Barb’s Blog » Personal » Security Tool
Security Tool
When my friends and family have computer issues, they often come to be for advice or help. I like to help. Often their issues are challenging, but none more challenging than the spyware I had to deal with this week. I thought to share it as someone could be looking for help.
It’s called Security Tool.
It’s a rogue antivirus application that deliberately gives reports of false system security threats on your computer and displays fake security alerts or notifications to make you think your PC is infected with malware.
Once running, the bogus program will block legit programs and especially anti-virus software. Another interesting thing is that if you click on Updates button, you will see “Updating”, but actually there is no network activity.
One such warning it gives is: “Security Tool Warning spyware.IEMonster activity detected. This is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs. Click here to remove it immediately with SecurityTool.”
SecurityTool will hijack web browsers and block certain security websites obviously to protect itself from being deleted.
None of my usual methods worked to get rid of the program. I tried control alt delete to see if I could stop programs running. It wouldn’t open the task manager. I tried run-msconfig to see if I could stop programs running in the background, it wouldn’t let me. I tried starting up in safe mode, it wouldn’t let me. NONE of the usual things worked. I then installed SuperAntiSpyware, one of my favorite programs, it wouldn’t let it run. I tried HijackThis, another program I had success with in the past. Nothing. It wouldn’t even open the registry editor, and I usually stay away from that, but was desperate enough to go there this time. My last typical thing to try to run was to go to DOS, yet another thing that wasn’t allowed to run.
Since I finally realized that I wasn’t dealing with spyware.IEMonster like the program suggested, but Security Tool, I did a search to learn more about it. Much of what they directed to do I had already tried with no ability to do it.
If you find that you have this issue, the first thing you will need is KILLBOX, to delete all the malicious programs running. As soon as I did that, her icons appeared on her desktop.
Next, you will need Malwarebytes. This program found 319 infected files and cleaned the laptop right up.
I am glad I was finally able to help, but there were a few times I was ready to give up and tell her to seek a professional.
Nasty business that Spyware.
Filed under: Personal · Tags: bogus, files, infected, killbox, laptop, malwarebytes, program, security took, security tool, spyware, spyware.iemonster
2 Responses to "Security Tool"
Leave a Reply
Archives
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
It sounds like a particularly nasty version of the XP Antivirus or WinAntivirus malware.
I’ll have to check out Killbox, it looks pretty good.
Tools I love for malware cleanups are Process Explorer and Autoruns, both by Sysinternals.
Process Explorer, in particular, allows me to enter suspicious process and thread names and find all the processes that are holding that suspect process open.
hi i had the same problem .i had iemonster it seemed to be protected by security tool,spent 3 hours trying to clear it ,i could download free scans but couldnt clean it,i finaly downloaded godzilla free scan ,while this program was scanning my computor ,i ran sytem restore this seems to have got my computor back to normal ,i then download a new anti virus ,so far so good