Remove Security Tool Malware

Had to remove a new piece of Malware called "Security Tool".  The challenge to this is that the malware prevents any executable except web browsers from running.  Once it starts, it also runs a fake scan of the files on the drive and alerts that several are infected with Trojan spyware that is stealing credit card information.  Amusingly it alerted that a trojan infection was trying to steal credit card information from taskmgr.exe when we tried to run it.

Fortunately, Security Tool does not appear to protect itself, so the removal is rather simple.

1. Locate and rename the executable (Locate a shortcut in the start menu and check the properties for the file location) and Reboot


2. Browse to the same location and delete the renamed file.


3. Download and run Malwarebytes (make sure to update the defs!)


4. Remove any additional malicious software and reboot once more for good measure.

This YouTube video was a help, though the file location was different from that of the video.