Wednesday, December 29, 2010

How To Remove Security Tool

 To Remove Security Tool and other Rogue/Fake Antivirus Malware
If you have a PC infected with Security Tool, you’re probably reading this article so you can understand how to get rid of it. Thankfully we’ve got the instructions to help you get rid of this virus.
Security Tool is just one of many fake antivirus applications like Antivirus Live, Advanced Virus Remover, Internet Security 2010, and others that hold your computer hostage until you pay their ransom money. They tell you that your PC is infected with fake viruses, and prevent you from doing anything to remove them.
This particular virus blocks you from doing most things, like Task Manager…
It also gives you loads of error messages that just seem to pop up constantly.
And worse, it blocks you from running malware removal tools:
First we’ll walk through the general steps that usually apply, but you can skip down to read the specific steps that we used to remove this virus.
Removing Rogue Fake Antivirus Infections (General Guide)
There’s a couple of steps that you can generally follow to get rid of the majority of rogue antivirus infections, and actually most malware or spyware infections of any type. Here’s the quick steps:
  • Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
  • If that doesn’t work, reboot your PC into safe mode with networking (use F8 right before Windows starts to load)
  • Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
  • Reboot your PC and go back into safe mode with networking.
  • If that doesn’t work, and safe mode is blocked, try running ComboFix
  • Note that I’ve not yet had to resort to this, but some of our readers have.
  • Install MalwareBytes and run it, doing a full system scan. 
  • Reboot your PC again, and run a full scan using your normal Antivirus application (we recommend Microsoft Security Essentials).
  • At this point your PC is usually clean.
Those are the rules that normally work. Note that there are some malware infections that not only block safe mode, but also prevent you from doing anything at all. We’ll cover those in another article soon, so make sure to subscribe to How-To Geek for updates (top of the page).
Removing Security Tool
Since the above steps don’t always work, and Security Tool seemed to do a pretty good job of killing the malware removal tools I tried to use, I found another method to kill the virus off so I could begin the work of removing it.
First, we’ll need to know the username—if you aren’t sure what that is, right-click on the Start button and choose Open, then you can see it right in the location bar:
Next, open up the Start Menu, and then click the Run button (or use the Win+R shortcut key), and then type in the following command, substituting your own username if it is something other than administrator.
taskkill /f /fi “username eq administrator”
Note: If it doesn’t kill the virus the first time, you might have to use it again. Don’t be alarmed when your start menu disappears.
If all went well, the virus is dead and so is everything else including your start menu. Use the Ctrl+Shift+Esc shortcut key combination, and then go to File –> Run, and type in explorer to re-open the start menu and taskbar.
Note: If you find that the virus still isn’t dead, you can repeat the steps again.
Use SUPERAntiSpyware to Clean the Malware
Now that we’ve killed off all those processes, we’ll get to removing the actual malware from the system by downloading SUPERAntiSpyware and installing it. You should be able to grab the full version, or you can use the portable variety that we’ve already recommended.
If you grabbed the full version, make sure to use the Check for Updates button, and then click the Scan Your Computer button… make sure to perform a Complete Scan, and select all of your drives. 
Once it’s done, it’ll let you remove them all in a click, and then prompt you to reboot. Job isn’t done, however!
Install Malwarebytes and Scan 
Next you’ll want to install MalwareBytes and run it, making sure to run a full scan. The main reason to do this is because there’s no way a single malware removal tool can know about every single piece of malware out there, and you may as well make sure your system is clean.
Install Microsoft Security Essentials
You should definitely install Microsoft Security Essentials and run another full scan once you’re done.
Note: If you used a thumb drive at any point during this process, you should make sure and scan that as well—I’ve had viruses hop over to the thumb drive, ready to infect the next machine.

No comments:

Post a Comment