Print the instructions in that tutorial and follow them step-by-step. (Do not download anything from the advertisements on that page.)
You will be using the Automated Removal Instructions for System Tool using Malwarebytes' Anti-Malware (about halfway down the page).
Those instructions will have you change some settings that were changed by the malware. You will be downloading and running two tools - both FREE: RKill and Malwarebytes Anti-Malware.
I can't thank you enough... I followed the link and my laptop is now free from that virus...my only problem was being unable to to download the HOSTS file using windows 7 link, I selected save target as, but when I went to the file I could not locate the etc folder, when I tried to force it I got an error message saying only the system administrator can change the setting...in any event I haven't seen any sign of the system tool virus since.. Thanks again very much!!!
no luck. I tried both ways and I keep getting the same error message about the administrator. since I already moved the host file I can't even try to copy it and then change it. I'm really at my wits end. Dell support said I can call paid support but I'm trying to hold off on that. Any other suggestions?
ok, I just restored my computer to an earlier date and my hosts are back. I don't want to have to deal with this again anytime soon. I thought i had McAfee protection but I don't think what came installed covers these types of issues. Since you have been so helpful can you point me in the direction of a good protection software I can get for my system? Thanks!
Here is my standard list of simple steps that you can take to reduce the chance of infection in the future.
If you have used Malwarebytes' Anti-Malware as part of your cleaning procedures, keep it updated and use it to scan every so often for malware, or upgrade to the paid version for realtime scanning and auto updating.
The following suggestions are general prevention and are not customized for your computer. You may have already taken some of these steps, and depending on your current security, you may not need to implement all of these:
1. Visit Microsoft Update: Make sure that you have all the Critical Updates recommended for your operating system, Office, and IE. The first defense against infection is a properly patched OS from Microsoft Update at update.microsoft.com. More info HERE.
2. Please use a firewall and realtime anti-virus. Keep the anti-virus software and firewall software up to date.. Run a complete system scan with your anti-virus at least once a week...preferably in Safe mode. If your anti-virus program is a paid/licensed version that is about to expire, you can consider removing it and using a free one such as: Microsoft Security Essentials AntiVir Personal Edition Classic Avast! Home Edition
If you prefer not to use the Windows Firewall, there are several of the freeware Firewalls available on the public domain.
3. Using an alternate browser can reduce your chance of certain infections installing themselves. You might consider installing Mozilla / Firefox. http://www.mozilla.com/en-US/
4. Do not use file sharing. Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However, this practice can make you vulnerable to data and identity theft. Even if you change those risky default settings to a safer configuration, the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.
5. Keep your software updated...make it easier on yourself and install the free security tool Secunia PSI .
6. If you have not already done so, you might want to install CCleaner and run it in each user's profile: http://www.ccleaner.com/ ** UNcheck the option to install the Yahoo toolbar that is checked by default for the Standard version, or download the toolbar-free versions (Slim or Basic) when given the option for those.
7. Web Of Trust , uses colored alerts to warn about risky websites warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
Red for Warning = STOP
Yellow for Use Caution
Green for Safe
Grey for Unknown
There is a Web Of Trust version for Firefox as well.
8. If you still wish to use Internet Explorer, please make sure you install SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html It will: Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software. Block spyware/tracking cookies in Internet Explorer and Mozilla Firefox. Restrict the actions of potentially unwanted sites in Internet Explorer. Tutorial here:http://www.bleepingcomputer.com/forums/tutorial49.html Periodically check for updates.
9. You might want to install Winpatrol. Winpatrol is heuristic protection program, meaning it looks for patterns in codes that work like malware. It also takes a snapshot of your system's critical resources and alerts you to any changes that may occur without you knowing. You can read more about Winpatrol's features here. You can download a free copy of Winpatrol or use the Plus version for more features. You can read Winpatrol's FAQ if you run into problems.
10. Many of us in the online security community have tried and tested programs to determine their abilities. Please remember that there is no guarantee regarding computer security. However, the available software, combined with the rest of these recommendations will contribute to helping your system running safely.
Here are some helpful articles: How did I get infected? HERE
I'm not pulling your leg, honest? by Sandi Hardmeier HERE
12. Check to be sure that you are not one of those people who is using a dangerously easy-to-guess password at websites requiring passwords. There is a good how-to video HERE.
Let us know if we have not resolved your problem. Happy and Safe Surfing!
Bugbatter
3 Apprentice
•
20.5K Posts
0
January 17th, 2011 17:00
This should remove it. If not, let us know.
http://www.bleepingcomputer.com/virus-removal/remove-system-tool
lisa67
2 Posts
0
January 17th, 2011 18:00
im not exactly sure what im supposed to do on that site :emotion-6:
Bugbatter
3 Apprentice
•
20.5K Posts
0
January 17th, 2011 18:00
Print the instructions in that tutorial and follow them step-by-step. (Do not download anything from the advertisements on that page.)
You will be using the Automated Removal Instructions for System Tool using Malwarebytes' Anti-Malware (about halfway down the page).
Those instructions will have you change some settings that were changed by the malware. You will be downloading and running two tools - both FREE: RKill and Malwarebytes Anti-Malware.
Chunks_
12 Posts
0
March 9th, 2011 06:00
Hi,
I found this link helpful in removing Fake system tool virus.
its been back out inforce after a advertising site was compromised and adverts with this program piggy backing were put on reputable sites.
teefriz
4 Posts
0
March 23rd, 2011 08:00
I can't thank you enough... I followed the link and my laptop is now free from that virus...my only problem was being unable to to download the HOSTS file using windows 7 link, I selected save target as, but when I went to the file I could not locate the etc folder, when I tried to force it I got an error message saying only the system administrator can change the setting...in any event I haven't seen any sign of the system tool virus since.. Thanks again very much!!!
Bugbatter
3 Apprentice
•
20.5K Posts
0
March 23rd, 2011 14:00
You're welcome, teefriz.
To reset your HOSTS to the Windows default (before the infection), try right-clicking on that file from Bleeping Computer >Run as Admiistrator.
If that does not work, here is a page with instructions and a Fix-It from Microsoft that you can click on:
http://www.ehow.com/how_7201987_restore-microsoft-hosts-files.html
teefriz
4 Posts
0
March 24th, 2011 08:00
....REMOVED the host file...
teefriz
4 Posts
0
March 24th, 2011 08:00
no luck. I tried both ways and I keep getting the same error message about the administrator. since I already moved the host file I can't even try to copy it and then change it. I'm really at my wits end. Dell support said I can call paid support but I'm trying to hold off on that. Any other suggestions?
teefriz
4 Posts
0
March 24th, 2011 09:00
ok, I just restored my computer to an earlier date and my hosts are back. I don't want to have to deal with this again anytime soon. I thought i had McAfee protection but I don't think what came installed covers these types of issues. Since you have been so helpful can you point me in the direction of a good protection software I can get for my system? Thanks!
Bugbatter
3 Apprentice
•
20.5K Posts
0
March 27th, 2011 11:00
When you restored, did you also restore the malware? :emotion-3:
Please see these pages for
LISTS OF FREE SECURITY SOFTWARE
FREE SECURITY SOFTWARE
Here is my standard list of simple steps that you can take to reduce the chance of infection in the future.
If you have used Malwarebytes' Anti-Malware as part of your cleaning procedures, keep it updated and use it to scan every so often for malware, or upgrade to the paid version for realtime scanning and auto updating.
The following suggestions are general prevention and are not customized for your computer. You may have already taken some of these steps, and depending on your current security, you may not need to implement all of these:
1. Visit Microsoft Update: Make sure that you have all the Critical Updates recommended for your operating system, Office, and IE. The first defense against infection is a properly patched OS from Microsoft Update at update.microsoft.com. More info HERE.
2. Please use a firewall and realtime anti-virus. Keep the anti-virus software and firewall software up to date.. Run a complete system scan with your anti-virus at least once a week...preferably in Safe mode.
If your anti-virus program is a paid/licensed version that is about to expire, you can consider removing it and using a free one such as:
Microsoft Security Essentials
AntiVir Personal Edition Classic
Avast! Home Edition
If you prefer not to use the Windows Firewall, there are several of the freeware Firewalls available on the public domain.
Please see this list for anti-virus, firewalls, and other FREE SECURITY SOFTWARE.
3. Using an alternate browser can reduce your chance of certain infections installing themselves. You might consider installing Mozilla / Firefox.
http://www.mozilla.com/en-US/
4. Do not use file sharing. Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However, this practice can make you vulnerable to data and identity theft. Even if you change those risky default settings to a safer configuration, the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.
5. Keep your software updated...make it easier on yourself and install the free security tool Secunia PSI .
6. If you have not already done so, you might want to install CCleaner and run it in each user's profile: http://www.ccleaner.com/ ** UNcheck the option to install the Yahoo toolbar that is checked by default for the Standard version, or download the toolbar-free versions (Slim or Basic) when given the option for those.
7. Web Of Trust , uses colored alerts to warn about risky websites warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
There is a Web Of Trust version for Firefox as well.
8. If you still wish to use Internet Explorer, please make sure you install SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html
It will:
Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
Block spyware/tracking cookies in Internet Explorer and Mozilla Firefox.
Restrict the actions of potentially unwanted sites in Internet Explorer.
Tutorial here:http://www.bleepingcomputer.com/forums/tutorial49.html
Periodically check for updates.
9. You might want to install Winpatrol. Winpatrol is heuristic protection program, meaning it looks for patterns in codes that work like malware. It also takes a snapshot of your system's critical resources and alerts you to any changes that may occur without you knowing. You can read more about Winpatrol's features here. You can download a free copy of Winpatrol or use the Plus version for more features.
You can read Winpatrol's FAQ if you run into problems.
10. Many of us in the online security community have tried and tested programs to determine their abilities. Please remember that there is no guarantee regarding computer security. However, the available software, combined with the rest of these recommendations will contribute to helping your system running safely.
Here are some helpful articles:
How did I get infected? HERE
I'm not pulling your leg, honest?
by Sandi Hardmeier HERE
11. If you use Social Media (Facebook, Twitter, etc.) you can stay informed at SpywareHammer's Forum for Social Media Security
12. Check to be sure that you are not one of those people who is using a dangerously easy-to-guess password at websites requiring passwords. There is a good how-to video HERE.
Let us know if we have not resolved your problem.
Happy and Safe Surfing!