Wednesday 16 March 2011

How to remove security tool virus in 4 simple steps

Hi all,

Today we will try and help you remove the system tool virus. There are quite few topics online telling you how to remove it and they all say near enough the similar things. One thing is for sure it is a very dengerous virus and must be removed as soon as possible.
Now this virus pretends to be a virus program it self and pops up with fake messages telling you that it has found lots of viruses and if you want to remove it you must go to the website and purchase the anti-virus software. Please do not fall for this. Some of the messages that pop up from the task bar are:


  • Your PC is infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.Click here to activate protection.


  • Intercepting programs that may compromise your private and harm your system have been detected on your PC. Click here to remove them immediately with System Tool.


  • Attention: System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk. To get rid of unwanted spyware and keep your computer safe you need to update your current security software. CLick Yes to download official intrusion detection system (IDS software).
  • Warning: Your computer is infected
  • Windows has detected spyware infection!
  • Click this message to install the last update of Windows security software…
None of the error messages above is true other then you are actually infected.
One thing that most of the other sites haven’t mentioned is that it disables your anti-virus program or may be we should say it stops it from running.
How To Remove this Virus.

You must do this at your own risk. Sometimes removing viruses can result in your computer or laptop not booting. This is caused by deleting an infected windows file from your computer.

Step 1 is to start your computer in safe mode with networking.This can be done by pressing the F8 key repeatedly soon as you switch on you computer and laptop. On some machines it might bring up the boot menu instead but after selecting the first option continue to press F8 and you will get to the menu where you will find boot in safe mode with networking.

Step 2 is to open internet explorer or firefox or even any other browser that you may be using on your machine. Check to see if you have access to the internet. If you have go to our main site at http://www.1stcomputerrepairshop.com and on the left hand side under useful links click and download Malwarebytes. If you do not have access to internet go to your internet options under control panel. You can also access your internet under internet explorer by clicking on tools. Once in internet options go to the connections tab then click on LAN setting. Start to un-check all the boxes starting from the last one to the top. This should allow you access to internet.

Step 3 is to install Malwarebytes and update it to the latest database version. Once you have the latest updates you can do a quick scan but we would recommend a full scan or do a quick scan which will remove this security tool virus and leave it to run a full scan when you have more time.

Step 4 is the not the most important but can be very crucial. After the first 3 steps you will now be able to restart and log on normally and have access to all your programs and files but when you on the internet you might get diverted to other sites and end up with the virus again unless you complete this
 step 4. Now you need to get to your HOSTS file. On Windows XP C:\Windows\System32\Drivers\etc\HOSTS and on VISTA and Windows 7 is at C:\Windows\System32\Drivers\etc . Open your HOSTS file in notepad or wordpad and it should look like this or similar. We only looking at lines with out the “#” at the beginning.

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

If there is any other ip addresses like 127.0.0.1 going any where else other then localhost delete them or any other ip addresses going any where just delete them.

Thanks for reading and hope this 4 simple steps will help you get rid of your system tool virus. GOOD LUCK. Worst case scenario check our website http://www.1stcomputerrepairshop.com  to see if we cover your area and we can send out one of our engineers to fix all your problems.

1 comment: