Saturday, October 10, 2009

I'm INFECTED: -- Security Tool --- Malware

What this programs does:

Security Tool, otherwise known as SecurityTool, is a rogue anti-spyware programs from the group of Virus baddies as System Security. This program is deployed through the use of Trojans and web pop-ups. When exploited via Trojan it will be installed onto your computer without your permission or knowledge. When promoted via web pop-ups, you will be shown a pop-up when browsing the web that states your computer is infected. If you click on the pop-up you will be brought to a page that shows an fake but real advertisement for ananti-malware Scanner.It will prompt you to download and install a Security Tool onto your computer.

Security Tool screen shot
IS this what you get?

When the program is installed it will be configured to start automatically when you login to your computer. Once started, it will perform a scan, and when finished, state that there are numerous infections on your computer. If you attempt to remove these infections, though, it will not allow it until you first purchase the program. The reality is that the scan results are a scam and the infected files it states are on your computer are actually legitimate Windows files. With this said, please do not manually delete any of the files it states are infections as it may affect the proper operation of your computer.

When the program is running you will be shown numerous alerts on your desktop and from your Windows taskbar. These alerts will state that your computer is under attack, that the Security Tool firewall has blocked a malware program, or that active malware infections have been detected. The text of some of the alerts you may see are:

Security Tool Warning
Spyware IE Monster activity detected. This is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs.
Click here to remove it immediately with SecurityTool.

and

Security Tool Warning
Some critical system files of your computer were modified by malicious program. It may cause system instability and data loss.
Click here to block unauthorized modification by removing threats (Recommended)


If you are infected with Security Tool then please use the guide below to remove it from your computer for free.

If you have already purchased the program, then we recommend that you contact your credit card company and dispute the charges as this program is a scam.

Tools Needed for this fix:


Automated Removal Instructions for Security Tool using Malwarebytes' Anti-Malware:

  1. Print out these instructions as we will need to close every window that is open later in the fix.

  2. Download Malwarebytes' Anti-Malware, or MBAM, from the following location and save it to your desktop:

    Malwarebytes' Anti-Malware Download Link


  3. Once downloaded, close all programs and Windows on your computer, including this one.

  4. Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MBAM onto your computer.

  5. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure you leave both the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware checked. Then click on the Finish button.

  6. MBAM will now automatically start and you will see a message stating that you should update the program before performing a scan. As MBAM will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program as shown below.


    MalwareBytes Anti-Malware Screen

  7. On the Scanner tab, make sure the the Perform quick scan option is selected and then click on the Scan button to start scanning your computer for Security Tool related files.

  8. MBAM will now start scanning your computer for malware. This process can take quite a while, so we suggest you go and do something else and periodically check on the status of the scan. When MBAM is scanning it will look like the image below.


    MalwareBytes Anti-Malware Scanning Screen

  9. When the scan is finished a message box will appear as shown in the image below.


    MalwareBytes Anti-Malware Scan Finished Screen

    You should click on the OK button to close the message box and continue with the SecurityTool removal process.

  10. You will now be back at the main Scanner screen. At this point you should click on the Show Results button.

  11. A screen displaying all the malware that the program found will be shown as seen in the image below. Please note that the infections found may be different than what is shown in the image.


    MalwareBytes Scan Results


    You should now click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keysand add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so. Once your computer has rebooted, and you are logged in, please continue with the rest of the steps.

  12. When MBAM has finished removing the malware, it will open the scan log and display it in Notepad. Review the log as desired, and then close the Notepad window.

  13. You can now exit the MBAM program.

Your computer should now be free of the SecurityTool program. If your current anti-virus solution let this infection through, you may want to consider purchasing the PRO version of Malwarebytes' Anti-Malware to protect against these types of threats in the future.

If you are still having problems with your computer after completing these instructions, then please contact TVG for help!


Thanks.


Garett

__________________

CEO

TVG Consulting

IT Business Solutions

Remember:

Back your corporate data up, locally and remotely.

Need a Solution? Call us at: 818-579-7370

tech support 91601, tech support Santa Monica, Ca
Computer consultant 91601, computer consultant Los Angeles

No comments:

Post a Comment

Thanks for your thoughts or comments.