2012 Update: there are new versions of this tool called: System Tool 2011 and System Tool 2012.
System Tool is a rogue security program from the same family as Security Tool. It pretends to be a legitimate antivirus program, but actually it is nothing more but a scam which may also be called System Tool 2011 or System Tool 2.20. The rogue program is distributed through the use of fake online scanners, bogus websites and other malicious software. Once installed, it will pretend to scan your computer for malware and then it will state that your computer is infected with spyware, adware, Trojans and other viruses. Finally, it will prompt you to pay for a full version of the program to remove supposedly found infections from your computer. It uses the same payment pages as Security Tool virus. Don't pay for this rogue program. It won't protect your computer. Instead, please remove System Tool 2011 from your computer immediately. Please use the removal instructions outlined below. You can choose to remove this virus manually or using an automatic System Tool removal tool.
SystemTool 2011 scareware is a very annoying rogue program because it displays fake security alerts and popups like every one or two minutes. What is more, it will block nearly all programs on your computer claiming that they are infected with some sort of malware. The fake error message reads:
Application cannot be executed. The file cmd.exe is infected.
Please activate your antivirus software.
It will constantly display fake security warnings about serious security and privacy problems. It will even state that your files can be deleted or your credit card information can be stolen. That's not true. System is a just another rogue, it won't delete your files. Don't worry. The text of these messages include:
System Tool Warning
Your PC is infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
Click here to activate protection.
System Tool Warning
Intercepting programs that may compromise your private and harm your system have been detected on your PC.
Click here to remove them immediately with System Tool.
Security Monitor: WARNING!
Attention: System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk. To get rid of unwanted spyware and keep your computer safe you need to update your current security software.
CLick Yes to download official intrusion detection system (IDS software).
Last, but not least, it will change the background of your dekstop with its own which states that your computer is infected with spyware. The text of the fake background image:
Your're in Danger!
Your Computer is infected with Spyware!
All you do with your computer is stored forever in your hard disk. When you visit sites, send emails... All your actions are logged. And it is impossible to remove them with standard tools. Your data is still available for forensics, and in some cases
For your boss, your friends, your wife, your children. Every site you or somebody or even something, like spyware, opened in your browsers, with all the images, and all the downloaded and maybe later removed movies or mp3 songs - ARE STILL THERE and could break your life!
Secure yourself right now!
Removal all spyware from your PC!
As you can see, System Tool 2011 is yet another rogue scam. Don't trust it. If you find that your computer has been infected with this rogue program then please uninstall System Tool from your computer as soon as possible. If you have already purchased it, then you should contact your credit card company and dispute the charges. Then, please follow the removal instructions below. Note, that you will have to reboot your computer in safe mode with networking in order to be able to download the automatic removal tool because System blocks legitimate malware removal tools in normal mode.
Related files: [random].exe
System Tool properties
• Changes browser settings
• Shows commercial adverts
• Connects itself to the internet
• Stays resident in background
It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
and Agreement of Use
System Tool manual removal:
Delete registry values:
C:Documents and SettingsAll UsersApplication Data[random]