How To Remove Security Tool and other Rogue/Fake Antivirus Malware

By Lowell Heddings on January 26th, 2010

If you have a PC infected with Security Tool, you’re probably reading this article so you can understand how to get rid of it. Thankfully we’ve got the instructions to help you get rid of this virus.

Security Tool is just one of many fake antivirus applications like Antivirus Live, Advanced Virus Remover, Internet Security 2010, and others that hold your computer hostage until you pay their ransom money. They tell you that your PC is infected with fake viruses, and prevent you from doing anything to remove them.

image

This particular virus blocks you from doing most things, like Task Manager…

sshot-2010-01-21-[00-28-01]-[1]

It also gives you loads of error messages that just seem to pop up constantly.

sshot-2010-01-21-[00-30-29]-[1]

And worse, it blocks you from running malware removal tools:

sshot-2010-01-21-[00-34-56]-[1]

First we’ll walk through the general steps that usually apply, but you can skip down to read the specific steps that we used to remove this virus.

Removing Rogue Fake Antivirus Infections (General Guide)

There’s a couple of steps that you can generally follow to get rid of the majority of rogue antivirus infections, and actually most malware or spyware infections of any type. Here’s the quick steps:

Those are the rules that normally work. Note that there are some malware infections that not only block safe mode, but also prevent you from doing anything at all. We’ll cover those in another article soon, so make sure to subscribe to How-To Geek for updates (top of the page).

Removing Security Tool

Since the above steps don’t always work, and Security Tool seemed to do a pretty good job of killing the malware removal tools I tried to use, I found another method to kill the virus off so I could begin the work of removing it.

First, we’ll need to know the username—if you aren’t sure what that is, right-click on the Start button and choose Open, then you can see it right in the location bar:

image

Next, open up the Start Menu, and then click the Run button (or use the Win+R shortcut key), and then type in the following command, substituting your own username if it is something other than administrator.

taskkill /f /fi “username eq administrator”

Note: If it doesn’t kill the virus the first time, you might have to use it again. Don’t be alarmed when your start menu disappears.

image

If all went well, the virus is dead and so is everything else including your start menu. Use the Ctrl+Shift+Esc shortcut key combination, and then go to File –> Run, and type in explorer to re-open the start menu and taskbar.

image

Note: If you find that the virus still isn’t dead, you can repeat the steps again.

Use SUPERAntiSpyware to Clean the Malware

Now that we’ve killed off all those processes, we’ll get to removing the actual malware from the system by downloading SUPERAntiSpyware and installing it. You should be able to grab the full version, or you can use the portable variety that we’ve already recommended.

image

If you grabbed the full version, make sure to use the Check for Updates button, and then click the Scan Your Computer button… make sure to perform a Complete Scan, and select all of your drives. 

image

Once it’s done, it’ll let you remove them all in a click, and then prompt you to reboot. Job isn’t done, however!

Install Malwarebytes and Scan 

Next you’ll want to install MalwareBytes and run it, making sure to run a full scan. The main reason to do this is because there’s no way a single malware removal tool can know about every single piece of malware out there, and you may as well make sure your system is clean.

image65

Install Microsoft Security Essentials

You should definitely install Microsoft Security Essentials and run another full scan once you’re done.

Note: If you used a thumb drive at any point during this process, you should make sure and scan that as well—I’ve had viruses hop over to the thumb drive, ready to infect the next machine.

What About You? Had any Virus-Killing Experiences?

Have you had any experience lately killing this virus, or other similar ones? Let us know in the comments, or feel free to email into the tips line at tips@howtogeek.com with your best method for killing these viruses. We’d love to hear your expert feedback!

Lowell Heddings, better known online as the How-To Geek, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on if you'd like.

  • Published 01/26/10
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!