+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 28
Windows Thread, Security Tool in Technical; Hi all, Just had a teacher come to me with her laptop and say it's got 33 infections on it ...
  1. #1

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    616
    Thank Post
    93
    Thanked 75 Times in 67 Posts
    Rep Power
    26

    Security Tool

    Hi all,

    Just had a teacher come to me with her laptop and say it's got 33 infections on it and can I sort it before the day is out?
    This is the school laptop which is taken home and so has Sophos on it as do all of our machines and it's very rare for Sophos to actually alert the user to anything strange, it just gets on with it's job so I asked her what she had been doing with it/ had she used some other anti-virus. I got the reply of "yes, I've used a 3rd party bit of software". great...
    Turned the laptop on and up pops "Security Tool" which then proceeds to do what looks like the fastest full system scan in history and tells me that the computer is full of infections even though sophos reckons it's fine. It even recreates the little red warning shield in the taskbar to say there is a problem.
    Now before I delete this software and let Sophos carry on, is there any chance it's legit or has anyone used it before?

    Regards
    Rich

  2. #2
    Mcshammer_dj's Avatar
    Join Date
    Feb 2007
    Location
    Portsmouth
    Posts
    991
    Thank Post
    39
    Thanked 180 Times in 145 Posts
    Rep Power
    98
    not legit at all this is malware!!!!!!!!!!!!!!!!!!!!!!!

  3. #3
    dwhyte85's Avatar
    Join Date
    Mar 2009
    Location
    Berkshire
    Posts
    1,235
    Thank Post
    162
    Thanked 153 Times in 138 Posts
    Rep Power
    104
    Get into safe mode with networking and get MalwareBytes, update and kill them all (traces of malware, not teachers).

  4. 4 Thanks to dwhyte85:

    CPLTD (22nd April 2010), danrhodes (1st March 2010), mac_shinobi (23rd April 2010), Tricky_Dicky (1st March 2010)

  5. #4

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    616
    Thank Post
    93
    Thanked 75 Times in 67 Posts
    Rep Power
    26
    It's dam good! I can't open Sophos, Add/Remove programs or even task manager.
    Just going into Safe mode now.

  6. #5

    Join Date
    Jul 2009
    Posts
    605
    Thank Post
    56
    Thanked 115 Times in 100 Posts
    Rep Power
    70
    good guide here (site is down at the moment which is why i've linked to google's cache) for removal

    Remove Security Tool and SecurityTool (Uninstall Guide)

  7. #6
    sdc
    sdc is offline
    sdc's Avatar
    Join Date
    Apr 2008
    Location
    Dorset, UK
    Posts
    312
    Thank Post
    53
    Thanked 42 Times in 37 Posts
    Rep Power
    42
    Definitely malware. Had this several times here and can be tricky to remove. If it's any use, this is how we did it.

    1. Copy TaskMgr.exe and call the new copy iexplore.exe (some versions of "Security Tool" will close applications such as Task Manager by identifying the exe's name - thus renaming it gets you round this).
    2. Kill off the Security Tool process - each time I've seen this it's been named a random number in the list.
    3. Download and run Malbytes Antimalware. Run a full scan and remove all that it finds.

  8. Thanks to sdc from:

    Tricky_Dicky (1st March 2010)

  9. #7

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,374
    Thank Post
    906
    Thanked 1,811 Times in 1,559 Posts
    Blog Entries
    12
    Rep Power
    468
    Thanks for the tips, a friends laptop has this litttle blight on

  10. #8

    LeMarchand's Avatar
    Join Date
    Jan 2008
    Location
    The deepest pits of hell
    Posts
    2,601
    Thank Post
    327
    Thanked 421 Times in 294 Posts
    Rep Power
    223
    Have you sneaked into the school I'm in at the moment and decided to take *** ****** and their problems of my hands?

    Had a similar problem recently where a teacher downloaded/installed something similar and then their "computer whiz" other half decided to install Norton to cure the problem. Got it sorted, but 1 month (and a spanking new W7 laptop later) and they've got the same problem .

  11. #9

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    616
    Thank Post
    93
    Thanked 75 Times in 67 Posts
    Rep Power
    26
    LeMarchand, I hate it when there "friend who is a computer expert (obviously much better than you but is out of a job atm because of x,y,z) said....".
    I think in this case it was probably caused by her kids using it. Also had the cheek to blame me for it and the best bit, she has cancelled all of her credit cards/banking because it came up with a message saying they were being transmitted by MSN!

  12. #10

    LeMarchand's Avatar
    Join Date
    Jan 2008
    Location
    The deepest pits of hell
    Posts
    2,601
    Thank Post
    327
    Thanked 421 Times in 294 Posts
    Rep Power
    223
    Quote Originally Posted by Tricky_Dicky View Post
    I think in this case it was probably caused by her kids using it.
    Yeah, I get that too! Particularly annoying when they say "but I told little Johnny/Jenny not to use my laptop..." (why not just not give then your password) or "I never let little Johnny/Jenny use my machine" and you find loads of kid's sites in their browsing history or MSN launches with Windows into their kid's account or they have installed Barbie/GTA/other games. (Yes, I know, but if SMT won't agree to the machines being locked down...)

  13. #11
    AyatollahPies's Avatar
    Join Date
    Jan 2008
    Location
    Earth
    Posts
    900
    Thank Post
    48
    Thanked 105 Times in 95 Posts
    Rep Power
    43
    If you're Sophos subscribers, you can ask Sophos for the link to a bootable disc.

    As soon as anything like this crops up, I just boot the machine this and run the scan from there.
    (Had the exact same issue last week)

    Avira also do one for free. We just download the latest version each work and burn it to a CD/RW.

    Great addition to the arsenal.

  14. #12

    SYSMAN_MK's Avatar
    Join Date
    Sep 2005
    Posts
    4,012
    Thank Post
    490
    Thanked 1,345 Times in 731 Posts
    Rep Power
    429
    What I would like to know is why Sophos never seems to stop these from infecting machines. In the past month I have notices an increase on the number of staff laptops getting infected with this type of Malware. All have Sophos installed and up-to-date.

    Am I missing something glaringly obvious?

  15. #13
    dwhyte85's Avatar
    Join Date
    Mar 2009
    Location
    Berkshire
    Posts
    1,235
    Thank Post
    162
    Thanked 153 Times in 138 Posts
    Rep Power
    104
    Quote Originally Posted by SYSMAN_MK View Post
    What I would like to know is why Sophos never seems to stop these from infecting machines. In the past month I have notices an increase on the number of staff laptops getting infected with this type of Malware. All have Sophos installed and up-to-date.

    Am I missing something glaringly obvious?
    We are having this same issue and I've been told by Sophos... upgrade to endpoint [costs £]... really not good enough.

    Don't get me started on Conficker & Sophos, it is just not enterprise grade security.
    Last edited by dwhyte85; 1st March 2010 at 12:00 PM.

  16. #14
    TechSupp's Avatar
    Join Date
    Mar 2007
    Location
    South Yorkshire
    Posts
    1,995
    Thank Post
    327
    Thanked 127 Times in 107 Posts
    Rep Power
    42
    Had to clean that one of a heads home PC before and it was a right pain to do, can't remember now how I did it but think it had installed it somewhere in a non descript named folder hidden away, begger to find but did it in the end.

  17. #15

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    10,223
    Thank Post
    1,925
    Thanked 2,425 Times in 1,775 Posts
    Rep Power
    842
    If these are standard issue school laptops, a re-image would be far quicker and probably more effective



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Need some recommendations for a new tool
    By stu1892 in forum O/S Deployment
    Replies: 8
    Last Post: 8th December 2009, 04:40 PM
  2. New Validator tool available
    By Ric_ in forum Wireless Networks
    Replies: 3
    Last Post: 21st October 2009, 01:41 AM
  3. Handy Tool
    By garethedmondson in forum Windows
    Replies: 0
    Last Post: 6th October 2009, 12:28 PM
  4. AD import tool
    By Newton in forum Windows
    Replies: 4
    Last Post: 1st February 2008, 10:53 AM
  5. Tool for RM All in one
    By johnj1710 in forum General Chat
    Replies: 11
    Last Post: 5th March 2007, 04:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •