FIRST4TECH on Facebook Subscribe to our blog RSS feed Follow us on Twitter

Call us on:
01392 457120
for a free consultancy visit

Log an IT support ticketGet remote assistance

What our clients say

“FIRST4TECH put in place a cost effective managed solution which has exceeded our expectations."
Shane Tout, Commercial Director
Besley & Copp Ltd

“Knowing help is a key stroke away takes a huge worry out of our everyday operations.
Paula Warke, Owner
Dart Rock Climbing Centre

“I would happily recommend FIRST4TECH to anyone.”
Ian Foster, Managing Director
System Six Kitchens Ltd

“FIRST4TECH obviously have vast knowledge and many years of experience. The engineers are down-to-earth and extremely helpful.
Gabi Boland, IT Helpdesk
fwdesign limited

“FIRST4TECH have proved themselves to be very professional, skilled and adaptive to our needs.”
Mike Jeptha, IT Manager
Wood&Wood Signs


Subscribe: FIRST4TECH blog RSS
Follow us on Twitter: FIRST4TECH

« FIRST4TECH Mazda 3 Sport | Main | Drop it like it's hot...? »

'Security Tool' rogue antivirus

There is a particularly nasty rogue antivirus application called 'Security Tool' doing the rounds just lately.  It's been prevelant over the past month or two and once installed on your system it can be quite a pain to remove.

"Security Tool is a rogue antivirus application that deliberately gives reports of false system security threats on your computer and displays fake security alerts or notifications to make you think your PC is infected with malware. The misleading application is from the same family as Total security 2009 and System Security. When installed, Security Tool will be configured to start automatically when you log on into Windows. Then it will imitate system scan and display a variety of infections that can't be removed unless you purchase the program. The files detected during the scan are either harmless or legitimate system files and can't cause any damage to your computer."  Source:

Thats the official description.  What actually happens is, you'll be on a web page (more often than not a free online flash games site) and you'll get a pop up that looks like this:

This looks like a legitimate Windows security warning doesn't it?  Well, its actually pretty easy to tell its fake.  Both the top and bottom paragraphs of text contain broken English and bad grammar.  This is the biggest clue that its a rogue warning.  Regardless of which option you choose, Security Tool will subsequently be installed on your system, either via a .exe download or via a backdoor trojan which you won't even see!  If you have not clicked on anything and are looking at this fake window, at this point you have not been infected.  Dont even try to close the window.  Simply click on your Start button and hit Shut down.  This will close all running applications (including the fake popup) and shutdown your PC.  You can then start it back up again and your PC should start up and operate as normal.

Phew!  That was a close one.  But what happens if you clicked either of the buttons?  Well usually at that point its too late.  Your system will be infected with Security Tool and the next time you restart your PC it will hijack Windows.  It doesn't actually cause any damage, its main line of attack is twofold.  Firstly, it wants to be as intrusive as possible, throwing you pop-ups all the time telling you that your PC is infected with many trojans/malware.  This is of course still fake, the only infection you have is Security Tool itself, all its trying to do is trick you into purchasing their software - which you'll be charged for, but never recieve.  Swines!  Secondly, it cripples the main functions of Windows to make it extremely difficult to get rid of.

At this point, try not to panic.  You shouldn't lose any data and your PC is recoverable without the need for drastic measures such as formatting the hard drive or throwing it under a truck!  Due to the prevelance of Security Tool there are some very comprehensive removal instructions available.  The best I have found (and tested) can be found below.

Remove Security Tool and SecurityTool (Uninstall Guide)

Of course, if you have a Support Contract with FIRST4TECH all you have to do is give us a call and we'll do the rest. :)

References (2)

References allow you to track sources for this article, as well as articles that were written in response to this article.
  • Response
    'Security Tool' rogue antivirus - blog - FIRST4TECH
  • Response
    'Security Tool' rogue antivirus - blog - FIRST4TECH

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.
Editor Permission Required
You must have editing permission for this entry in order to post comments.