System Tool

Posted: October 22, 2010

System Tool Description

System Tool's mild pink interface is simply a cover thrown over a rogue security product that can do serious harm to your computer. The System Tool rogue security product survives by pretending to be something System Tool is not – a useful security program. Instead of finding infections and deleting them, though, System Tool actually causes problems and makes up infections without even trying to look for real ones! Friendly appearance aside, System Tool is a real danger to any computer System Tool resides on, so consider a quick deletion and above all else avoid paying for this malignant software.

What This Not So Cute Infection Is Doing on Your Machine

The only point to System Tool's very existence is firstly to convince you that your computer is teetering at the very edge of self-destruction, and secondly to bully you into giving the crooks who designed System Tool your money and personal info. This is mostly done through the usual rogue security program snares of infection and error message pop-ups. Depending on the system, System Tool may issue these warnings very often or somewhat less frequently, but in all cases, the actual content is pre-programmed and not an accurate analysis of your computer. You can see some common messages System Tool uses below:

System Tool Warning
Your PC is infected with dangerous viruses. Activate anti-virus protection to prevent data loss and avoid the theft of your credit card details.
Click here to activate protection.

Warning: Your computer is infected
Windows has detected spyware infection!
Click this message to install the last update of Windows security software...

Security Monitor: WARNING!
Attention: System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk. To get rid of unwanted spyware and keep your computer safe you need to update your current security software.
Click Yes to download official intrusion detection system (IDS software).

System Tool Warning
Intercepting programs that may compromise your private and harm your system have been detected on your PC.
Click here to remove them immediately with System Tool.

There's no real harm in these messages other than the annoyance they cause, provided you don't give in to System Tool's pleas for your money. Even your desktop is changed to match, with a shrill and rather hilarious warning about spyware, but this purely aesthetic threat is of little concern as far as rogue security product attacks go.

Repelling This Obnoxious Rogue Attacker

Your first thought on seeing the System Tool infection might be to run a good security program that will do in reality what System Tool claims to do. This will more often than not result in the following error:

Warning!
Application cannot be executed. The file cmd.exe is infected.
Please activate your anti-virus software.

At this point, System Tool has crashed your security program to prevent System Tool's own deletion, so you'll have to use harsher measures. In most cases, Safe Mode will keep System Tool and similar rogue security programs from running; after that, you can perform a scan and deletion maneuver without any further resistance. If necessary, you can locate the infected files yourself, since they're usually in the All Users\Application Data sub folder of the Documents and Settings folder.

System Tool is also known by other names, such as System Tool 2011 and System Tool 2.20 and is related to other rogue security programs such as Live Security Platinum and Security Shield 2012. If you value your computer's safety (as well as your sanity), you'll want to delete these System Tool twins with just as much force as you would use on the original.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %AppData%\5648541024
    2 %AppData%\5648541024\5648541024.bat
    3 %AppData%\5648541024\5648541024.cfg
    4 %AppData%\5648541024\5648541024.exe
    5 %UserProfile%\Desktop\System Tool.lnk
    6 %UserProfile%\Start Menu\Programs\System Tool.lnk
    7 [RANDOM CHARACTERS].exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\System ToolKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Once "[RANDOM CHARACTERS]"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "5648541024"

Additional Information on System Tool

  • The following messages's were detected:
    # Message
    1 System Tool Warning
    Intercepting programs that may compromise your private and harm your system have been detected on your PC.
    Click here to remove them immediately with System Tool.
    2 System Tool Warning
    Your PC is infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
    Click here to activate protection.
    3 Warning!
    Application cannot be executed. The file cmd.exe is infected.
    Please activate your antivirus software.
    4 Warning!
    Your're in Danger!
    Your Computer is infected with Spyware!

    All you do with your computer is stored forever in your hard disk. When you visit sites, send emails... All your actions are logged. And it is impossible to remove them with standard tools. Your data is still available for forensics, and in some cases

    For your boss, your friends, your wife, your children. Every site you or somebody or even something, like spyware, opened in your browsers, with all the images, and all the downloaded and maybe later removed movies or mp3 songs - ARE STILL THERE and could break your life!

    Secure yourself right now!
    Removal all spyware from your PC!

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to System Tool may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Related Posts

4 Comments

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.