+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 28
Windows Thread, Security Tool in Technical; Hi all, Just had a teacher come to me with her laptop and say it's got 33 infections on it ...
  1. #1

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    600
    Thank Post
    92
    Thanked 72 Times in 64 Posts
    Rep Power
    24

    Security Tool

    Hi all,

    Just had a teacher come to me with her laptop and say it's got 33 infections on it and can I sort it before the day is out?
    This is the school laptop which is taken home and so has Sophos on it as do all of our machines and it's very rare for Sophos to actually alert the user to anything strange, it just gets on with it's job so I asked her what she had been doing with it/ had she used some other anti-virus. I got the reply of "yes, I've used a 3rd party bit of software". great...
    Turned the laptop on and up pops "Security Tool" which then proceeds to do what looks like the fastest full system scan in history and tells me that the computer is full of infections even though sophos reckons it's fine. It even recreates the little red warning shield in the taskbar to say there is a problem.
    Now before I delete this software and let Sophos carry on, is there any chance it's legit or has anyone used it before?

    Regards
    Rich

  2. #2
    Mcshammer_dj's Avatar
    Join Date
    Feb 2007
    Location
    Portsmouth
    Posts
    936
    Thank Post
    35
    Thanked 164 Times in 132 Posts
    Rep Power
    94
    not legit at all this is malware!!!!!!!!!!!!!!!!!!!!!!!

  3. #3
    dwhyte85's Avatar
    Join Date
    Mar 2009
    Location
    Berkshire
    Posts
    1,219
    Thank Post
    159
    Thanked 147 Times in 132 Posts
    Rep Power
    103
    Get into safe mode with networking and get MalwareBytes, update and kill them all (traces of malware, not teachers).

  4. 4 Thanks to dwhyte85:

    CPLTD (22nd April 2010), danrhodes (1st March 2010), mac_shinobi (23rd April 2010), Tricky_Dicky (1st March 2010)

  5. #4

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    600
    Thank Post
    92
    Thanked 72 Times in 64 Posts
    Rep Power
    24
    It's dam good! I can't open Sophos, Add/Remove programs or even task manager.
    Just going into Safe mode now.

  6. #5

    Join Date
    Jul 2009
    Posts
    559
    Thank Post
    45
    Thanked 106 Times in 91 Posts
    Rep Power
    68
    good guide here (site is down at the moment which is why i've linked to google's cache) for removal

    Remove Security Tool and SecurityTool (Uninstall Guide)

  7. #6
    sdc
    sdc is offline
    sdc's Avatar
    Join Date
    Apr 2008
    Location
    Dorset, UK
    Posts
    312
    Thank Post
    53
    Thanked 42 Times in 37 Posts
    Rep Power
    41
    Definitely malware. Had this several times here and can be tricky to remove. If it's any use, this is how we did it.

    1. Copy TaskMgr.exe and call the new copy iexplore.exe (some versions of "Security Tool" will close applications such as Task Manager by identifying the exe's name - thus renaming it gets you round this).
    2. Kill off the Security Tool process - each time I've seen this it's been named a random number in the list.
    3. Download and run Malbytes Antimalware. Run a full scan and remove all that it finds.

  8. Thanks to sdc from:

    Tricky_Dicky (1st March 2010)

  9. #7

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,963
    Thank Post
    886
    Thanked 1,710 Times in 1,478 Posts
    Blog Entries
    12
    Rep Power
    449
    Thanks for the tips, a friends laptop has this litttle blight on

  10. #8

    LeMarchand's Avatar
    Join Date
    Jan 2008
    Location
    The deepest pits of hell
    Posts
    2,178
    Thank Post
    303
    Thanked 332 Times in 236 Posts
    Rep Power
    141
    Have you sneaked into the school I'm in at the moment and decided to take *** ****** and their problems of my hands?

    Had a similar problem recently where a teacher downloaded/installed something similar and then their "computer whiz" other half decided to install Norton to cure the problem. Got it sorted, but 1 month (and a spanking new W7 laptop later) and they've got the same problem .

  11. #9

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    600
    Thank Post
    92
    Thanked 72 Times in 64 Posts
    Rep Power
    24
    LeMarchand, I hate it when there "friend who is a computer expert (obviously much better than you but is out of a job atm because of x,y,z) said....".
    I think in this case it was probably caused by her kids using it. Also had the cheek to blame me for it and the best bit, she has cancelled all of her credit cards/banking because it came up with a message saying they were being transmitted by MSN!

  12. #10

    LeMarchand's Avatar
    Join Date
    Jan 2008
    Location
    The deepest pits of hell
    Posts
    2,178
    Thank Post
    303
    Thanked 332 Times in 236 Posts
    Rep Power
    141
    Quote Originally Posted by Tricky_Dicky View Post
    I think in this case it was probably caused by her kids using it.
    Yeah, I get that too! Particularly annoying when they say "but I told little Johnny/Jenny not to use my laptop..." (why not just not give then your password) or "I never let little Johnny/Jenny use my machine" and you find loads of kid's sites in their browsing history or MSN launches with Windows into their kid's account or they have installed Barbie/GTA/other games. (Yes, I know, but if SMT won't agree to the machines being locked down...)

  13. #11
    AyatollahPies's Avatar
    Join Date
    Jan 2008
    Location
    Earth
    Posts
    900
    Thank Post
    48
    Thanked 105 Times in 95 Posts
    Rep Power
    42
    If you're Sophos subscribers, you can ask Sophos for the link to a bootable disc.

    As soon as anything like this crops up, I just boot the machine this and run the scan from there.
    (Had the exact same issue last week)

    Avira also do one for free. We just download the latest version each work and burn it to a CD/RW.

    Great addition to the arsenal.

  14. #12

    SYSMAN_MK's Avatar
    Join Date
    Sep 2005
    Posts
    4,006
    Thank Post
    489
    Thanked 1,343 Times in 729 Posts
    Rep Power
    429
    What I would like to know is why Sophos never seems to stop these from infecting machines. In the past month I have notices an increase on the number of staff laptops getting infected with this type of Malware. All have Sophos installed and up-to-date.

    Am I missing something glaringly obvious?

  15. #13
    dwhyte85's Avatar
    Join Date
    Mar 2009
    Location
    Berkshire
    Posts
    1,219
    Thank Post
    159
    Thanked 147 Times in 132 Posts
    Rep Power
    103
    Quote Originally Posted by SYSMAN_MK View Post
    What I would like to know is why Sophos never seems to stop these from infecting machines. In the past month I have notices an increase on the number of staff laptops getting infected with this type of Malware. All have Sophos installed and up-to-date.

    Am I missing something glaringly obvious?
    We are having this same issue and I've been told by Sophos... upgrade to endpoint [costs £]... really not good enough.

    Don't get me started on Conficker & Sophos, it is just not enterprise grade security.
    Last edited by dwhyte85; 1st March 2010 at 11:00 AM.

  16. #14
    TechSupp's Avatar
    Join Date
    Mar 2007
    Location
    South Yorkshire
    Posts
    1,884
    Thank Post
    298
    Thanked 120 Times in 101 Posts
    Rep Power
    41
    Had to clean that one of a heads home PC before and it was a right pain to do, can't remember now how I did it but think it had installed it somewhere in a non descript named folder hidden away, begger to find but did it in the end.

  17. #15

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    11,089
    Thank Post
    1,795
    Thanked 2,197 Times in 1,624 Posts
    Rep Power
    775
    If these are standard issue school laptops, a re-image would be far quicker and probably more effective

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Need some recommendations for a new tool
    By stu1892 in forum O/S Deployment
    Replies: 8
    Last Post: 8th December 2009, 03:40 PM
  2. New Validator tool available
    By Ric_ in forum Wireless Networks
    Replies: 3
    Last Post: 21st October 2009, 12:41 AM
  3. Handy Tool
    By garethedmondson in forum Windows
    Replies: 0
    Last Post: 6th October 2009, 11:28 AM
  4. AD import tool
    By Newton in forum Windows
    Replies: 4
    Last Post: 1st February 2008, 09:53 AM
  5. Tool for RM All in one
    By johnj1710 in forum General Chat
    Replies: 11
    Last Post: 5th March 2007, 03:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •