Pls help to remove Security Tool Virus

[pol]

My system has be caught with virus Security Tool virus spyware. Have anybody
experience with Security Tool removal from the system. I am looking for best
advice.

Please help
With many thanks

Pol

 

[nass]

My system has be caught with virus Security Tool virus spyware. Have anybody
experience with Security Tool removal from the system. I am looking for best
advice.

Please help
With many thanks

Pol

Try to disable the running processes for this trojan by using the Task
manager or using the registry editor and locate these entries:
[-] HKEY_CURRENT_USER\Software\Security Tool <- remove this entry if exist
[-] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run =
"4946550101" ,- remove this entry if exist and other suspicious ones


Scan for malware and viruses and let us know your findings:

http://www.superantispyware.com/superantispywarefreevspro.html
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

BlackLight

http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/blacklight/
BlackLight
ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe

Easy Clean
http://www.f-secure.com/en_EMEA/security/security-center/easy-clean/


Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html
Comodo BOClean : Anti-Malware Version 4.27
http://www.comodo.com/boclean/boclean.html

If the above doesn't help or you denied to download such utilities try to
download the Hijackthis and send the report to one of
many
forums for analysis and troubleshooting or you can send it to me on my email
provided at the bottom:
When all else fails, HijackThis v2.0.2
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)

Can you please send me a copy at (e-mail address removed) ,
remove the obvious to email me.

HTH
nass
---
http://www.nasstec.co.uk



..

 

[David H. Lipman]

From: "pol" <[email protected]>

| My system has be caught with virus Security Tool virus spyware. Have anybody
| experience with Security Tool removal from the system. I am looking for best
| advice.

| Please help
| With many thanks

It is not a virus nor is Security Tool spyware. Security Tool is a fake anti malware type
tool that is a con for your money.

It isn't a "virus" because it doesn't self replicate.

It isn't spyware because it is spying on your computer.


Download, install, update and then execute, Malwarebytes' Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

 

[pol]

how I can locate HKEY_CURRENT_USER\Software . Please advice me the steps

With thanks

My system has be caught with virus Security Tool virus spyware. Have anybody
experience with Security Tool removal from the system. I am looking for best
advice.

Please help
With many thanks

Pol

Try to disable the running processes for this trojan by using the Task
manager or using the registry editor and locate these entries:
[-] HKEY_CURRENT_USER\Software\Security Tool <- remove this entry if exist
[-] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run =
"4946550101" ,- remove this entry if exist and other suspicious ones


Scan for malware and viruses and let us know your findings:

http://www.superantispyware.com/superantispywarefreevspro.html
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

BlackLight

http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/blacklight/
BlackLight
ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe

Easy Clean
http://www.f-secure.com/en_EMEA/security/security-center/easy-clean/


Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html
Comodo BOClean : Anti-Malware Version 4.27
http://www.comodo.com/boclean/boclean.html

If the above doesn't help or you denied to download such utilities try to
download the Hijackthis and send the report to one of
many
forums for analysis and troubleshooting or you can send it to me on my email
provided at the bottom:
When all else fails, HijackThis v2.0.2
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)

Can you please send me a copy at (e-mail address removed) ,
remove the obvious to email me.

HTH
nass
---
http://www.nasstec.co.uk



.

 

[nass]

how I can locate HKEY_CURRENT_USER\Software . Please advice me the steps

With thanks

Try this:
Click Start >> Run >> Type in the text box:
regedit click [OK] or Hit [Enter] on your keyboard then locate these Keys:

[-] HKEY_CURRENT_URSE\Software

and
[-] HKEY_LOCAL_MACHINE\Software\\Microsoft\Windows\CurrentVersion\Run =
delete the entry for this viral application to help you gain control and run
scans from these apps I mentioned.
Let us know your progress or need further help!
HTH
nass
---
http://www.nasstec.co.uk




..

 

[Jose]

My system has be caught with virus Security Tool virus spyware. Have anybody
experience with Security Tool removal from the system. I am looking for best
advice.

Please help
With many thanks

Pol

Here is what you should NOT do:

You should not use Task Manager to remove running processes, and if
you did what processes would you remove?

You should not start editing the registry and removing things that
might exist. (How's that working out for you?)

You should not try things that might work.


The correct way to remove the Security Tool is to use the process that
has already been figured out, is well documented and does not involve
any guessing.

There are specific, well written and easy to follow instructions here:

http://www.bleepingcomputer.com/virus-removal/remove-security-tool

Please report your results.

 

[Peter Foldes]

Instructions on how to remove it

http://forums.malwarebytes.org/index.php?showtopic=45798

 

[PA Bear [MS MVP]]

There is a very good chance that you are seeing the effects of a hijackware
infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7=> Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now run a thorough check for hijackware, including posting requested logs
in an appropriate forum, not here. DO NOT SKIP THIS STEP!!

Checking for/Help with Hijackware:
• http://mvps.org/winhelp2002/unwanted.htm
• http://inetexplorer.mvps.org/tshoot.html
• http://www.mvps.org/sramesh2k/Malware_Defence.htm
• http://www.elephantboycomputers.com/page2.html#Removing_Malware

**Chances are you will need to seek expert assistance in
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php,
http://aumha.net/viewforum.php?f=30 or other appropriate forums.**

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

 

[Michael]

If you're not familiar with the registry, STAY AWAY FROM IT! Running
Malwarebytes and Superantispyware usually fixes this, if you run both of
them in safe mode and do full scans.

--


"Don't pick a fight with an old man.
If he is too old to fight, he'll just kill you."

how I can locate HKEY_CURRENT_USER\Software . Please advice me the steps

With thanks

My system has be caught with virus Security Tool virus spyware. Have
anybody
experience with Security Tool removal from the system. I am looking for
best
advice.

Please help
With many thanks

Pol

Try to disable the running processes for this trojan by using the Task
manager or using the registry editor and locate these entries:
[-] HKEY_CURRENT_USER\Software\Security Tool <- remove this entry if
exist
[-] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run =
"4946550101" ,- remove this entry if exist and other suspicious ones


Scan for malware and viruses and let us know your findings:

http://www.superantispyware.com/superantispywarefreevspro.html
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

BlackLight

http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/blacklight/
BlackLight
ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe

Easy Clean
http://www.f-secure.com/en_EMEA/security/security-center/easy-clean/


Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html
Comodo BOClean : Anti-Malware Version 4.27
http://www.comodo.com/boclean/boclean.html

If the above doesn't help or you denied to download such utilities try to
download the Hijackthis and send the report to one of
many
forums for analysis and troubleshooting or you can send it to me on my
email
provided at the bottom:
When all else fails, HijackThis v2.0.2
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)

Can you please send me a copy at (e-mail address removed) ,
remove the obvious to email me.

HTH
nass
---
http://www.nasstec.co.uk



.

 

[Pokey]

From: "pol" <[email protected]>

| My system has be caught with virusSecurityToolvirus spyware. Have anybody
| experience withSecurityToolremoval from the system. I am looking for best
| advice.

| Please help
| With many thanks

It is not a virus nor isSecurityToolspyware.  SecurityToolis a fake anti malware typetoolthat is a con for your money.

It isn't a "virus" because it doesn't self replicate.

It isn't spyware because it is spying on your computer.

More accurately, because it ISN'T spying. [I've had that malware on
my computer more than once too.AND the infamous Goggle.com. After all,
how many of us HAVEN'T accidentally typed that?]

 

[sanny.fairy52]

To get rid of security tool virus, you can go for manual deletion of all its associated processes, files and invalid registry keys existing on the affected system. This will help you to get rid of its serious infections.

The same solution applies when you go to remove Windows Interactive Safety fake security program.

http://www.spywareremoval-programs....ive-safety-rogue-security-program-a-quick-way

 

[spriyasen86]

Getting infected with rogue anti-spyware programs that are actually aimed at targeting innocent users for ripping their money off is most threating and this is what i realized day before when Windows Interactive Safety program started showing me numerous fake alerts. I looked for the solution and tomy wonders i found this post - http://www.malwareremovals.net/remo...-get-rid-of-rogue-security-program-completely really informative & helpful, that helped me know all about the threat & wayout for its removal. if any of you people are having problem with the same, you look for the help here.

 

[Hot-Text]

Getting infected with rogue anti-spyware programs that are actually aimed at targeting innocent users for ripping their money off
is most threating and this is what i realized day before when Windows Interactive Safety program started showing me numerous fake
alerts. I looked for the solution and to my wonders i found this post -
malwareremovals.nxt/remove-windows-interactive-safety-how-to-get-rid-of-rogue-security-program-completely really informative &
helpful, that helped me know all about the threat & way out for its removal. if any of you people are having problem with the
same, you look for the help here.

Getting infected with Non-anti-spyware,
9 times out of 10 the users was not innocent,
for he was looking for Porn of illegal downloads..

Microsoft Sacristy Essentials will get-rid-of-rogue-security-program-completely
< http://windows.microsoft.com/en-US/windows/products/security-essentials >