Question by UnderTheSeat: How do I get rid of the Security Tool spyware?
I downloaded a spyware program called Security Tool. It disgises itself as a Windows pop-up saying you are infected. And unfortunately for me, I was fooled. Now it’s blocking programs, slowing down my connection, and removed icons from my start-up. PLEASE HELP!
Best answer:
Answer by HaXoR
Download Malwarebytes Anti-malware from here : http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol and do a full scan of your computer. Once the scan is finished, remove any malware/virus found!
Know better? Leave your own answer in the comments!
Omg same!
I am sorry I don’t have an answer for you right now. I have the same thing on my computer now and am working on a few things on how to fix it. I will keep you in mind and if any of them turn out okay I will certainly get in touch with you on any positive results.
Shows you how to remove rogues, but works for other viruses too (By me):
http://www.youtube.com/watch?v=eGVWQgtCvtg
Use combofix from bleepingcomputer.com, then download malwarbytes(you may need to rename the installer/setup to something like winlogon.exe to be able to run or install it) from malwarebytes.com or softpedia.com, then clean the rest of the virus with superantispyware and Hitman Pro 3.5 from softpedia.com/cnet.com and just in case you do have a rootkit on your system use GMER from majorgeek.com(Use gmer to scan and anything in red delete.)
Future Protection use this wizard to recommend security protection for your system:
http://www.techsupportalert.com/secwiz
or go to safe mode and then do the above:
To get into Safe Mode with Networking:
1. Log out and reboot your machine.
2. When the machine starts the reboot sequence, press the F8 key repeatedly.
3. Select Safe Mode with Networking from the resulting menu.
Note: Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware.
Or Manually:
Terminating the process:
1.I verify that a Rogue is present. This isn’t hard, since it’s usually popping up just about every few seconds.
2.Click CTRL-ALT-DELETE (if it’s available)
3.Click Task Manager
4.Click Processes
5.Find a process that usually contain all numbers. For example 2342342.exe. If you do not see all numbers then your rogue has a name like…SystemSecurityPro.exe or GreenAV.exe…etc.
6.Select that process and click end process.
7.At this point the rogue process has been terminated.
Removing Rogue Anti-virus that is named with random numbers.
or If you can’t open task manager then use Rkill from http://download.bleepingcomputer.com/grinler/rkill.com
1.Click Start
2.Click Run (or for Vista/Win7 type in the start search box)
3.For windows xp type: C:documents and settingsall usersApplication Data and click OK. A window will open containing a folder with about 8 numbers. Your Rogue is in there. Delete that folder.
4.For Windows Vista/Win7 type C:usersall users in the “start search” box and click enter. Your randomly named folder with about 8 digits should be in there. Delete it.
Removing Rogue Anti-Virus that has a name like System Guard Pro, AV2010, etc
1.Open Windows Explorer.
2.Open your C: drive.
3.Open Program Files
4.Find the Rogue and Delete the folder.
If not seek an expert. Good Luck!
To unblock the programs and install removal tool, you’ll have to stop Security Tool main process using Task Manager: http://www.pcindanger.com/security-tool-removal.html
Try to reboot your PC in Safe Mode with Networking and run a system scan. Full details on how to remove Security Tool can be found here:
http://deletemalware.blogspot.com/2010/01/how-to-remove-security-tool-virus-from.html
http://www.bleepingcomputer.com/virus-removal/remove-security-tool
Security Tool has been quite active in its pursuit of destroying PC’s, making life quite difficult for computer users.
I suggest you follow the link provided, and check out the information provided on how to remove this PC parasite:
http://www.spyware-techie.com/securitytool-or-securitytool-removal-guide/
Security Tool is really hard to get rid of. I would offer you free manual removal instructions but this is both very hard and dangerous if you are not a computer expert. If you remove the wrong registry files you can actually do WORSE damage than the virus. The best thing to do is just get a specialized Security Tool removal tool. I highly recommend the one I use. You can scan your system for free with it at:
http://www.spyware-fix.net