System Tool 2011

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 261
First Seen: November 23, 2010
OS(es) Affected: Windows

System Tool 2011 Image

System Tool 2011 is an especially badly-made rogue anti-virus program. If you've seen this one active on a computer, you probably have noticed that by now. Nonetheless, System Tool 2011 is still a threat, and one that tries to steal money, so it should be taken seriously as an online threat.

What You Shoud Expect if You are Infected with System Tool 2011

In most ways, System Tool 2011 creates symptoms that are completely typical for fake anti-virus software. System Tool 2011 will alter the registry in order to start every time Windows starts. So when you start your computer, the first thing you see after it boots is this fake interface for System Tool 2011. This interface is where System Tool 2011 runs its fake little system scans, which always turn up a list of threats, which System Tool 2011 always says it can't remove unless you purchase its "full" version. None of these threats is actually present on the system; the con-artists behind System Tool 2011 are just trying to scare you into believing that you have to purchase their bogus program.

After the fake system scan, System Tool 2011 will cause very frequent pop-up alerts, which have some really amazingly bad content. Some of these alerts are very bland, and they say general things about some threat being detected on the system, and then they prompt you to purchase System Tool 2011. However, one of these alerts – with the longest text of any of them – has a whole paragraph that says that all kinds of personal and damaging information is stored on your computer and is at risk of being stolen, which, as a result, could "break your life." (It's full of spelling and grammatical errors, too.) Clearly, the crooks behind System Tool 2011 are trying to incite panic, so that you'll rush off to their payment site and give them your credit card number and pay money for System Tool 2011, after which they will give you absolutely nothing for that money.

In addition to these blatant scare tactics, System Tool 2011 can disrupt the normal functions of your computer by preventing you from running other applications. Usually, when you try to start another program, System Tool 2011 will shut it down with some lame message about the program in question being infected with a virus. You may be able to access Internet Explorer, but chances are, System Tool 2011 will just redirect you to its own malicious site.

How System Tool 2011 Spreads Across the Web

System Tool 2011 infections begin with a Trojan, usually. In general, what happens is that a Trojan that supports System Tool 2011 is hidden in some other thing that you download, and then once the Trojan is on board, it makes sure that System Tool 2011 gets installed. There are reports that one of the most common camouflaging methods for these Trojans is in fake Adobe Acrobat or Flash updates, downloaded from third-party sites. Of course, sometimes the presence of System Tool 2011 is the result of falling for a fake "free virus scan" on a malicious site, which downloads System Tool 2011, or pretends to scan for viruses and then claims that a download of System Tool 2011 is necessary in order to remove the threats it has found.

Where Does System Tool 2011 Come From?

System Tool 2011 is part of a family of rogue anti-virus applications, and the family has been around for a long time, in virus terms – since 2008. All of these fake programs support the same scam, which is Russian in origin. Some of the other rogue anti-virus applications in the same family are PC Tool 2011, System Tool, and System Tool 2.20, although the family is active and will almost certainly add new members. System Tool 2011 began causing infections in October and November of 2010.ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

SpyHunter Detects & Remove System Tool 2011

System Tool 2011 Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

File System Details

System Tool 2011 creates the following file(s):
# File Name MD5 Detections
1. pAkBd01819.exe 2d670614a7b41ab4a6ef0bbe4edc86ea 2
2. hOfPd01803.exe 3edf7137e715bfc18adf70614cdbcd37 2
3. jNlAe02900.exe 660a3161c5cad33fad99dfc7a44909fa 2
4. oKdNa01829.exe 746b737e810c1c1ae213a678c7e89bce 2
5. mIiCg01805.exe 36a65271dfec4405e54f37c0ef371c13 1
6. bCeLg01804.exe a656b3d5a88d1dd61e615c519c91b219 1
7. nEeEe01811.exe bb20613d81fb921d995475872dbe3f7f 1
8. jGfFk01843.exe 17c95d6acb856861ac2ea9d7197a5f6d 1
9. nNcKp01805.exe 0e236b9b4e005318e1885eaccdf71c11 1
10. aIgLa01819.exe bc54352a5912eb7c614c21b4d82ecb2c 1
11. dDlEd01803.exe 893b25e71c7dacee4a9a3a3b02f92d79 1
12. oEkGd01823.exe a9df67451944fac5e815898136a3feca 1
13. aPhEl02613.exe 75bed09b7177c37d93870f89336a8257 1
14. oNhFm03000.exe d0c9077e4ded4b0472afbf6541dcae5e 1
15. oOkFh01803.exe 57bc5d15f9dd622abd67618106dda221 1
16. kPcFe02900.exe 881d0f50890bcfc3c533add492a471ff 1
17. pIjCp03000.exe 75fe6f4e4f0c6736a4889e9826ec74eb 1
18. nMgPj01803.exe 2001362a06262efaa57232ef2adc6ce0 1
19. pFeFg01803.exe 6d93341782a6bfaaa876d1e6717c0c38 1
20. jMcBh01803.exe e8930375b355720b5047aca0db8e4c7e 1
21. oPjFm01804.exe 6062d192e945a06be453f89aeb61df2f 1
22. cAlJh03000.exe d3935f4781e0fee02742cc8ce3a4799e 1
23. cOnFp03000.exe b07d1314b34fd93d8f5ef9ce93aebfa4 1
24. lDlMb03000.exe e907ac83cf1141a59d678451b9051ab1 1
25. fEoLi01818.exe 97eb9470a715974ad87c64545a5b0dc5 1
26. fKiLp01804.exe 7f82f17d5d9697e89b6ac6933c485295 1
27. dPgKj01819.exe 3fd34f8b116bb0d5c9267bab6963d9cd 1
28. cNlGa01601.exe 8e1360e188ca0903bd05b020019c1ebf 1
29. hCfMl01834.exe 4c6b1ca8c32151c17b7c77ffa75e1c2c 1
More files


The following messages associated with System Tool 2011 were found:

WARNING!<br /> YOUR'RE IN DANGER!<br /> YOUR COMPUTER IS INFECTED WITH SPYWARE!<br /> <br /> ALL YOU DO WITH COMPUTER IS STORED FOREVER IN YOUR HARD DISK.<br /> WHEN YOU VISIT SITES, SEND EMAILS??? ALL YOUR ACTIONS ARE LOGGED. AND IT IS IMPOSSIBLE TO REMOVE THEM WITH STANDARD TOOLS. YOUR DATA IS STILL AVAILABLE FOR FORENSICS. AND IN SOME CASES<br /> <br /> FOR YOUR BOSS, YOUR FRIENDS, YOUR WIFE, YOUR CHILDREN<br /> Every site you or somebody or even something, like spyware, opened in your browsers, <br /> will all the images and all the downloaded and maybe later removed movies or mp3 songs -<br /> ARE STILL THERE and could break your life!


How the frigg do you delete it? It wont let me do anything! I had to go on my friends computer just to find out how to fix it. HELP PLEASE!!

im in the same position there is nothing i can do to remove this friggin thing!
wont let me open any programmed and computer shuts down every 10 mins or so

it wont let u do any thing

Well, I had AVG and it always popped up with an internet browser, which was functional. All of your files are infected? FAKE! They are NOT. Go to Start>All Programs and look for System Tools. Hurry now, you don't have long. DON'T restart your pc. Download this or whatever and remove it. Then install a genuine anti-virus. Tada! Your welcome :3

I got this wonderful virus yesterday night! God it was so friggin annoying, took me 3 hours to get the damn thing off!!! It doesn't let you run anything all programs are mostly blocked (the blue screen of death scared the crap out of me). Restart your comp, go to your boot setup menu, and restore your computer to an older timepoint from boot setup, then it should work. Once the timepoint recovered, then all your antivirus and everything else should work again. Immediately scan the whole comp, remove the damn thing, and you should be good to go. If you happen to have one of those antispyware bootable CDs, then u are in luck, cuz it will be easier to remove. GOOD LUCK!

I am very disappointed with this system Tools that nearly made me disposed off my computer. It is so annoying can't they be sued for this malicious act? i had important things to do but failed comleptely as anyone else. Please help I jsut wanted to get rid of this useless tool

I use XP and eventually got rid of System Tool by restarting in Safe Mode and then went to Systems Restore and restored to the date before the PC became effected and to date that appears to have worked

What a nightmare this is can't remove it can't find it had to go to safe mode to try and get it sorted


I suddenly have the bing bar appearing to my internet explorer. I had google chrome and want to stay with google chrome. What should I do? I've tried almost everything and still cannot get rid of that Bing bar

stacey stewart Reply

Have had mawlware on pc and android for about 2 years it was telling me it has been driving me crazy please help get it off


Most Viewed