Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Installs itself without permissions
  • Connects to the internet without permission
  • Shows commercial adverts
  • Slow internet connection
  • Annoying Pop-up's
  • Slow Computer

Online Protection Tool

Online Protection Tool is the latest PC threat one needs to watch out for. This particular threat is a fake warning pop-up message that is designed to resemble a legitimate Windows warning notification; however, it is entirely fictitious – with the sole aim of getting unsuspecting users to purchase the full version of Online Protection Tool. Should a user encounter this particular warning pop-up – chances are their system has been infiltrated with a Trojan infection.

Also referred to as OnlineprotectionTool, OnlineProtection Tool, Online ProtectionTool, this malware usually pops up while the user is browsing the internet.

Should the following warning message pop-up – then guaranteed – you have the Trojan infection affiliated with Online Protection Tool:

“Windows Internet Security
Your browser is under the threat of infection. Windows requires your permission to install online protection tool.
Your browser is run in unsafe mode. Running the protection mode will help you to keep your computer safe. Staying at the suspicious website is unsafe mode my lead to the loss of personal data and computer breakage. To run the web browser in protected mode windows requires installing the certified antivirus scanner software and online protection tool.
Name: online protection tool
Publisher: Microsoft windows”

The message above should be noted as being a fake message – and should the user receive this pop-up – they must be sure to realize that the pop-up is fake – and they should definitely NOT purchase Online Protection Tool!

Once the Trojan affiliated with Online Protection Tool is in a computer system, access to security websites may be blocked, and one may find that their browser will be redirected to malicious and advertising websites affiliated with Online Protection Tool.

The best thing to do would be to run a fully functional anti-spyware application in Safe Mode with Networking, as this particular virus is highly capable of blocking anti-spyware programs.

Why Safe Mode?
Well, when in Safe Mode, the computer system loads the least amount of drivers and components, thus allowing you to perform the many tasks needed to restore the system to its fully functional state.

One can boot in safe mode with networking, and without networking.
• Safe Mode without Networking:
To enable safe mode, simply press F8 (just before the Operating System’s loading screen appears) after the BIOS screen has disappeared. You will then be taken to an ‘Advanced Boot Options Menu’. You will then need to choose the safe mode you desire, by utilizing the arrow keys, once you are happy with your safe mode option, press enter.

• Safe Mode with Networking:
One should only use this mode if this functionality is required. To enable safe mode with networking, you follow the same steps as safe mode without networking, the only difference is you will need internet access.

All in all - should a user suspect their system has the Trojan infection embedded – due to the presence of the Online Protection Tool fake warning pop-up message, it is recommended to remove all malware and its affiliated components – as soon as possible!

Download Spyware Removal Tool to Remove* Online Protection Tool
  • Quick & tested solution for Online Protection Tool removal.
  • 100% Free Scan for Windows


  1. Debra G Mar 26, 2010

    What's the rationale for removing all malware and its affiliate components? Other forums are saying to install and run it.

  2. Dr Smithers Apr 1, 2010

    Ha ha ha. Poor Debra, you fool. I think you should send me $1000 because everyone said to. You have a lot to learn, miss gullable.

    There is nothing other than correcting your DNS servers. What they do is go in and rewite your dns setting to point to their servers which then create the popup and also keep you from going to internet security sites (anything really with "update" as the subdomain). It took me a few days to figure it out but I fixed it.

  3. Dr Smithers Apr 1, 2010

    rational for removing software....Funny. It's like saying "I have cancer, why do I want to get rid of it?"

  4. Dr Smithers Apr 1, 2010


Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.