Activation key security tool [Solved/Closed]

Report
-
 shaq -
hello...can u help me....i need license key activation security tool....please...

4 replies

Posts
48727
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
September 19, 2020
15,429
Hello Faiz,

I strongly suggest to you that you do not want a key to further install this rogue Trojan Horse which is actually a scam to get to your credit card.

I suggest that you want to remove it.

Here is how to get rid of this scam rogue virus designed to get to your credit card account and it is a good thing you did not fall for it.

Please follow the following procedure carefully and to the letter.

Security tool is a rogue virus which is self protective, thus it will prevent any antivirus from fonctionning.

You must kill the processes which the virus is presently running. If you don't it will keep reproducing the files for ever.

To kill the processes:

Download to your desktop and run Rogue Kill:

https://download.bleepingcomputer.com/grinler/rkill.com

5.You should now see a window that shows all of your desktop icons, including the rkill.com program. Now double-click on the rkill.com in order to automatically attempt to stop any processes associated with Security Tool and other Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by Security Tool when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Security Tool . So, please try running Rkill until malware is no longer running.

Please, DO NOT REBOOT your computer or the processes will come back to haunt you!

Download to your desktop Malwarebyte.

https://ccm.net/download/download-105-malwarebytes

Once on your desktop, we must still outwit the virus.

Right click on the MBAM icon and click on rename. Rename it Explorer.exe.

Install Malwarebyte and launch it. From the second tab, update it.

Pretty please, request a FULL system scan which should take more than hour. Once the scan is finish, delete all of item that were found.

Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.

This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.
It is better to go back to an infected restore point if something goes wrong then to not be able to undo changes that were damaging.

Once all this is completed, I always suggest to delete Malwarebyte as some people have reported that it may interfere with other antivirus applications.

Please let us know about the results which I am sure will be positive. This took me a lot of typing so if you don't give me feedback, I will cast a spell on your system.:)))

Regards
18
Thank you

A few words of thanks would be greatly appreciated. Add comment

CCM 2898 users have said thank you to us this month

Thanks really helped
Posts
48727
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
September 19, 2020
15,429
Corey

You are totally welcome! Pay to the next!
Hi, it took an hour and a half to allow me to get rkill up and working, I am still waiting for it to drop off to start up the malware, so far thankyou for you efforts and help, I was nearly in despair with bl%%%y security tool
Jen
Posts
48727
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
September 19, 2020
15,429
Good luck Gen
Did you boot in safe mode with networking before downloading?

Looking forward to hear from you
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 12/03/2011 at 23:23:42.
Operating System: Windows 7 Starter


Processes terminated by Rkill or while it was running:

C:\Users\Acer User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Acer User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Acer User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Acer User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Acer User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Acer User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Acer User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Acer User\AppData\Local\Google\Chrome\Application\chrome.exe
.exe


Rkill completed on 12/03/2011 at 23:23:56.
Posts
48727
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
September 19, 2020
15,429
Hello Homer,

Please run another Hyjackthis scan but do not request a log.

Once the scan is finished check the following items and once they are all checked click on fix checked and close Hyjackthis.

R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)

R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)

O2 - BHO: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)

O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll

O2 - BHO: (no name) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)

O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)

O3 - Toolbar: (no name) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)

O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - (no file)

O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)

O3 - Toolbar: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)

O3 - Toolbar: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)

O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll

Now see if you can run Rkill. If not, run Malwarebyte exactly as indicated on my April 9th post.

Let me know the results.

Regards
thx ill give it a try oh by the way do I run all this in safe mode or just normally?
Posts
48727
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
September 19, 2020
15,429
Safemode with networking would be much more efficient as some unwanted processes may not launch.
Good luck
ok went to safemode.....done the hijack run fixed the checked items, ran rkill and then full malware scan but I was trying to look for the on or off button for the system restore......i set up a restore point anyway.......restarted......went back to normal mode......but still that evil rogue reappeared.......damn!!!!!!! im sure I carried out every procedure as u said. should I take it in to get fixed by experts or is there still hope.......i prefer the latter myself....S.O.S guys........
Posts
48727
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
September 19, 2020
15,429
Dear Omer

The reason why the rogue reappeared is that the malicious process was not killed.

Hence and therefore, if you do not wish to throw you money through the window, you must get the Rkill to run.

When you reboot due as floory, quickly run Rkill before the evil process gets to boot. Desguise yourself as Quickdraw McGraw! It will work I know.

The technician will do the same for your money.
hallelujah.......its dead.......thx a million mate.......if I knew you id share this drink with you right now in celebration........thx very much......good has triumphed over evil....lol
ok did you use malwarebytes to remove the main infection so it don't come back again?
Thank you very much,

before I found this forum, I had no idea what to do,
thank you very very much because my computer is clean now.
Posts
48727
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
September 19, 2020
15,429
Hello Linda

Thank you for your feedback...pay to the next