HELP!! Last night my companion picked up a application called "SYSTEM TOOLS" This has taken over my computer. It won't let me delete it, It won't let me restore the system, It took me 15 minutes to get this far. It wants 45$ and I'm dammed if I'll be blackmailed into buying it. Every few minutes there's pop-ups asking me to putchase.
I can't work the plumbing page or pay bills. How do I get this application off my computer? Thanks, Tom

Is it this?
http://www.softsailor.com/wp-content/uploads/2009/10/Security-Tool-Virus-550x408.jpg

Security Tool as mentioned above I have seen and dealt with.
Can be a real Pain, won't let you restore, no control Panel, no internet explorer, and bad process keep starting up.
You don't want to pay them, they want your Credit Card Number, not $45.
If it is Security Tool, I have fixed the last 9 out of 9. It is Tricky, may be able to help.
Did it also eleminate your Run Command?

Is it this?
http://www.softsailor.com/wp-content/uploads/2009/10/Security-Tool-Virus-550x408.jpg

Yes! That's the unwanted application.

If you can get the Malware Bytes (http://www.malwarebytes.org/mbam.php) tool from another computer (on a USB key) and boot into Safe Mode and install and run it you might get lucky.

Need the answers to the above questions, At the Run Command, does msconfig work?

Security Tool as mentioned above I have seen and dealt with.
Can be a real Pain, wont let you restore, no control Panel, no internet explorer, and bad process keep starting up.
You don't want to pay them, they want your Credit Card Number, not $45.
If it is Security Tool, I have fixed the last 9 out of 9. It is Tricky, may be able to help.
Did it also eleminate your Run Command?
I don't know how to access run command. It's SYSTEM TOOLS all right.
How can I get it gone? Thanks for any assistance, Tom

What happens when you press the windows and R button?
Or Start, All Programs, Accessories, then Run, then in the run box type msconfig, turn off all start programs that are not Microsoft, then I would Download MBAM from www.malwarebytes.org , get updates and try installing in safe mode. You may have to download on a disc from another computer, and boot from CD in BIOS.
After all damage has been removed, you will likely have to go to Tools, Internet options, LAN, the select Automatically detect settings, Disable the proxy settings it setup.

Tom, I hate to go right now, will be back later, good luck for now.

It will allow me to access MSConfig.
I have Malwarebytes installed but it won't let me open it.

In msconfig did you select startup programs and uncheck all that are NOT Microsoft?
Did you try in safe mode?

Doing all the work in Safe Mode is important. Not all startup processes appear in msconfig and that nasty bit of malware, if running, will block access to a lot of areas you would use to remove it.

It seems to have left as fast as it appeared. Is this normsl or is it hiding somewhere only to pop up again? Cheers, Tom

I would now open MBAM and Update, then scan again, then go to do Microsofts Security Essientials, then update, then scan. If those 2 are clean, I feel you are pretty good to go. Did you do anything before it just started working again?

Did you do anything before it just started working again?
No! I just clicked on a application and it came up. That's when I clicked on the Security Tool File in my C drive. Before it wouldn't let me delete it. When I clicked on the folder it was empty.
Security Tool had evidently deleted itself. I scanned the hell out of the system after that and it came up clean.
Very strange! And your thoughts? Thanks for your help. Tom

Good Deal, Its odd they didn't find anything. There is usually some registry changes. Keep your fingers crossed.
Did you have to check the box "Automatically detect Settings"
Did you also install Microsoft Security Essentials? It seems like this from Microsoft works.

Did you have to check the box "Automatically detect Settings" No! It just deleted itself.

Did you also install Microsoft Security Essentials?
I already have it installed. Thanks again, Tom

Strange, you could scan your hard drive including hidden files and foldes and look for securitytool ?
Or don't even worry about it.
Glad your back going.

Here is some info if you want to understand what it does a little better:
Remove Security Tool and SecurityTool (Uninstall Guide) (http://www.bleepingcomputer.com/virus-removal/remove-security-tool)
You will notice 10 digit number in the regestry files as well.

Hello, this is what I did when I got System tools rogue.

Reboot your computer in Safe mode with networking
Stop SYSTEM TOOLS through Task Manager
Remove all the files associated with SYSTEM TOOLS in the directory of Temp in Local Settings.
Search all the files associated with it and delete them.
Remove the registry entries generated by SYSTEM TOOLS


If you have problems finding the files or registry entries which have to be deleted read this Removal Guide. (http://www.pcthreat.com/parasitebyid-15631en.html)