means ALL the cookies that remember your Login IDs, Passwords, Browser History Files, etc. will be cleared.  This means you will have to re-enter Login info again when you go back your online website accounts.  All your browser history will be wiped out also.  Yes, this may cause you some pain, but it is a sure way to get rid of any virus residues.
  4. Now go to http://www.malwarebytes.org/ and download the FREE version of Malwarebytes, install and run it to scan and delete the virus.  It may take few hours to do this.  Follow the instructions on the website.  Once you get rid of the virus, you may want to consider to purchase a FULL version copy to monitor future potential attacks in real time.

I hope this help you to get rid of this nasty virus.  Feedbacks, comments or questions are welcome.

Leave a Reply

You must be logged in to post a comment.

top