Fake Security Tool Virus Information And RemovalSecurity Tool, also known as SecuirtyTool is a fake and malicious security protection program (Antivirus, spyware remover) categorized hijacker, which is spread by the use of Trojans. Many people call this form of malware “scareware” due to it’s method of scaring unknowing computer users into believing their computers have become infected with malware and viruses. Security Tool extorts money by providing a fake payment system as well as extracts victim information simply by their interaction with the malware (or redirection to drive-by-download websites: . Security Tool has infected many computer users since it emerged in 2009. Keep in mind, some versions of Security Tool malware may be titled Security Tool 2010, Security Tool 2011, and Security 2012 but most commonly are titled Security Tool due to mass distribution and evolution. Some versions of Security Tool parasites lock operating systems, similar to way ransomware acts and some are only introduced to victims for purposes of online credit card schemes.
Related files: Uninstall.exe, SecurityTool.exe, 4946550101.bat, 4946550101.exe, Security Tool.lnk
- Similar fake antivirus programs include : Live Security Platinum
- Similar ransomware inclues: FBI Moneypak ransomware
What are symptoms of Security Tool malware?
Security Tool malware has many symptoms, which can range from mild to severe depending on the parasite. Let’s go through them all.
- Security Tool prompts a fake security scan in a large pop up/program window showing various infections.
- Security Tool also prompts continuous fake alert messages, stating it has blocked programs from accessing the internet and gives the infected computer user the options to Activate Security Tool or continue unprotected.
- Security Tool blocks basic Window’s applications from being used, and may state such applications are infected with malware and viruses. In particular Security Tool often states the Task Manager has become infected and will not allow the computer user to use the program.
- Security Tool also blocks the use of Antivirus programs and malware removal software and claims they too have become infected with malware and or “worms”.
How to remove Security Tool malware
There are 2 different options to remove Security Tool malware for different scenarios:
- Malware Removal Software
- Manual Removal
Before one of these options can transpire, necessary steps due to various forms of this infection might be necessary. Some infected users may be able to operate their machines and use malware removal software to remove Security Tool with no problems, and some infected users can not access the necessary tools to successfully remove the Security Tool virus.
Malware Removal Software
- Install Malwarebytes
- Scan your computer for malicious files
- Malwarebytes will remove malicious files. View and save the promoted note log detailing malicious files.
[Small_Button class="lightblue"] Remove Malware [/Small_Button]
There are 4 different ways to manually remove fake Antivirus program Security Tool from your computer.
- Kill Security Tool’s malformed tasks
- Enter safe mode with networking, install malware removal, or manually remove files yourself
- Manually remove associated files and registry values (entries)
- Restore your computer to a date and time before infection
1. How to kill Security Tool task
There are 2 ways to do this, for different scenarios of this infection.
- Click Ctrl+Alt+Delete and open the Task Manager
- Under the Processes tab find this task or another generic numerical sequence of numbers and click End Process for any found: 4946550101.exe
1. First, you will need your computer username (the name you use to login to Windows)—if you aren’t sure what that is, right-click on the Start button and choose Open, you can see it right in the location bar, or navigate to Control Panel > User Accounts and Family Safety > User Accounts. Your username will be included in the window . Our example username is the number 1.
2. Next, open up the Start Menu, and then click the Run button (or use the Win+R shortcut keys).
3. Type the following command, substituting your own username if it is something other than ours: 1 the image below the command shows the username “administrator”.
[Normal_Box]taskkill /f /fi “username eq 1”[/Normal_Box]
Note: If it doesn’t kill the virus the first time, you might have to use it again… And don’t become alarmed if your start menu disappears.
4. If all went well, the Security Tool virus is dead and so is everything else including your start menu. Use the Ctrl+Shift+Esc shortcut key combination, and then go to File > Run, and type in explorer to re-open the start menu and taskbar.
Note: If you find that the virus still isn’t dead, you can repeat the steps again.
2. Safe Mode With Networking
Enter your computer in “safe mode with network” and install anti-malware software. Proceed to scan, and remove Security Tool malware.
1. Reboot your computer in “Safe Mode with Networking”. As the computer is booting tap the “F8 key” continuously.Use your keyboard to navigate to “Safe Mode with Networking” and press Enter. Shown below.
3. Search for Security Tool or associated programs in the list. Select the program and click Remove button.
If you are using Windows Vista/7, click Uninstall up near the top of that window.
When it asks you to reboot, please do so. After the computer reboots and you are back at your Windows Desktop (Normal Mode), please continue with the next step.
4. Launch Internet Explorer. In Internet Explorer go to: Tools->Internet Options->Connections tab.
Click Lan Settings button and uncheck the checkbox labeled Use a proxy server for your LAN. Click OK.
5. It is now recommended to download Malwarebytes and run a full system scan to remove Security Tool malware from your computer.
3. Delete Security Tool Directory Files and Registry Values (Manual)
Remove Security Tool Files
- %System Root%\Samples
- %User Profile%\Local Settings\Temp
- %Program Files%\SecurityTool
- %Program Files%\SecurityTool
- C:\ProgramData\[random numbers]\
- %Documents and Settings%\All Users\Start Menu\Programs\SecurityTool
- %Documents and Settings%\All Users\Application Data\SecurityTool
Remove Security Tool Registry Values
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “SecurityTool”
- HKEY_CURRENT_USER\Software\Vista Antivirus 2010
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “4946550101″
4. Restore/Recover In Safe Mode With Command Prompt
You can easily restore your computer to a date and time before infection to bypass Security Tool.
1. Restart/reboot your computer system. Unplug if necessary.
2. Enter your computer in “safe mode with command prompt”. To properly enter safe mode, after rebooting, press your computer’s “hot key” upon the boot menu. For instance, F8 – F11.
3. Once the Command Prompt appears type “explorer” and hit Enter.
4. Once Windows Explorer shows up browse to:
Win XP: C:\windows\system32\restore\rstrui.exe and press Enter
Win Vista/Seven: C:\windows\system32\rstrui.exe and press Enter