Security Tool
September 25, 2009 Threat level:
(7 / 10)
Security Tool description
Security Tool is a malicious program which pretends to be a rel security program. It boards the system once a corrupt website, such as sitesecuritytest.com which imitates scanning computer for viruses, is visited, while at the same time it uses trojans for downloading and installing SecurityTool on the system without making any notice to the user. Security Tool has the purpose of making the user purchase its “full software” which actually does not even exist. Paying money to the creators of an online scam is definitely not a wise investment.
In order to achieve its goal, Security Tool performs various actions mimicking the ones of the legitimate security applications, such as: system scans, displaying security warnings, offering system protection. Unfortunately, SecurityTool is not able to provide any of these services. What's more is that after scanning the system for viruses Security Tool depicts legitimate files as security threats and suggests the user to remove them by purchasing the Security Tool software. It is strongly advised not to fall into the Security Tool trap and to remove this malware once it has been detected.
Security Tool websites
Sitesecuritytest.com Learn how to block rogue websitesNew processes created
Security Tool.exe[RANDOM NUMBER].exe Learn how to remove malicious processes
New Security Tool registry entries created
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “SecurityTool”HKEY_CURRENT_USER\Software\Vista Antivirus 2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SecurityTool
HKEY_LOCAL_MACHINE\SOFTWARE\SecurityTool Download RegistryBooster 2010 to scan your registry errors
Learn how to remove malicious registry entries
New files and directories created
%System Root%\Samples%User Profile%\Local Settings\Temp
%Program Files%\SecurityTool
%Program Files%\SecurityTool
%Documents and Settings%\All Users\Start Menu\Programs\SecurityTool
%Documents and Settings%\All Users\Application Data\SecurityTool Learn how to unregister malicious DLL files
Symptoms in a Hijackthis log
O4 - HKLM\..\Run: [[RANDOM NUMBER]] C:\DOCUME~1\ALLUSE~1\APPLIC~1\[RANDOM NUMBER]\[RANDOM NUMBER].exeHow to remove Security Tool
To remove Security Tool manually you must block rogue Security Tool related websites, remove malicious processes and registry entries, unregister dlls and delete all malicious Security Tool files from your computer.
Please note: cleaning your computer is a difficult and dangerous task, manually editing registry entries and removing processes and files may cause serious damage to your system. We strongly recommend scanning your computer with one of the legitimate antispyware scanners.