Jump to content

Recommended Posts

Security Tool and SecurityTool is actually part of the same family as Winweb Security rogues, first seen on or about November 27, 2008.

No it's not extremely hard to remove Security Tool,

That totally depends on the severity of the infection. If rootkits were installed, then it can be a difficult task to remove.

Link to post
Share on other sites

Security Tool and SecurityTool is actually part of the same family as Winweb Security rogues, first seen on or about November 27, 2008.

That totally depends on the severity of the infection. If rootkits were installed, then it can be a difficult task to remove.

I've worked a few where a RootKit was part of the infection. Not sure if it came along with Security Tool but with the added RootKit, it's not easy to remove. Once a RootKit or a BackDoor is involved you can never be 100% sure the pc is clean. IMO.
Link to post
Share on other sites

I know rootkits can come with rogues, and they make a formidable combination.

Rootkits make it less likely for an AV software to detect a piece of malware, right?

Trojans that contain both rootkits and rogues must be pretty big, unless rootkits take up little space.

Can MBAM detect rootkits?

Link to post
Share on other sites

Rootkits make it less likely for an AV software to detect a piece of malware, right? It usually disables all protection to install itself. Once installed, you can't run your protection programs.

Can MBAM detect rootkits? As to show file XYZ is a RootKit, Not that I know of. It can however tag the file that caused the infection. It can also prevent the infection from happening.

Link to post
Share on other sites

@Buttons

Love your new pic. Great penguin

Heh, thanks. :) Thought I'd be a bit festive. :)

@Wide Glide

Several things have to be taken into acount though. Processor, memory, what else it may haved dropped and how long it's had it's roots. Could take several hours or a day or to fully scan the system with multiple products. This was nuked shortly after receiving about 15 minutes.

Link to post
Share on other sites

Guest remixed

What made Security Tool (it has now been replaced by Security Shield) was not the 'quality' of the rogue itself, but how prevalent it was. It was very aggressively promoted through just about every means of delivery. I'll give you an example,

http://www.enshipack.com/book.asp?ToPage=1&shou=

This is a site containing 100's of pages with 100's of html links on every page all redirecting to fake porntubes which serve a fake Adobe flash upgrade which is in reality the installer for ' Security Shield '. There are 100's of these sites containg 1000's of links each and that's just one method of delivery. Then there's the fake online scanners, the driveby's the exploits and so on. It's everywhere and that's the key to it's notoriety.

Link to post
Share on other sites

Well,security tool was for about 1 year and 2 months active on the web and it infected lot of computer users.Security Tool is easy to remove with safe mode. :lol:

It's back though, with a 2011 "version." On facebook unfortunately. So why do virus writers make updates? Is it because they find new exploits, or are they working off of the same old ones that once the virus is removed doesn't get fixed?

Link to post
Share on other sites

Guest name cool

This caused the closure of everything from my files and could not open any programs, especially Malwarebytes' Anti-Malware and Kaspersky as well. and even Kaspersky tools blocked' all applications Stopped working. . and even a tool "HijackThis been blocked him. :P:)

.......................................

M' Anti-M Free use. XP SP 3

:::::::::::::::::::::::::::::::

Link to post
Share on other sites

This caused the closure of everything from my files and could not open any programs, especially Malwarebytes' Anti-Malware and Kaspersky as well. and even Kaspersky tools blocked' all applications Stopped working. . and even a tool "HijackThis been blocked him. :P:)

.......................................

M' Anti-M Free use. XP SP 3

:::::::::::::::::::::::::::::::

You're not infected are you?

They block everything. Even WinPatrol setup was blocked. Installed through a php script and rooted itself within seconds.

Link to post
Share on other sites

It's back though, with a 2011 "version." On facebook unfortunately. So why do virus writers make updates? Is it because they find new exploits, or are they working off of the same old ones that once the virus is removed doesn't get fixed?

2011 version?You mean System Tool 2011?

Link to post
Share on other sites

Guest name cool
You're not infected are you?

They block everything. Even WinPatrol setup was blocked. Installed through a php script and rooted itself within seconds.

This was a few days ago. I had to shut down the system and run it again, and before the start of any programs in the startup. then I've .. clicking fast on "Malwarebytes' Anti-Malware, and have opened. have been deceived Rogue , and then

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.