System Tool Antivirus is not a legitimate and Real Antivirus Program but itself a virus, more precisely a new kind of fake antivirus program from the same family of Security Tool. The only difference being the core files are modified a little bit and the name is changed to hide it's detection by legitimate Antivirus programs installed on your PC.
This program is distributed with the help of trojans. When the trojan is started, it will automatically download and install System Tool Antivirus onto your computer without your consent and knowledge and configure it to run when you start Windows.
When System Tool Antivirus is started, it will imitate a system scan and detect a lot of various infections that will not be fixed unless you first purchase the program.
Important to know, all of these reported infections are fake and don't actually exist on your computer! So you can safely ignore the scan results.While System Tool Antivirus is running, it will block the ability to run any programs as a method to scare you into thinking that your computer is infected with malware.
What is more, the rogue will flood your computer with warnings and fake security alerts. Some of the alerts:
- Warning!
Please activate your antivirus software.
- System Tool Warning
Click here to activate protection.
- System Tool Warning
Click here to remove them immediately with System Tool.
- Security Monitor: WARNING!
CLick Yes to download official intrusion detection system (IDS software).
- Warning: Your computer is infected
- Windows has detected spyware infection!
This infection will also change the background of your Windows desktop to display this
- Warning!
- Your're in Danger!
- Your Computer is infected with Spyware!
All you do with your computer is stored forever in your hard disk. When you visit sites, send emails. All your actions are logged. And it is impossible to remove them with standard tools. Your data is still available for forensics, and in some cases
For your boss, your friends, your wife, your children. Every site you or somebody or even something, like spyware, opened in your browsers, with all the images, and all the downloaded and maybe later removed movies or mp3 songs - ARE STILL THERE and could break your life!
- Secure yourself right now!
- Removal all spyware from your PC!
Of course, all of above warnings and alerts nothing more but a scam and like false scan results should be ignored!
As you can see System Tool Antivirus, is a scam that is designed with one purpose to trick you into purchasing the so-called full version. Do not fall for these virus creators bait into buying the Rogueware and if you already have, you should contact your credit card company and dispute the charges.
And now coming back on How to Get Rid of System Tool Antivirus, you need a solid program to fix the damages, the rogue has caused. It alters files, folders,permissions and registry keys.
So you need something as good as Reimage, to fix all the damages that was left behind, to delete all the traces completely to revive your PC from malicious trojans that may still reside and make your PC slow and to stop from getting re-infected.
When you try to fix this rogue, by running legitimate antivirus you encounter that app cannot be executed warning, task manager disabled, registry editing disabled etc..
So, in order to get rid of System Tool Antivirus completely, start your PC in safe mode with networking, If you can't run the IE, then you should as below.
Go to C:\Documents and Settings\UserProfile\Application Data. You can notice this system tool virus program as random.exe
"C:\Documents and Settings\All Users\Application Data\\.exe"
By default, this is C:\Documents and Settings\Application Data for Windows 2000/XP. For Windows Vista and Windows 7 it is C:\Users\AppData\Roaming or C:\Users\AppData\Local.
If you can`t run the IE, then you should repair the proxy settings of Internet Explorer. Run Internet Explorer, Click Tools -> Internet Options. Select Connections Tab and click to Lan Settings button. Uncheck "Use a proxy server" box. Click OK. Click Apply. Now Go to http://reimagepcrepair.com/ and run scan to fix System Tool Antivirus.
Reimage works by comparing each and every OS system files with the correct files from a web repository of 25 million Windows components. (since Reimage works by comparing with correct file, it can easily find the hiding rootkit, infact this is what a rootkit remover do dumps a list of files from your hard disk drive and compares it with the list from the recovery console in order to find a hiding virus) This is the sole reason you can get a PC as good as new once you run Reimage, all other antivirus and antimalware programs just delete the virus but they don't correct the damage which results in re-infection and slow performing PC.
Reimage first scans your computer thoroughly; all the files, folders, registry keys and values, drivers, softwares, stacks and then either repair or remove those stuffs that should be there. But it's not just that it does. They have an enormous web repository of application, drivers, system objects, etc. from where they compare your PC's files and if corrupted replace it with the healthy ones.
How to Get Rid of System Tool Virus?
Sort by: Subscribe by RSS
Jessica Morgan- 2012/01/09 20:07:30 pm
Great publish and blog! I don't have time to read every publish at this time however have book-marked it too as added your Nourishes, when I have time I'm going to be to discover more. Please continue the fantastic work.
xunting- 2011/12/03 13:07:02 pm
Advanced Registry Fix www.mustsoftware.com/Advanced-Registry-Fix-guide.html
xunting- 2011/12/03 13:06:36 pm
This Registry Fix is an extremely easy to use tool designed to safely scan and repair Windows Registry problems with a few simple mouse clicks! http://www.mustsoftware.com/Advanced-Registry-Fix-guide.html
Natali- 2011/05/06 19:12:24 pm
Hello friends,this is a nice site and I wanted to post a note to let you know, good job! Thanks
xavi kaka- 2011/03/24 20:33:29 pm
Hello friends,this is a nice site and I wanted to post a note to let you know, good job! Thanks Best regards, Natali, CEO of vmkernel iscsi
Ling He- 2011/03/18 15:58:27 pm
Nice Post ,thank you very much for sharing this with us ,well done !!!
jack- 2011/03/18 15:40:48 pm
that's very good !i like ! Mobile phones have become a necessary part and parcel of everyday life to facilitate mutual communication. In our online store, we sell cheap cell phones which are in high quality but at a low cost. Cheap phones can not only satisfy your communicative needs but also save your money. Replica cell phone is a kind of cheap phone which you can use as a wonderful gift-choice for anyone who wants to use wonderful products. Nowadays, everyone wants to have his or her own mobile phone which can be equipped with the latest technological advancements and whose systems can be easily updated. That is the very exact reason why we provide you desirable cheap phones at a relative low cost. Our store not only offers you the latest cheap phones but also guarantees reliable future after services. At this mobile phones shop , you also easily sort the products and get phones compared so that you can get what you desire, that is, cheap phones at low costs. We have been assuring that you can get cheap phones economically. Just have a look at our mobiles and hope you can get what you need.
Pete- 2011/03/15 08:10:41 am
simple!! win starting up going into desktop (ctl,alt,del) get into the taskbar now quick inly have seconds look for the file that has numbers ending with exe. end task done. I'm slow had to reboot 3 times. may ave to restore to and early date to be sure. (optional)
Steve- 2011/03/11 06:06:24 am
Excuse me, but it would seem fairly easy to track these A-holes down for prosecution, since they are asking for credit card info. Have there not been laws put in place for this sort of activity?
fedya- 2011/03/11 00:35:55 am
I don't realize - is it about a specila antivirus programm or what?
robot forx- 2011/02/18 18:01:25 pm
use kaspersky please. robot forex
robot forx- 2011/02/18 18:00:17 pm
Use Kaspersky.... [url=http://www.robotforex.org]robot forex[/url]
BrianG314- 2011/02/18 05:05:02 am
I followed all the steps described in the article, but Reimage did not detect the virus in the scan. Does anyone know how else I can get rid of this without doing a system restore? (I have files I do not want to lose). I also tried following the instructions others had posted but no luck. I have Windows Vista if that makes a difference. Suggestions?
Louisa M- 2011/02/11 19:43:06 pm
Hi, I nearly fell for this scam! All I did to get rid of it is start in safe mode then do a system restore and it seems to be working fine again. Thanks for all of the advice.
vivek gupta- 2011/02/07 13:29:30 pm
Thanks a lot for the information. My other computer is infected with this virus and was looking for this helpful info all over internet. your article has helped me a lot.
seminolesteve- 2011/01/29 05:49:04 am
it wont let me acess the internet can i buy acd rom to repair it
vicky- 2011/01/16 18:45:37 pm
alyas, followed your instructions and it worked ! thanks a million :)
ryu- 2011/01/04 19:15:10 pm
hey aliyas - i did what you did and it seems to have worked!! cant believe its that simple, i thought you were kidding. not a very good virus then in the 1st place if it can just be deleted like that. but i did delete something in the registry and also system restore, so it might be a combination of all 3 i dont know. anyway - i got it thru a firefox plug in i think so will have to be careful next time. glad i didnt pay any more for AV software in addition to the ones i have.....dont know who's worse, the virus creators or the AV software vendors.
alyas yossef- 2011/01/01 22:23:22 pm
my name isnt alisha and i sure didnt type that name but i did type the comment. i am broknsk8bored and wanted everyone to know that you dont have to do all that mess that was said at the top and u definitly dont have to spend money cause i didnt and the only anti-virus i have was free (PCtools) and when u have done wat im bout to tell u, run a scan but make sure you try to restore first. restore didnt work for me and neither did task manager when i ctrl, alt, delete cause the virus blocked it and almost everything else. im running windows 7 by the way but its simple, go to start, then computer, then to ur hard drive look in "ProgramData", u will see a folder with a wierd name, mine was "bAiLf06300" click and drag it to desktop to create a shortcut. restart pc in safe mode then open the folder u moved, delete the files, should be 2, send to recycle, do the same with the shortcut, then empty recycling bin and restart pc normally and ziiiing its done. u dnt have to buy maleware or anything. by the way it took me like 4 to 5 hrs to figure this out and it only takes 10 minutes to do it if u follow my directions. after i deleted the virus, i did a restore to get it back on my pc so i could go back through it, step by step, writing it down so that i may help someone else with the same problem, cause no one wants to buy more anti-virus crap when u already paid for one that works half a** as it is nor spend 5 hrs looking through files tryin to find hay in a needle stack. oh yeah and by the way ........ur welcome
alyas yossef- 2011/01/01 22:16:49 pm
You dont have to do all that mess that was said at the top and u definitly dont have to spend money cause i didnt and the only anti-virus i have was free (PCtools) and when u have done wat im bout to tell u, run a scan but make sure you try to restore first. restore didnt work for me and neither did task manager when i ctrl, alt, delete cause the virus blocked it and almost everything else. im running windows 7 by the way but its simple, go to start, then computer, then to ur hard drive look in "ProgramData", u will see a folder with a wierd name, mine was "bAiLf06300" click and drag it to desktop to create a shortcut. restart pc in safe mode then open the folder u moved, delete the files, should be 2, send to recycle, do the same with the shortcut, then empty recycling bin and restart pc normally and ziiiing its done. u dnt have to buy maleware or anything. by the way it took me like 4 to 5 hrs to figure this out and it only takes 10 minutes to do it if u follow my directions. after i deleted the virus, i did a restore to get it back on my pc so i could go back through it, step by step, writing it down so that i may help someone else with the same problem, cause no one wants to buy more anti-virus crap when u already paid for one that works half a** as it is nor spend 5 hrs looking through files tryin to find hay in a needle stack. oh yeah and by the way ........ur welcome
Elvis- 2011/01/01 13:24:21 pm
system restore who ever made that virus is a clown
Ashley- 2010/12/26 05:08:11 am
Okay, I have System Tool 2011 too, and I'm in safe mood. I got to . . . c:\Documents and Settings\All Users\ . . . But wait! I don't have a Application Data folder in my All User. I never have, I think. So my question is, what am I suppose to do now?
zhuliya line- 2010/12/21 09:05:32 am
Thanks for the tips
damonr- 2010/12/21 00:38:49 am
Hey Kevin...Thanks for the fix. I was having a horrible time with this system tool virus, I tried rebooting in safe mode to do a system restore but I kept getting "System Restore can't protect you...restart, try again" something like that...I went round & round and no avail. I tried to run sr.inf and that wouldn't even work. Finally, found your post - changed my wall paper, reboot into safemode and my system restore now is running and working. I think this is going to work.
Kevin- 2010/12/17 09:50:00 am
I got that annoying virus today off a link on facebook, as soon as i got it, it changed my wall paperand I immediately shut down my computer and went into safemode. I restored my computer back a month ago and once it was done and re started it was like nothing ever happened and system tool was totally gone
Charlie- 2010/12/14 19:21:04 pm
How I fixed this is I started up my PC in safe mode and deleted all of the files in the registry containing the random string of numbers in the .exe file.
Dylan Kowal- 2010/12/14 01:19:54 am
As soo as my background changed, and said i had a virus, i knew it was fake. I turned off my computer immediately, and started up in safe mode. From there I used a system restore and its gone now. Hope that could help any future infecties.
Dylan Kowal- 2010/12/14 01:15:27 am
Thanks much for this info! You saved my computer!