+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 28
Windows Thread, Security Tool in Technical; Hi all, Just had a teacher come to me with her laptop and say it's got 33 infections on it ...
  1. #1

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    587
    Thank Post
    90
    Thanked 71 Times in 63 Posts
    Rep Power
    23

    Security Tool

    Hi all,

    Just had a teacher come to me with her laptop and say it's got 33 infections on it and can I sort it before the day is out?
    This is the school laptop which is taken home and so has Sophos on it as do all of our machines and it's very rare for Sophos to actually alert the user to anything strange, it just gets on with it's job so I asked her what she had been doing with it/ had she used some other anti-virus. I got the reply of "yes, I've used a 3rd party bit of software". great...
    Turned the laptop on and up pops "Security Tool" which then proceeds to do what looks like the fastest full system scan in history and tells me that the computer is full of infections even though sophos reckons it's fine. It even recreates the little red warning shield in the taskbar to say there is a problem.
    Now before I delete this software and let Sophos carry on, is there any chance it's legit or has anyone used it before?

    Regards
    Rich

  2. #2
    Mcshammer_dj's Avatar
    Join Date
    Feb 2007
    Location
    Portsmouth
    Posts
    908
    Thank Post
    35
    Thanked 154 Times in 125 Posts
    Rep Power
    54
    not legit at all this is malware!!!!!!!!!!!!!!!!!!!!!!!

  3. #3
    dwhyte85's Avatar
    Join Date
    Mar 2009
    Location
    Berkshire
    Posts
    1,199
    Thank Post
    149
    Thanked 143 Times in 129 Posts
    Rep Power
    75
    Get into safe mode with networking and get MalwareBytes, update and kill them all (traces of malware, not teachers).

  4. 4 Thanks to dwhyte85:

    CPLTD (22nd April 2010), danrhodes (1st March 2010), mac_shinobi (23rd April 2010), Tricky_Dicky (1st March 2010)

  5. #4

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    587
    Thank Post
    90
    Thanked 71 Times in 63 Posts
    Rep Power
    23
    It's dam good! I can't open Sophos, Add/Remove programs or even task manager.
    Just going into Safe mode now.

  6. #5

    Join Date
    Jul 2009
    Posts
    479
    Thank Post
    41
    Thanked 89 Times in 76 Posts
    Rep Power
    50
    good guide here (site is down at the moment which is why i've linked to google's cache) for removal

    Remove Security Tool and SecurityTool (Uninstall Guide)

  7. #6
    sdc
    sdc is offline
    sdc's Avatar
    Join Date
    Apr 2008
    Location
    Dorset, UK
    Posts
    307
    Thank Post
    53
    Thanked 41 Times in 36 Posts
    Rep Power
    41
    Definitely malware. Had this several times here and can be tricky to remove. If it's any use, this is how we did it.

    1. Copy TaskMgr.exe and call the new copy iexplore.exe (some versions of "Security Tool" will close applications such as Task Manager by identifying the exe's name - thus renaming it gets you round this).
    2. Kill off the Security Tool process - each time I've seen this it's been named a random number in the list.
    3. Download and run Malbytes Antimalware. Run a full scan and remove all that it finds.

  8. Thanks to sdc from:

    Tricky_Dicky (1st March 2010)

  9. #7

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,392
    Thank Post
    797
    Thanked 1,588 Times in 1,391 Posts
    Blog Entries
    10
    Rep Power
    427
    Thanks for the tips, a friends laptop has this litttle blight on

  10. #8

    LeMarchand's Avatar
    Join Date
    Jan 2008
    Location
    The deepest pits of hell
    Posts
    2,020
    Thank Post
    284
    Thanked 293 Times in 213 Posts
    Rep Power
    134
    Have you sneaked into the school I'm in at the moment and decided to take *** ****** and their problems of my hands?

    Had a similar problem recently where a teacher downloaded/installed something similar and then their "computer whiz" other half decided to install Norton to cure the problem. Got it sorted, but 1 month (and a spanking new W7 laptop later) and they've got the same problem .

  11. #9

    Join Date
    Jun 2009
    Location
    Birmingham
    Posts
    587
    Thank Post
    90
    Thanked 71 Times in 63 Posts
    Rep Power
    23
    LeMarchand, I hate it when there "friend who is a computer expert (obviously much better than you but is out of a job atm because of x,y,z) said....".
    I think in this case it was probably caused by her kids using it. Also had the cheek to blame me for it and the best bit, she has cancelled all of her credit cards/banking because it came up with a message saying they were being transmitted by MSN!

  12. #10

    LeMarchand's Avatar
    Join Date
    Jan 2008
    Location
    The deepest pits of hell
    Posts
    2,020
    Thank Post
    284
    Thanked 293 Times in 213 Posts
    Rep Power
    134
    Quote Originally Posted by Tricky_Dicky View Post
    I think in this case it was probably caused by her kids using it.
    Yeah, I get that too! Particularly annoying when they say "but I told little Johnny/Jenny not to use my laptop..." (why not just not give then your password) or "I never let little Johnny/Jenny use my machine" and you find loads of kid's sites in their browsing history or MSN launches with Windows into their kid's account or they have installed Barbie/GTA/other games. (Yes, I know, but if SMT won't agree to the machines being locked down...)

  13. #11
    AyatollahPies's Avatar
    Join Date
    Jan 2008
    Location
    Earth
    Posts
    900
    Thank Post
    48
    Thanked 105 Times in 95 Posts
    Rep Power
    41
    If you're Sophos subscribers, you can ask Sophos for the link to a bootable disc.

    As soon as anything like this crops up, I just boot the machine this and run the scan from there.
    (Had the exact same issue last week)

    Avira also do one for free. We just download the latest version each work and burn it to a CD/RW.

    Great addition to the arsenal.

  14. #12

    SYSMAN_MK's Avatar
    Join Date
    Sep 2005
    Posts
    3,978
    Thank Post
    484
    Thanked 1,330 Times in 721 Posts
    Rep Power
    425
    What I would like to know is why Sophos never seems to stop these from infecting machines. In the past month I have notices an increase on the number of staff laptops getting infected with this type of Malware. All have Sophos installed and up-to-date.

    Am I missing something glaringly obvious?

  15. #13
    dwhyte85's Avatar
    Join Date
    Mar 2009
    Location
    Berkshire
    Posts
    1,199
    Thank Post
    149
    Thanked 143 Times in 129 Posts
    Rep Power
    75
    Quote Originally Posted by SYSMAN_MK View Post
    What I would like to know is why Sophos never seems to stop these from infecting machines. In the past month I have notices an increase on the number of staff laptops getting infected with this type of Malware. All have Sophos installed and up-to-date.

    Am I missing something glaringly obvious?
    We are having this same issue and I've been told by Sophos... upgrade to endpoint [costs ]... really not good enough.

    Don't get me started on Conficker & Sophos, it is just not enterprise grade security.
    Last edited by dwhyte85; 1st March 2010 at 11:00 AM.

  16. #14
    TechSupp's Avatar
    Join Date
    Mar 2007
    Location
    South Yorkshire
    Posts
    1,828
    Thank Post
    288
    Thanked 112 Times in 93 Posts
    Rep Power
    39
    Had to clean that one of a heads home PC before and it was a right pain to do, can't remember now how I did it but think it had installed it somewhere in a non descript named folder hidden away, begger to find but did it in the end.

  17. #15

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    10,064
    Thank Post
    1,681
    Thanked 2,022 Times in 1,496 Posts
    Rep Power
    673
    If these are standard issue school laptops, a re-image would be far quicker and probably more effective

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Need some recommendations for a new tool
    By stu1892 in forum O/S Deployment
    Replies: 8
    Last Post: 8th December 2009, 03:40 PM
  2. New Validator tool available
    By Ric_ in forum Wireless Networks
    Replies: 3
    Last Post: 21st October 2009, 12:41 AM
  3. Handy Tool
    By garethedmondson in forum Windows
    Replies: 0
    Last Post: 6th October 2009, 11:28 AM
  4. AD import tool
    By Newton in forum Windows
    Replies: 4
    Last Post: 1st February 2008, 09:53 AM
  5. Tool for RM All in one
    By johnj1710 in forum General Chat
    Replies: 11
    Last Post: 5th March 2007, 03:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •