Getting really sick of 'Security Tool' virus!

londonman81

I've had a virus on my machine for a little while now but this week it has taken a turn for the worse ...

I keep getting a 'Security Tool' branded error message which I know from Google search is a fake anti-spyware program.

Problem right now is that it has got to the point where even the recommended course of action doesn't work, as the virus hides my desktop, stops Malawarebytes from running, stops all program except for browsers from running, and keeps coming up with error messages constantly.

I have tried this course of action but it doesn't work as the 'rkill' software it tells me to download doesn;t de-activate the 'Security Tool' virus as it should, and also when I try to re-load Malawarebytes, the Security Tool virus stops it from running:

https://www.bleepingcomputer.com/virus-removal/remove-security-tool

Is there any other way I can de-activate this irritating virus?!?!

flossy_splodge

Me too!
Well, at least my DD's laptop has got infected and I haven't yet started the process of trying to fix it so if anyone can point me in a specific direction of what steps in what order, I'd be grateful.:o

londonman81

I should add: I am also getting increaisngly frequent blue screens giving 'FAULT_IN_NON_PAGED_AREA' error and references SPMCDSCON.sys (might be slightly wrong name) as the troublesome file , but again I can't find help on Google for it....

Not sure if it's related to other problem with 'Security Tool'.... :-(

crampo_2

Try this (someone else with same problem posted this elsewhere)

1. Stop Security Tool Processes: [random numbers].exe (in task manager)
2. Remove Security Tool Files
3. C:\Documents and Settings\All Users\Application Data\[random numbers]\
4. C:\Documents and Settings\All Users\Application Data\[random numbers]\[random numbers].exe
5. Remove Security Tool Registry Keys

*HKEY_CURRENT_USER\Software\Security Tool

*HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Security Tool

6. Remove Security Tool Startup Entry: [random numbers].exe

For more info look:
http://www.techjaws.com/how-to-remove-security-tool-virus/
http://www.techjaws.com/how-to-remove-security-tool/

Browntoa

have you tried renaming mbam.exe to something else , ie buffer.exe and trying to run it, also try the same with rkill , rename it to anything else and try to run it

download this

http://www.superantispyware.com/portablescanner.html

it randomly generates a filename so the virus cannot stop it

londonman81

Browntoa wrote: »

have you tried renaming mbam.exe to something else , ie buffer.exe and trying to run it, also try the same with rkill , rename it to anything else and try to run it

download this

http://www.superantispyware.com/portablescanner.html

it randomly generates a filename so the virus cannot stop it

I've tried this but doesn't work...

taxi97w

This is an evaluation version http://www.greatis.com/unhackme/download.htm - it worked for me at the time.

Paradigm

Reboot into safe mode with networking, update Malwarebytes, run Malwarebytes full scan, job done

londonman81

Paradigm wrote: »

Reboot into safe mode with networking, update Malwarebytes, run Malwarebytes full scan, job done

Tried that today - but doesn't work. When I click on the 'run scan' button in Malwarebytes, it suddenly collapses the screen just like in the 'normal' mode...does this mean that Security Tool virus has even penetrated Safe Mode??!

crampo_2

Did you try the suggestions from

http://www.techjaws.com/how-to-remove-security-tool-virus/

&

http://www.techjaws.com/how-to-remove-security-tool/

londonman81

crampo wrote: »

Try this (someone else with same problem posted this elsewhere)

1. Stop Security Tool Processes: [random numbers].exe (in task manager)

Can't even get Task Manager to stay on the screen long enough to identify the process - the screen collapses just like when I try to open anti-virus/Malwarebytes etc.....i can't get any of these important screens to stay on!

Help!