Once again, the authors of this rogue antivirus software (Security Tool) are now spreading this parasite using a fake Adobe Flash Player update on malicious sites. The story was originally broken by the Sunbelt blog.
Patrick Jordan a rogue specialist advised that a new delivery mechanism for the rogue security product Security Tool is being used. It’s a fake Adobe Flash Player update (fake codec) on malicious web sites.
Specifically, you might find this if you go looking for naked lady pictures in the .pl (Poland) top level domain.
If you are not familiar with Security Tool Virus, it was originally published back in October 2009 and it wrecked havoc for many users – no one knows how many users were infected, but I am estimating it was in the millions.
How to Remove Security Tool Virus
- Stop Security Tool Processes: [random numbers].exe
- Remove Security Tool Files
- C:\Documents and Settings\All Users\Application Data\[random numbers]\
- C:\Documents and Settings\All Users\Application Data\[random numbers]\[random numbers].exe
- Remove Security Tool
- Remove Security Tool Startup Entry: [random numbers].exe
- You can also download MalwareBytes Anti-Malware to remove Security Tool Virus.
- F-Secure has already updated their AV product to block and remove Security Tool Virus. They offer a 30 day free trial of Anti-Virus 2010.
Read more removal instructions and comments here.