Remove System Tool – Fake Antivirus/Spyware Program
System tool is a fake anti spyware program that is designed to make you pay for what you think is a piece of software that will rid your computer of viruses and spyware. In fact what it’s actually doing is the following:
- Stops you from running any executable files on your computer including programs like office, antivirus installers and even programs like Microsoft paint!
- It shows false infection and error messages to make you think your system is infected
- Constantly pops up with its fake messages
- It may create pop-ups and re-direct your browser.
- There is no uninstallation process, so cannot be uninstalled.
- It may also hijack your desktop and display the image below
This is one of a family of fake anti spyware programs of which there are many here are a few variations:
- AntiVirus Live 2010
- Advanced Security Tool 2010.
- Home Personal Antivirus
- IE-Security, Security Central
- System Tool
- Win PC Defender
- Win PC Antivirus
- XP Deluxe Protector
- XP Police Antivirus
System Tools Removal guide
The System Tools program manifests itself in a random form. This means that the executable it uses will be made up of random characters
The program can be found in the following directories and will contain random characters:
- C:\Documents and Settings\All Users\Application Data\<randomcharacters>]\<randomcharacters>.exe
- C:\Documents and Settings\<user name>\Local Settings\Application Data\<randomcharacters>.exe
- C:\Documents and Settings\all users\Local Settings\Application Data\<randomcharacters>.exe
Windows Vista and 7
- C:\Users\<user name>\AppData\Local\<randomcharacters>.exe
- C:\Users\all users\\AppData\Local\<randomcharacters>.exe
When trying to remove the program from a computer i found its location to be c:\ProgramData\gLgGdDk08400\gLgGdDk08400.exe
So bareing in this in mind we can do the following to remove it (if at any time the program restricts you from one of these steps. Boot your computer into safe mode by pressing f8 when the computer just starts loading windows):
- Click the Windows button and open up my computer.
- Navigate and check each of the locations listed above to find where the program is running from.
- Locate the set of random characters which will be the fake program.
- Important - Make a note of its name - then Rename the file to Deletesoon (at this stage we rename just in case you havent identified the correct program. that way you can rename it back if there is any problems)
- Once renamed restart the computer. This will essentially stop the program from loading when the computer loads. if you have not renamed the correct item it will still load.
- Once the computer has loaded Click the Window button
- in the search box type regedit and press enter (we will be editing the registry. Any mistakes can cause irreversible damage, we take no responisibilty for any issue that may arise by following this).
- A new window will appear. Click on the menu edit and then click find.
- Type in the "random" characters you wrote down earlier with .exe on the end. In the case above i searched for gLgGdDk08400.exe. It found the file in the runonce section of a user profile. It may also appear in the run section on the local machine or any user profile. See image below.
- Once you have found the entry. Highlight the item in the right hand windows. Then press delete.
- Close the windows and restart
- navigate back to c:\ProgramData\ and delete the file that you renamed earlier to deletesoon.
To Finish off run a full spyware using malwarebytes and a virus scans using something like avg anti virus protection.
Tags: Remove system tools help, get rid of system tools, uninstall system tools, delete system tools protect your pc.