How to remove Security Tool rogue anti-spyware

Malware Description:
Security Tool (aka SecurityTool) is a trusty-named badware application that spreads its nasty executables via the use of dirty blackhat methodology. Security Tool injects its code without notifying the owner of the compromised PC, i.e. bypassing any and all authentication. A separate way of intrusion is browser hacking exemplified by Sitesecuritytest.com hijacker. Therefore, being an average PC user, you have all “chances” to discover someday that Security Tool is on your computer, even though you never installed it. When inside the host computer system and running, Security Tool triggers an obsessively immense number of popup ads that alert the user about the alleged location of PC viruses, trojans, worms, keyloggers and tons of other nasty stuff that needs to be removed at all costs. For instance, Security Tool may report the parasite called Spyware.IEMonster through annoying system tray alerts. This impression of having a severely contaminated machine is deceptive and must not be taken for granted. We are writing this with such confidence because Security Tool proved to have an empty security database at its disposal, so it cannot possibly find or eliminate any malware. Considering the above, the best way around with Security Tool is removing it, no matter how trustworthy and legit its name sounds. Important to know, Security Tool is known to disable the use of antivirus programs that could remove it. Additionally, this rogue tends to hide its directories so that the victim is unable to find and delete them. However, there is a pretty effective method to go about this. Go to ‘My Computer’ – ‘Local Disk’ (usually C drive) – ‘Documents and Settings’ – ‘All Users’. Choose ‘Tools’ option on top – click ‘Folder Options’ – hit ‘View’ tab. Under ‘View’ tab, put a check mark to select ‘Show hidden files and folders’ – and uncheck ‘Hide protected Operating System files’ option. Now, inside ‘Application Data’ folder you should be able to see Security Tool’s folder – it’s the one with 8 digit-long folder name. Open up that folder, you will see a process like ’12345678.exe’ inside that directory. Rename this process and make it, say, ’123test678.exe’. REBOOT your PC. You should now be able to see Security Tool icon on your desktop, and the virus should be paralyzed for a while. Use this ‘quiet’ period to download the remover below and run it to remove Security Tool once and for all. Please, follow Security Tool removal guide below to protect your cyber routine against the impact of this tricky and destructive malware.

Malware Type: Rogue Anti-Spyware

Malware Author: Innovagest2000 SL

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

Security Tool Free Scanner and Remover: Download Now

Security Tool Bogus Scanner Screenshot:

Security Tool Bogus Scanner

How to remove Security Tool and affiliated threats manually:
Manual removal of Security Tool is a feasible objective if you have sufficient expertise in dealing with program files, processes, .dll files and registry entries.

The files to be deleted are listed below:

  • %UserProfile%\Application Data\4946550101
  • %UserProfile%\Application Data\4946550101\4946550101.bat
  • %UserProfile%\Application Data\4946550101\4946550101.cfg
  • %UserProfile%\Application Data\4946550101\4946550101.exe
  • %UserProfile%\Desktop\Security Tool.lnk
  • %UserProfile%\Start Menu\Programs\Security Tool.lnk

The registry entries that need to be removed are as follows:

  • HKEY_CURRENT_USER\Software\Security Tool
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “4946550101″

Please, be aware that manual removal of Security Tool is a cumbersome process and does not always ensure complete deletion of the malware, due to the fact that some files might be hidden or may get reanimated automatically afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal of Security Tool, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.

Download Security Tool Automatic Remover

Like This Article? Let Others Know!

Reader's Comments:

  1. Steve selmes |

    computer shuts down before program can down load. There needs to be sdomething down about web sites that carry this program. Why are they allowed to operate on theinternet? Seems to me that regulation of activity on interent is long over due. All that the current system of open slather does is to allow these rogues to continue their activity. This is a brand new computer that is now completely useless.

  2. roland |

    Unable to run the file. Looks like the badware is preventing it from running, a message balloon says the file is infected with lsas.blaster.keyloger…

  3. admin |

    Roland,
    Try booting into Safe Mode by hitting F8 repeatedly while your computer is starting. Safe Mode should impede Security Tool from blocking the remover above.
    Give it a shot, it should help!
    admin

  4. joe blow |

    I got rid of it by going into safe mode (press f8 during boot) and looking at the properties of the shortcut on the desktop. It pointed to the executable file C:\Documents and Settings\All Users\Application Data\24180116\24180116.exe.

    I deleted this executable file and removed the desktop and startup-menu shortcuts. After I rebooted into normal XP mode I was back in control. I went into the registry editor and deleted the items HKEY_CURRENT_USER\Software\24180116 and HKEY_LOCAL_MACHINE\Software\24180116. Then, I used the tool above to remove the rest of Total Security scam

    The trick is to follow the Security Tool shortcut to the executable file. Once you delete it, your probably OK. I just wanted to remove all trace of it.

  5. Jup |

    I didn’t have the shortcut to follow, but I looked in task manager and found the process (which was just a randomly generated number) and just used the search tool to find the .exe

    But how do you get to the registry entries?

  6. Andrea |

    Upon startup, immediately hit control-alt-delete to open the task manager. Go to the task manager and end the .exe file that starts with a bunch of random numbers. That’s the Security Tool application. It will end it so you can then go and start the removal process. It’s the only way I was able to get past it.

  7. Chad |

    I apparently caught some worm that reinstalled the program after the first delete. If you have this issue, here’s what to do:

    If SecurityTool is currently running, reboot your machine. When windows first starts back up, if you’re quick about it you can Ctrl-Alt-Del to bring up the task manager BEFORE SecurityTool loads, and then use Task Manager to kill the process. If you’re not quick enough, reboot and try again.

    Then follow the directions above, of course, but while you’re in the registry check HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run for any other malicious-looking entries–I found two other entries that, between them, reinstalled the program after I deleted it the first time.

  8. Hector O |

    Tks to joe blow. I did it.

  9. Edgar |

    I had same problem and found a couple of instances of the infection on mentioned above folders/registry entries but different 8-digit numbers in front of it (28411327 and 34840121) so make sure you consider that.

  10. admin |

    Jup,
    Use ‘Run’ option and type in ‘regedit’. This will open up the Registry Editor. Locate the needed entries there and delete them.
    Admin

  11. gjb |

    Thanks for the help everyone (especially Andrea and Chad) … running Task Manager quickly, before Security Tool malware had a chance to load was the trick to it all … I was then able to stop the malware process and use all the normal search tools on my computer to locate the problem files (after finding them via the Properties of the shortcut file left by the malware) on the hard drive and in the registry.

  12. mou mou |

    guys, thank you so much……

    u all save my day .

    ‘security tool’ go to hell!

  13. Brian Biolchini |

    Security tool will not allow your software to run thank you for trying

  14. Jackie |

    Thanks ya’ll it worked IM not that up on computers But I was able to follow this and get that crap off my computer

  15. cooly53 |

    SecurityTool can also be kept from starting by using msconfig then startup tab

  16. admin |

    Cooly53,
    You got a good point there!
    It’s a pretty effective way to go about Security Tool virus.
    Open up your ‘Start’ menu, choose ‘Run’ and type in ‘msconfig’. On the new window that opens, hit the ‘Startup’ tab and locate a numbered executable like ’4946550101.exe’ or similar. Untick this process. Save the changes and restart. Now that Security Tool malware is not loading at startup, you can go ahead, download and launch our removal tool.
    Admin

  17. Dave Bling |

    Thank You Joe Blow. You da man….

  18. Linda Edwards |

    Thank you for the help in removing security tool.

  19. Helen |

    Thanks to everyone, especially Andrea, Chad, and the Admin, I got rid off the virus!

  20. Bernie |

    Thank you all!! THIS IS THE BEST SITE FOR THE ANSWER!

    Just a note: when I tried opening APPLICATION DATA, I couldn’t find the folder. So I typed it into the URL and it opened, and I was able to proceed.
    Good Luck everyone!
    4 1/2 hours later, I’m rid of it!!!
    Thanks!

  21. wur |

    Hi folks

    thanks a lot for these valuable hints and tricks. The 8 digit number was the key, if captured this nasty things hasn’t any chance to survive.
    Have a nice time
    with best regards WUR

  22. Terra |

    I want to thank everyone for their valuable information. Thank you for taking the time to leave your helpful comments. It really helped me get rid of this Annoying Bug. Thank You All Very Much!…….What a RELIEF it Is and Now I can RELAX.

  23. P***ed |

    Thanks everyone, now let me know where these fools are located so I can beat them like a red headed stepchild.

  24. scott |

    This is the one website that took care of my problem. Using the task-manager move is the key.

    Thanks so much!

  25. Michael |

    Hey everyone, first off I would like to thank everone for there time in putting in comments, it helped out a lot. However, I have an update. After following through everyones steps and input over and over again for six hours, I found something interesting. I am using Windows Vista Operating System. After you go to “Computer” -> “(C:), you might want to check there for weird folders before continuing on to “Users.”

    I found a folder named “cae1348d443f2995c234.” When I clicked on it, it said I didn’t have permission to continue, but it clicked again and it let me in. When it opended there was a file named “MRM” which after clicking on it, I didn’t have permission to enter it either. After working on the computer for over 6 hours, I decided to delete the program, then I deleted the folder. I figured if all else failed, I could completly reboot all my programs and files if need be, which would have sucked.

    I restarted the computer and Security Tool was no where to be seen. Thank God! I am in the process of running Spyware Doctor, PC Medkit, AVG 2011, and Ad-Aware, which hopefully, all traces of this stupid program are deleted.

  26. Michael |

    Another update, I misstyped the folder name. Instead of “cae1348d443f2995c234,” the folders name was “cae33dc8384b7454c57dd0.” My appologies.

Post a Comment: