How to Remove Security Tool

UPDATE 10-13-2010:  While the below guide does still work it is a YEAR old.  We have updated it several times since but the NEWEST guide that includes 3 additional videos can be found at http://www.removevirus.org/remove-security-tool-latest-rouge-client-400  .  Just want everyone to know about the new guide as well as this one.

If you have not already done so we do recommend you watch our security tool removal video. It has been watched over 100K times and does a good job showing you the steps needed to remove this threat. This video is below so read on.

How to Remove Security Tool

How to Remove Security Tool

Onto the Manual Removal of this threat.

I am also including the video we created from www.removevirus.org. This video is a must watch for everyone looking to manually remove Security Tool. To start I would like to say that you most likely got infected because you did not have a good security client installed on your computer.

Here is the Video you can follow along with this and the manual guide below

Security Tool Removal Video

The first thing you will need to do is to terminate the currently running process of this threat. This can be done in several ways. For those who can still use the Task Manager I recommend you simply hold down Ctrl+Alt+del. Vista and Windows Seven users will need to then select the Task Manager. If you are able to open it then you are looking for an 8 or 10 digit number follow by a .exe that is running.

Example of Security Tool Process running

3467542487.exe

This is the file you need to terminate. If you can not bring up the Task Manger then you have several other ways at getting to this threat still.

We are going to now look for the location of the 10 digit file.

First thing to try is simply going to the run command. Hit the Windows Start button and in the "Start Search" or run command area type in "msconfig" with out the quotes. Now select the start-up tab. Browse though the start-up menu and look for a 10 digit number, 8 digit number or a file that says Total Security, TS.exe or TSC.exe.

Once you find the trace you need to un-check the box and then hit OK. You will then be asked to re-boot. Before you re-boot make sure you book mark this page so you can find it again after you boot up your computer. If the above methods have not worked for you we still have several option left. If you were able to stop Security Tool from running then move on to

Stage 2. If nothing has worked so far for you then we recommend bookmarking this page and booting into safe mode with networking. Then just move on to stage 2. To boot into safe mode you need to re-start your computer then start pressing the F8 key every other second. When you see a DOS like screen with several options, use the up and down arrows on the keyboard to highlight the "Safe Mode with Networking" option and then hit enter to select. Then log into safe mode under your normal user account or the admin account. Then bring up this website again. remember only safe mode with networking will allow you to go online. If you are in just Safe Mode you will not have Internet access.

At this time the Security Tool program should not be running. If it is then you need to again follow the above instructions till you have terminated the Security Tool program.

We are now going to search and locate the folder that is hiding this program. Before we can do this you will need to un-hide system files and folders. This is because Security tool is a hidden program and the folder is hidden as well XP Users: Open up "My Computer" Also known as Windows Explorer ( THIS IS NOT INTERNET EXPLORER ) Then select Folder Options then View Tab, under view check the box that says "Show hidden files and folders" now we need to also Uncheck the box next to "Hide Protected Operating System File".

When we are all done you should set these setting back to default.

Vista and Windows 7 Users:

Go to Windows Start button > Control Panel >Folder Options > Select the View tab and then check the box next to "Show hidden files and folders" then uncheck the box next to "Hide Protected Operating System files" remember to re-set these settings once we are done.

Now you need to browse down to the correct directory and delete the folder and files of Security Tool.

XP users: The location of this program is going to be C:\Documents and Settings\All Users\Application Data\Tendigitfolder. You will now see a folder that it 8 – 10 digits in length. You need to delete this folder and the files in it. Normally it is the first folder under Application data. If you are getting errors trying to delete this then bookmark the page and re-boot into safe mode as an Administrator as described above.

Vista and Windows 7 users: the location of this program is going to be C:\ProgramData. You will now see a folder that it 8 – 10 digits in length. You need to delete this folder and the files in it. Normally it is the first folder under Application data. If you are getting errors trying to delete this then bookmark the page and re-boot into safe mode as an Administrator as described above.

Keep in mind that the C:\ location is the default Windows folder location. Now you should attempt to download SpyHunter if you could not do it before. Register the product, update the scanner and run a full scan. This is the best way to remove the rest of the Security Tool virus and all the remaining traces. If your a cheap A$$ or can't get the client to install then read on for the next steps.

The good news here is we are about half way done. The bad news is you still have a bit of work ahead of you.

Now we need to re-set the Windows host's file and Internet Explorer. This is to ensure your computers browser settings are not highjacked. You may need to re-install pluggins and the like for Internet Explorer when this is done.

As stated before you should really just rgister the product to remove the rest of this virus and the others still on your computer.

Security Tool Registry Settings

We are now going to be editing the Windows Registry. Please note the editing the registry is very dangerous and one wrong slip and your computer can become unstable. No we do not recommend doing it unless you are a computer expert. We have already told you the correct solution to use. However this is a complete guide so we are going to show you how to edit the registry to remove the rest of Total Security. Click the Windows start button and type "regedit" in the run box or search box. With out the quotes. The registry editor will now open for you. You need to locate and delete the following strings.

HKEY_CURRENT_USER\Software\Security Tool HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Your10digitnumber" That is it.

You have just removed Security tool from your computer manually. You will now need to run a full scan using your favorite antivirus program. You already know the program I use. This is a must that can not be skipped. In most cases those infected with Security tool have several other viruses installed on the system. You need to protect your computer and remove all those viruses so this threat does not get re-installed again.

Outside Resources:

http://www.howtogeek.com/howto/9505/how-to-remove-security-tool-and-other-roguefake-antivirus-malware/

http://www.wikihow.com/Remove-the-Rogue-Security-Tool-Program

RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.