If malwarebytes does not detect System Tool try updating it or use different programs: Spyware Doctor, Superantispyware, combofix, hitman pro. There are multiple choices.

Additionally, some of the keys that disable System Tool are known: http://www.2-viruses.com/remove-system-tool . They disable majority of popups and you have more options for programs that can remove this malware.

Best thing to do is go to a clean computer and search for a program called ComboFix. Save it to a USB stick or something that you can open it up, it will get rid of the virus/trojan. If not, go into Safe Mode using Networking and download the program locally on the infected PC. Good luck and keep us posted.

if it is "System Tools 2011" I have deleted it using malware bytes in safe mode with networking, safe mode the trojan hasn't had time to bootup and I had to download malware bytes in safe mode, then restart and scan again with anti malware in normal mode and anti virus, advise you AV provider as they may not be up to speed on it, if you running freeware that is why you got infected, If purchased let you AV providere remove as their program failed you?

The program called system lock that was downloaded is called scareware. Scareware is a program that can be downloaded without permission to make you think your computer is infected and makes you buy a program that is not truly a program. but don't worry I will give you steps on how to get rid of it:



System Lock or sometimes advertised as System Lock 2011 is a virus that will disguise as a computer security and utility program. But in reality, System Lock was created in the same manner as System Tool was developed. To earn a profit for its programmers, this unwanted application will invade a computer and performs malicious actions such as exhibiting of fake warning messages to scare users. Afterwords, a prompt to purchase the registered version of System Lock will be provided as the last and only solution to remove imaginary threats on the computer.

Instead of getting and spending money for this useless and non-operational security application, security experts advised to immediately remove System Lock before it can cause more damage on the compromised system. While still residing on the PC, it will attempt to connect to a remote hosts to download additional threats to amplify itself. Anti-virus programs can be disabled, Internet access will be blocked and worst, it will slow down overall system performance of the system. Remove System Lock in an instant with the procedure provided on this page and bring back the computer to its previously clean and hassle-free operation.



Alias: System Lock 2011



Damage Level: Medium



Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7



System Lock Removal Procedures

Manual Removal:

1. Stop System Lock process by pressing Ctrl+Alt+Del. Windows Task Manager will open. Look for the following process:

(random characters).exe



2. Update your installed anti-virus program.

3. Run a full system scan and clean/delete all detected infected file(s). A manual removal of virus-related files should also be performed.

4. Edit Windows registry and delete System Lock entries as shown below. [how to edit registry]

5. Exit registry editor.

6. Remove System Lock start-up entry by going to Start > Run, type msconfig on the “Open” dialog box. System Configuration Utility will open. Go to Startup tab and uncheck the following Startup item(s):

(random characters).exe



7. Click Apply and restart the computer.



System Lock Removal Tool:

In order to completely remove the threat from a computer, it is best to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected computer.



Online Virus Scanner:

Another way to remove a virus from a computer without the need to install additional anti-virus application is to perform a thorough scan with free Online Virus Scanner that can be found on websites of legitimate computer security provider.



Technical Details and Additional Information:

Some of the annoying and fake messages to be displayed on the screen are:



Warning!

Your’re in Danger!

Your Computer is infected with Spyware!



Warning: Your computer is infected

Windows has detected spyware infection!

Click this message to install the last update of Windows security software…



Malicious Files Added by System Lock:

%AppData%\[random]\

%AppData%\[random]\[random]

%AppData%\[random]\[random].exe

- AppData is located either in the following:

C:\Documents and Settings\[username]\Application Data

C:\Users\[username\AppData

C:\ProgramData



System Lock Registry Entries:

KEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "[random]“

open task manager and look under processes, look for the one that looks like it might be the trojan and turn it off, this may work, if not i suggest a hammer, they work 99% of the time