This nuisance rogue malware program has resurfaced once again. Security Tool Virus was first discovered in October 2009. It’s in the same family as Winweb and it’s by far the toughest and most complex rogue software to remove, but we solved that issue last year.

Security Tool Virus is classified as a rogue software by many security firms because it falsely reports infections and scares users into purchasing the full license of the program in order to remove these false infections. Security Tool Virus will start automatically when you log in to your computer.

Be careful, and DO NOT delete the infected files found by Security Tool Virus as these are legitimate system files.

Symptoms that may be in a HijackThis Log:

Please note that the files and folders for Security Tool and SecurityTool have random names.

  • O4 – HKLM\..\Run: [4946550101] %UserProfile%\Application Data\4946550101\4946550101.exe
  • O4 – HKCU\..\Run: [Install] %UserProfile%\Application Data\4946550101\4946550101.bat

Download HiJackThis

Security Tool Virus Activities:

  • Changes browser settings
  • Shows commercial adverts
  • Stays resident in background

Automatic Security Tool Virus Removal:

Security Tool Virus is from the same family as Total Security 2009 and System Security.

Other Removal Instructions can be found here.