• Welcome to Tux Reports: Where Penguins Fly. We hope you find the topics varied, interesting, and worthy of your time. Please become a member and join in the discussions.

Pls help to remove Security Tool Virus

P

pol

Flightless Bird
My system has be caught with virus Security Tool virus spyware. Have anybody
experience with Security Tool removal from the system. I am looking for best
advice.

Please help
With many thanks

Pol
 
N

nass

Flightless Bird
"pol" wrote:

> My system has be caught with virus Security Tool virus spyware. Have anybody
> experience with Security Tool removal from the system. I am looking for best
> advice.
>
> Please help
> With many thanks
>
> Pol



Try to disable the running processes for this trojan by using the Task
manager or using the registry editor and locate these entries:
[-] HKEY_CURRENT_USER\Software\Security Tool <- remove this entry if exist
[-] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run =
"4946550101" ,- remove this entry if exist and other suspicious ones


Scan for malware and viruses and let us know your findings:

http://www.superantispyware.com/superantispywarefreevspro.html
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

BlackLight

http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/blacklight/
BlackLight
ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe

Easy Clean
http://www.f-secure.com/en_EMEA/security/security-center/easy-clean/


Run a scan from here on-line:
http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Download Avast Cleaner (offline scanner) from here:
http://www.avast.com/eng/avast-virus-cleaner.html
Comodo BOClean : Anti-Malware Version 4.27
http://www.comodo.com/boclean/boclean.html

If the above doesn't help or you denied to download such utilities try to
download the Hijackthis and send the report to one of
many
forums for analysis and troubleshooting or you can send it to me on my email
provided at the bottom:
When all else fails, HijackThis v2.0.2
(http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)

Can you please send me a copy at to_you_rossREMOVETHISCAPS@yahoo.co.uk ,
remove the obvious to email me.

HTH
nass
---
http://www.nasstec.co.uk



..
 
D

David H. Lipman

Flightless Bird
From: "pol" <pol@discussions.microsoft.com>

| My system has be caught with virus Security Tool virus spyware. Have anybody
| experience with Security Tool removal from the system. I am looking for best
| advice.

| Please help
| With many thanks

It is not a virus nor is Security Tool spyware. Security Tool is a fake anti malware type
tool that is a con for your money.

It isn't a "virus" because it doesn't self replicate.

It isn't spyware because it is spying on your computer.


Download, install, update and then execute, Malwarebytes' Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
P

pol

Flightless Bird
how I can locate HKEY_CURRENT_USER\Software . Please advice me the steps

With thanks


"nass" wrote:

>
>
> "pol" wrote:
>
> > My system has be caught with virus Security Tool virus spyware. Have anybody
> > experience with Security Tool removal from the system. I am looking for best
> > advice.
> >
> > Please help
> > With many thanks
> >
> > Pol

>
>
> Try to disable the running processes for this trojan by using the Task
> manager or using the registry editor and locate these entries:
> [-] HKEY_CURRENT_USER\Software\Security Tool <- remove this entry if exist
> [-] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run =
> "4946550101" ,- remove this entry if exist and other suspicious ones
>
>
> Scan for malware and viruses and let us know your findings:
>
> http://www.superantispyware.com/superantispywarefreevspro.html
> Malwarebytes© Corporation - Anti-Malware
> http://www.malwarebytes.org/mbam/program/mbam-setup.exe
>
> BlackLight
>
> http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/blacklight/
> BlackLight
> ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe
>
> Easy Clean
> http://www.f-secure.com/en_EMEA/security/security-center/easy-clean/
>
>
> Run a scan from here on-line:
> http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
> http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
> Download Avast Cleaner (offline scanner) from here:
> http://www.avast.com/eng/avast-virus-cleaner.html
> Comodo BOClean : Anti-Malware Version 4.27
> http://www.comodo.com/boclean/boclean.html
>
> If the above doesn't help or you denied to download such utilities try to
> download the Hijackthis and send the report to one of
> many
> forums for analysis and troubleshooting or you can send it to me on my email
> provided at the bottom:
> When all else fails, HijackThis v2.0.2
> (http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)
>
> Can you please send me a copy at to_you_rossREMOVETHISCAPS@yahoo.co.uk ,
> remove the obvious to email me.
>
> HTH
> nass
> ---
> http://www.nasstec.co.uk
>
>
>
> .
>
>
 
N

nass

Flightless Bird
"pol" wrote:

> how I can locate HKEY_CURRENT_USER\Software . Please advice me the steps
>
> With thanks



Try this:
Click Start >> Run >> Type in the text box:
regedit click [OK] or Hit [Enter] on your keyboard then locate these Keys:

[-] HKEY_CURRENT_URSE\Software

and
[-] HKEY_LOCAL_MACHINE\Software\\Microsoft\Windows\CurrentVersion\Run =
delete the entry for this viral application to help you gain control and run
scans from these apps I mentioned.
Let us know your progress or need further help!
HTH
nass
---
http://www.nasstec.co.uk




..
 
J

Jose

Flightless Bird
On Apr 6, 6:21 am, pol <p...@discussions.microsoft.com> wrote:
> My system has be caught with virus Security Tool virus spyware. Have anybody
> experience with Security Tool removal from the system. I am looking for best
> advice.
>
> Please help
> With many thanks
>
> Pol


Here is what you should NOT do:

You should not use Task Manager to remove running processes, and if
you did what processes would you remove?

You should not start editing the registry and removing things that
might exist. (How's that working out for you?)

You should not try things that might work.


The correct way to remove the Security Tool is to use the process that
has already been figured out, is well documented and does not involve
any guessing.

There are specific, well written and easy to follow instructions here:

http://www.bleepingcomputer.com/virus-removal/remove-security-tool

Please report your results.
 
P

Peter Foldes

Flightless Bird
Instructions on how to remove it

http://forums.malwarebytes.org/index.php?showtopic=45798

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"pol" <pol@discussions.microsoft.com> wrote in message
news:DDD72D90-F798-434E-890C-DEEC22B4A3DF@microsoft.com...
> My system has be caught with virus Security Tool virus spyware. Have anybody
> experience with Security Tool removal from the system. I am looking for best
> advice.
>
> Please help
> With many thanks
>
> Pol
 
P

PA Bear [MS MVP]

Flightless Bird
There is a very good chance that you are seeing the effects of a hijackware
infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/malwareremove/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7=> Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now run a thorough check for hijackware, including posting requested logs
in an appropriate forum, not here. DO NOT SKIP THIS STEP!!

Checking for/Help with Hijackware:
• http://mvps.org/winhelp2002/unwanted.htm
• http://inetexplorer.mvps.org/tshoot.html
• http://www.mvps.org/sramesh2k/Malware_Defence.htm
• http://www.elephantboycomputers.com/page2.html#Removing_Malware

**Chances are you will need to seek expert assistance in
http://spywarehammer.com/simplemachinesforum/index.php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php,
http://aumha.net/viewforum.php?f=30 or other appropriate forums.**

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.


pol wrote:
> My system has be caught with virus Security Tool virus spyware. Have
> anybody
> experience with Security Tool removal from the system. I am looking for
> best
> advice.
>
> Please help
> With many thanks
>
> Pol
 
M

Michael

Flightless Bird
If you're not familiar with the registry, STAY AWAY FROM IT! Running
Malwarebytes and Superantispyware usually fixes this, if you run both of
them in safe mode and do full scans.

--


"Don't pick a fight with an old man.
If he is too old to fight, he'll just kill you."


"pol" <pol@discussions.microsoft.com> wrote in message
news:FC70FC8F-59F9-4276-9441-DD3560DE1927@microsoft.com...
> how I can locate HKEY_CURRENT_USER\Software . Please advice me the steps
>
> With thanks
>
>
> "nass" wrote:
>
>>
>>
>> "pol" wrote:
>>
>> > My system has be caught with virus Security Tool virus spyware. Have
>> > anybody
>> > experience with Security Tool removal from the system. I am looking for
>> > best
>> > advice.
>> >
>> > Please help
>> > With many thanks
>> >
>> > Pol

>>
>>
>> Try to disable the running processes for this trojan by using the Task
>> manager or using the registry editor and locate these entries:
>> [-] HKEY_CURRENT_USER\Software\Security Tool <- remove this entry if
>> exist
>> [-] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run =
>> "4946550101" ,- remove this entry if exist and other suspicious ones
>>
>>
>> Scan for malware and viruses and let us know your findings:
>>
>> http://www.superantispyware.com/superantispywarefreevspro.html
>> Malwarebytes© Corporation - Anti-Malware
>> http://www.malwarebytes.org/mbam/program/mbam-setup.exe
>>
>> BlackLight
>>
>> http://www.f-secure.com/en_EMEA/security/security-lab/tools-and-services/blacklight/
>> BlackLight
>> ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe
>>
>> Easy Clean
>> http://www.f-secure.com/en_EMEA/security/security-center/easy-clean/
>>
>>
>> Run a scan from here on-line:
>> http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym
>> http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
>> Download Avast Cleaner (offline scanner) from here:
>> http://www.avast.com/eng/avast-virus-cleaner.html
>> Comodo BOClean : Anti-Malware Version 4.27
>> http://www.comodo.com/boclean/boclean.html
>>
>> If the above doesn't help or you denied to download such utilities try to
>> download the Hijackthis and send the report to one of
>> many
>> forums for analysis and troubleshooting or you can send it to me on my
>> email
>> provided at the bottom:
>> When all else fails, HijackThis v2.0.2
>> (http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php)
>>
>> Can you please send me a copy at to_you_rossREMOVETHISCAPS@yahoo.co.uk ,
>> remove the obvious to email me.
>>
>> HTH
>> nass
>> ---
>> http://www.nasstec.co.uk
>>
>>
>>
>> .
>>
>>
 
P

Pokey

Flightless Bird
On Apr 6, 6:39 am, "David H. Lipman" <DLipman~nosp...@Verizon.Net>
wrote:
> From: "pol" <p...@discussions.microsoft.com>
>
> | My system has be caught with virusSecurityToolvirus spyware. Have anybody
> | experience withSecurityToolremoval from the system. I am looking for best
> | advice.
>
> | Please help
> | With many thanks
>
> It is not a virus nor isSecurityToolspyware.  SecurityToolis a fake anti malware typetoolthat is a con for your money.
>
> It isn't a "virus" because it doesn't self replicate.
>
> It isn't spyware because it is spying on your computer.
>

More accurately, because it ISN'T spying.:) [I've had that malware on
my computer more than once too.AND the infamous Goggle.com. After all,
how many of us HAVEN'T accidentally typed that?]
 
Top