Malware called Security tool

I am using Avast! 4.8 Professional version and it failed to stop this horrible malware program from getting on my computer called Security Tool. Avast failed to remove it when I ran a thorough scan. Avast failed to remove it when I did another thorough scan in Safe Mode. So insidious is this malware it prevented MalwareBytes from being installed. It also prevented Microsoft Malware Removal from installing. Anything you click on your computer it throws up a false alert window informing you there is a worm or trojan in that program.

For those not familiar with this malware it throws up a window announcing you have a Trojan and/or worm. It continues to throw up a window every few seconds.
Options are to continue (YES!!!) or to remove it (NO). The only way you can uninstall-- it says is to purchase the program. Once they have your credit card info they make all kinds of charges on it.

Why the H_LL didn’t Avast catch and stop this malware? Why the H_LL didn’t Avast remove it?

how the hell did you get it ?

edit: I agree avast should have stopped it, but unless that’s a drive by download, you’re responsible in the first place for your clicks :wink:

Hi Logos & bugsychipr,

Where did it enter and how. Did bugsychipr get it from a silent download via a malicious site, from a malicious mail he opened up, from something he thought was coming on its own but also had the added rogue. Did he do an additional scan with MBAM or SAS? Questions, questions,

polonus

Where did it enter and how

this is what I already asked him, but he preferred to log off quickly after my reply it seems ;D

Why the H_LL didn't Avast catch and stop this malware? Why the H_LL didn't Avast remove it?
Fake antivirus overwhelming scanners http://news.techworld.com/security/3203072/fake-antivirus-overwhelming-scanners/

Remove Security Tool and SecurityTool (Uninstall Guide)

It is important that you follow the guide step by step for it to work

Automated Removal Instructions for Security Tool using Malwarebytes’ Anti-Malware:
http://www.bleepingcomputer.com/virus-removal/remove-security-tool

Removal instructions for Security Tool
http://forums.malwarebytes.org/index.php?showtopic=35239

I too was hit by malware faked as security software. All the warnings tried to mimic Win 7 warnings and would block any programs I tried to run, except browsers. I’d get warnings that each program I tried to start was infected with a virus and then ask me if I wanted to install anti-virus software. If I said yes, then it would launch Internet Explorer and try to take me to www.av-force.net (.com is also the same).

I finally booted into Linux, went to /users/myname/appdata/local/ so forth, and deleted any folders that had been created today. This got the malware deleted.

I’ve never seen anything like it, before.

BTW, I’m running Win 7 firewall and it did nothing. Let it right through.

can you disable that link, just replace www by xxx, thanks.

I am bugsychipr (Darla). It came in as a silent download. I did not click on anything. I was doing an internet search using google. I was searching Christian kids songs! Before, Avast has always made a loud audio plus visual warning when something was trying to sneak into my computer. This time it did not and that is why I am stumped. ??? And then pissed that it failed to remove the nasty thing! Then I started getting the blue screen telling me windows xp was shutting down to prevent damage to my computer. That is when I started opening it in safe mode. :-X

okay if it came silently browsing sites looking legit, that’s another story, sorry about my previous words :wink:

Yep, Security Tool got me too. Don’t know where it came from!!! Just went to Bleeping computer and followed their instructions to load Malwarebytes and got rid of it. Hopefully it’ll stay gone. A real pain in the but.

I don’t like to repeat myself, but… antivirus SW will not protect you against these rogue apps. None of them out there, every single one will fail sooner or later. Working suggestions would include:

1/ Stop browsing as administrator, stop using your computer for normal work as administrator
2/ Use sandboxed browser
3/ Use software-restriction policies or AppLocker
4/ Use something like WOT which will suggest you when you are trying to browse junky sites.