Security Tool Virus Spreads Via Fake Adobe Update

by on 10/08/2010 in Fake Antivirus, Security

Once again, the authors of this rogue antivirus software (Security Tool) are now spreading this parasite using a fake Adobe Flash Player update on malicious sites. The story was originally broken by the Sunbelt blog.

Patrick Jordan a rogue specialist advised that a new delivery mechanism for the rogue security product Security Tool is being used. It’s a fake Adobe Flash Player update (fake codec) on malicious web sites.

Security Tool

Specifically, you might find this if you go looking for naked lady pictures in the .pl (Poland) top level domain.

If you are not familiar with Security Tool Virus, it was originally published back in October 2009 and it wrecked havoc for many users – no one knows how many users were infected, but I am estimating it was in the millions.

How to Remove Security Tool Virus

Manually

  1. Stop Security Tool Processes: [random numbers].exe
  2. Remove Security Tool Files
  3. C:\Documents and Settings\All Users\Application Data\[random numbers]\
  4. C:\Documents and Settings\All Users\Application Data\[random numbers]\[random numbers].exe
  5. Remove Security Tool

Registry Keys

*HKEY_CURRENT_USER\Software\Security Tool
*HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Security Tool

  1. Remove Security Tool Startup Entry: [random numbers].exe

Automatically

Read more removal instructions and comments here.

Related Articles
Security Tool Installs as a Firefox and Flash Update
Security Tool Virus Update and Removal
How to Remove Security Tool Virus

3 Responses to “Security Tool Virus Spreads Via Fake Adobe Update”

  1. Lyndsey

    Oct 11th, 2010

    Oh how I love my mac …

    • Frank Jovine

      Oct 11th, 2010

      Lyndsey,

      Macs are still prone, but not nearly as much as a PC.

  2. Chris Fellows

    Oct 15th, 2010

    I have tried this Adobe Flash Player Update that turned into virus. Good thing, I’m using Mac. My files were perfectly safe.