System Tool or SystemTool is a rogue anti-spyware program that’s distributed via a Trojan and/or web pop-ups. The program is installed without the users knowledge. Once installed, the user will be alerted with false threats on the computer. In order to remove these false threats, the user will have to pay for a full license of the software. The program is also a browser hijacker that changes browser settings. The program will prevent a user from accessing other programs on the computer such as; security programs, task manager, registry editor and even system restore.
If you are infected by the Security Tool or System Tool, I have included 6 steps on how to remove this Rogue Security Program.
Tools needed
MalwareBytes – AntiMalware is a malware removal program.
RKill is a program developed at BleepingComputer.com that kills processes related to Security Tool.
hosts-perm.bat – System Tool changes the permissions of the HOSTS file so you can’t edit or delete it.
How to Remove System Tool or Security Tool
- Download MalwareBytes to your desktop and rename it to Explorer.exe as Security Tool blocks the program named MalwareBytes. If you can’t download files, try using another machine that’s not infected and saving the files to a flash drive or other storage device.
- Reboot your PC and hit F8 to run your computer in Safe Mode with Networking.
- Run RKILL to stop all background processes related to Security Tool.
- Launch MalwareBytes and run a (Full Scan) to remove infections.
- Delete the file called “Hosts” in C:\Windows\System32\Drivers\etc\HOSTS and add the default Hosts file (below) for your operating system in C:\Windows\System32\Drivers\etc\
- Reboot your computer.
a. Windows XP HOSTS File Download Link
b. Windows 7 HOSTS File Download Link
Your computer should be clean and working normal again.
For more detailed instructions, visit http://www.bleepingcomputer.com/virus-removal/remove-security-tool
Related Articles
E-Card Spam Loaded with Rogue Antivirus
Security Tool Downloads Via Fake Firefox Block Page
Security Tool Virus Spreads Via Fake Adobe Update
Security Tool Installs as a Firefox and Flash Update
Security Tool Virus Update and Removal
How to Remove Security Tool Virus
Frank J,
Thank you sooooo much for your steps. By following each step I was able to beat the System Tools Virus. Can you believe that Geek Squad was going to charge me $199.99 to do the same thing. I used the free version of Malware but I will probably purchase the whole version once my Norton has expired. Thank you. Thank you. Thank you.
Brandy,
It’s stories like this that give me the incentive to keep blogging. Thank you!
Frank, you are the best!
I have used your advise several times and it is working:D
Thank you
Anytime my friend. It really makes me happy when I can help someone through a security issue.
Help! getting desperate – have tried malwarebytes, spybot and others and cannot find or remove system tools. Have I really got to pay to get rid of this thing?
Gem,
You do not have to pay. If you follow these instructions it will remove System Tool 2011.
Dear Frank
Have got the System Tool virus but no very little about computers. Do you think it would be okay for me to attempt following instructions to get rid of Virus or could I make things worse. I know this is tricky question for you to answer but any help you could give me would be very much appreciated and you clearly know what you are talking about.
Very many thanks
Helen
Helen,
These instructions I provided are tested by me on my wife’s laptop and they worked flawlessly.
hello just one question what do u mean by run RKILL please help
Paul,
This will stop any processes associated with this rogue.
I’ve got the system tool virus and trying to do what you said to get rid of it but it isn’t letting me click on anything so cant load up Internet explorer to download this malwarebytes, what do I do??
Ryan,
Have you booted in Safe mode w/network? Please try that and launch FF or IE to download MBAM.
Hi,
For some reason I’m having a problem with number 5. I can delete the file and download it but when I am trying to save it, I can’t. I can go up to
C:\Windows\System32\Drivers but I can’t find the etc/ option
I have Google Chrome… is that the problem ?
Please help me out
Izabela
Frank,
I’ve got the wonderful systemtool virus on my computer. I cannot get my computer in safemode either with f8 or with msconfig through the run prompt. I have downloaded several anti spyware etc including malwarebytes and the system tool is not allowing anything to run. I barely can get my internet explorer to work. I did try re-naming the malware bytes to explorer.exe which i read on another website- but still no luck.
Any ideas?
Hey. My computer has been infected by this Tool program that is being discussed, but what I find odd is that so far, it has only affected one of the four user profiles that have been made on the computer. I haven’t tried getting rid of it yet, but isn’t it rather odd though that only one profile has been affected by the Tool program? A quick response would be appreciated. Thanks.
Kairu,
Not odd at all as this would be a separate profile only affecting that user.
Hi – please help…..I’m getting desperate!
I also have this virus but when I try to go into safe mode on start up(following the F8 method) I don’t get a safe mode option but the following:
Please select boot device
SM-NEC-DVD-RW MD 353A
PM-ST3160021A
Realtek boot agent
I have pre-installed Windows XP Home edition
Any help or advice would be fantastic, thanks!
thank you sooooo much frank!!!! youre amazing!!!!!!!
Van,
I am glad that it worked out for you! Kudos!