A quick word of thanks for helping us out with a Security Tool malware/ virus/ infection we had over the weekend. Without your site and free tools we wouldn’t be free of the bug so quickly and for free.
I’m in England and use a mac ibook g4. I look forward to reading the latest Malware protection stuff on your site as my friend's PCs suffer from the occasional infection.
I would also like to write up my experience in the hope it may help the other struggling un-geeks out there who fancy tackling this bug by themselves, with the help of this site.
We had this attack very soon after my girlfriend’s computer a laptop running Windows XP was updated with the latest Internet Explorer 8 by her ISP, BT Internet. They run a built-in antivirus software from McAfee called BT Netprotect Plus which didn’t prevent the infection happening.
I used to be on Castlecops’ website and followed their procedure for malware removal including scanning with Spybot Search and Destroy, running Adaware, and AVG. Unfortunately the PC didn’t have these loaded as my girlfriend put her trust in McAfee. Also, McAfee uninstalls Search and Destroy, wtf!
The Security Tool virus was too active to allow these items to be downloaded as it almost froze the PC with pop-ups and bogus warnings.
I followed your process I found on www.bleepingcomputer.com/virus-removal/remove-security-tool. I downloaded the add-on bits of software you recommend from a friend’s PC and uploaded them onto the infected PC using a flash drive.
What I learned while following your process is
• work in the PCs Safe Mode as the Security Tool was too intrusive in normal PC mode;
• work online in Safe Mode, this is very important as the Malwarebytes’ software and rkill.com need to be up-to-date; and
• print off the malware procedure from bleepingcomputer.com and follow the process to the letter.
I first started using your process in normal PC mode, but the Security Tool infection prevented this, also as I was unable to get online, I couldn’t update the antivirus software Malwareytes’ Anti-Malware. This proved a big timewaster, don’t do it.
We started in Safe Mode, off line, and were able to run Malwarebytes’ Anti-Malware, but it took over 2 hours to scan and although found a few items didn’t beat the infection. Only when I managed to get online wirelessly did Anti-Malware work effectively, as it was immediately updated with the latest version and scanned the system in under 30 minutes. It picked up a whole heap of Malware and secured it.
Initially I found that rkill.com didn’t work for me, it would flash up momentarily, closedown, and yet Security Tool would still be popping up. Only after getting online and operating rkill.com in the PCs Safe Mode and normal running did I see it doing its work by preventing the aggressive action of System Tool and slowing the PC down.
I ran Spybot Search and Destroy as soon as I could and it picked up nothing of consequence.
The PC is now clean, thanks to your processes, free software and write-ups. A donation is heading your way.