System Tool 2011 Description
System Tool 2011 is an especially badly-made rogue anti-virus program. If you've seen this one active on a computer, you probably have noticed that by now. Nonetheless, System Tool 2011 is still a threat, and one that tries to steal money, so it should be taken seriously as an online threat.
What You Shoud Expect if You are Infected with System Tool 2011
In most ways, System Tool 2011 creates symptoms that are completely typical for fake anti-virus software. System Tool 2011 will alter the registry in order to start every time Windows starts. So when you start your computer, the first thing you see after it boots is this fake interface for System Tool 2011. This interface is where System Tool 2011 runs its fake little system scans, which always turn up a list of threats, which System Tool 2011 always says it can't remove unless you purchase its "full" version. None of these threats is actually present on the system; the con-artists behind System Tool 2011 are just trying to scare you into believing that you have to purchase their bogus program.
After the fake system scan, System Tool 2011 will cause very frequent pop-up alerts, which have some really amazingly bad content. Some of these alerts are very bland, and they say general things about some threat being detected on the system, and then they prompt you to purchase System Tool 2011. However, one of these alerts – with the longest text of any of them – has a whole paragraph that says that all kinds of personal and damaging information is stored on your computer and is at risk of being stolen, which, as a result, could “break your life.” (It's full of spelling and grammatical errors, too.) Clearly, the crooks behind System Tool 2011 are trying to incite panic, so that you'll rush off to their payment site and give them your credit card number and pay money for System Tool 2011, after which they will give you absolutely nothing for that money.
In addition to these blatant scare tactics, System Tool 2011 can disrupt the normal functions of your computer by preventing you from running other applications. Usually, when you try to start another program, System Tool 2011 will shut it down with some lame message about the program in question being infected with a virus. You may be able to access Internet Explorer, but chances are, System Tool 2011 will just redirect you to its own malicious site.
How System Tool 2011 Spreads Across the Web
System Tool 2011 infections begin with a Trojan, usually. In general, what happens is that a Trojan that supports System Tool 2011 is hidden in some other thing that you download, and then once the Trojan is on board, it makes sure that System Tool 2011 gets installed. There are reports that one of the most common camouflaging methods for these Trojans is in fake Adobe Acrobat or Flash updates, downloaded from third-party sites. Of course, sometimes the presence of System Tool 2011 is the result of falling for a fake "free virus scan" on a malicious site, which downloads System Tool 2011, or pretends to scan for viruses and then claims that a download of System Tool 2011 is necessary in order to remove the threats it has found.
Where Does System Tool 2011 Come From?
System Tool 2011 is part of a family of rogue anti-virus applications, and the family has been around for a long time, in virus terms – since 2008. All of these fake programs support the same scam, which is Russian in origin. Some of the other rogue anti-virus applications in the same family are PC Tool 2011, System Tool, and System Tool 2.20, although the family is active and will almost certainly add new members. System Tool 2011 began causing infections in October and November of 2010.
Technical Information
Screenshots & Other Imagery
System Tool 2011 Video
File System Details
| # | File Name | Size | MD5 | Detection Count |
|---|---|---|---|---|
| 1 | %ALLUSERSPROFILE%\pAkBd01819\pAkBd01819.exe | 466,432 | 2d670614a7b41ab4a6ef0bbe4edc86ea | 2 |
| 2 | %ALLUSERSPROFILE%\Application Data\hOfPd01803\hOfPd01803.exe | 466,432 | 3edf7137e715bfc18adf70614cdbcd37 | 2 |
| 3 | %ALLUSERSPROFILE%\Application Data\jNlAe02900\jNlAe02900.exe | 466,432 | 660a3161c5cad33fad99dfc7a44909fa | 2 |
| 4 | %ALLUSERSPROFILE%\oKdNa01829\oKdNa01829.exe | 466,432 | 746b737e810c1c1ae213a678c7e89bce | 2 |
| 5 | %ALLUSERSPROFILE%\mIiCg01805\mIiCg01805.exe | 790,016 | 36a65271dfec4405e54f37c0ef371c13 | 1 |
| 6 | %ALLUSERSPROFILE%\Application Data\bCeLg01804\bCeLg01804.exe | 466,432 | a656b3d5a88d1dd61e615c519c91b219 | 1 |
| 7 | %ALLUSERSPROFILE%\nEeEe01811\nEeEe01811.exe | 466,432 | bb20613d81fb921d995475872dbe3f7f | 1 |
| 8 | %ALLUSERSPROFILE%\jGfFk01843\jGfFk01843.exe | 466,432 | 17c95d6acb856861ac2ea9d7197a5f6d | 1 |
| 9 | %ALLUSERSPROFILE%\nNcKp01805\nNcKp01805.exe | 466,432 | 0e236b9b4e005318e1885eaccdf71c11 | 1 |
| 10 | %ALLUSERSPROFILE%\aIgLa01819\aIgLa01819.exe | 466,432 | bc54352a5912eb7c614c21b4d82ecb2c | 1 |
| 11 | %ALLUSERSPROFILE%\Application Data\dDlEd01803\dDlEd01803.exe | 466,432 | 893b25e71c7dacee4a9a3a3b02f92d79 | 1 |
| 12 | %ALLUSERSPROFILE%\oEkGd01823\oEkGd01823.exe | 466,432 | a9df67451944fac5e815898136a3feca | 1 |
| 13 | %ALLUSERSPROFILE%\aPhEl02613\aPhEl02613.exe | 466,432 | 75bed09b7177c37d93870f89336a8257 | 1 |
| 14 | %ALLUSERSPROFILE%\oNhFm03000\oNhFm03000.exe | 466,432 | d0c9077e4ded4b0472afbf6541dcae5e | 1 |
| 15 | %ALLUSERSPROFILE%\oOkFh01803\oOkFh01803.exe | 466,432 | 57bc5d15f9dd622abd67618106dda221 | 1 |
| 16 | %ALLUSERSPROFILE%\kPcFe02900\kPcFe02900.exe | 466,432 | 881d0f50890bcfc3c533add492a471ff | 1 |
| 17 | %ALLUSERSPROFILE%\pIjCp03000\pIjCp03000.exe | 466,432 | 75fe6f4e4f0c6736a4889e9826ec74eb | 1 |
| 18 | %ALLUSERSPROFILE%\nMgPj01803\nMgPj01803.exe | 466,432 | 2001362a06262efaa57232ef2adc6ce0 | 1 |
| 19 | %ALLUSERSPROFILE%\Application Data\pFeFg01803\pFeFg01803.exe | 466,432 | 6d93341782a6bfaaa876d1e6717c0c38 | 1 |
| 20 | %ALLUSERSPROFILE%\jMcBh01803\jMcBh01803.exe | 466,432 | e8930375b355720b5047aca0db8e4c7e | 1 |
| 21 | %ALLUSERSPROFILE%\oPjFm01804\oPjFm01804.exe | 466,432 | 6062d192e945a06be453f89aeb61df2f | 1 |
| 22 | %ALLUSERSPROFILE%\cAlJh03000\cAlJh03000.exe | 466,432 | d3935f4781e0fee02742cc8ce3a4799e | 1 |
| 23 | %ALLUSERSPROFILE%\cOnFp03000\cOnFp03000.exe | 466,432 | b07d1314b34fd93d8f5ef9ce93aebfa4 | 1 |
| 24 | %ALLUSERSPROFILE%\lDlMb03000\lDlMb03000.exe | 466,432 | e907ac83cf1141a59d678451b9051ab1 | 1 |
| 25 | %ALLUSERSPROFILE%\fEoLi01818\fEoLi01818.exe | 466,432 | 97eb9470a715974ad87c64545a5b0dc5 | 1 |
| 26 | %ALLUSERSPROFILE%\fKiLp01804\fKiLp01804.exe | 466,432 | 7f82f17d5d9697e89b6ac6933c485295 | 1 |
| 27 | %ALLUSERSPROFILE%\dPgKj01819\dPgKj01819.exe | 466,432 | 3fd34f8b116bb0d5c9267bab6963d9cd | 1 |
| 28 | %ALLUSERSPROFILE%\cNlGa01601\cNlGa01601.exe | 466,432 | 8e1360e188ca0903bd05b020019c1ebf | 1 |
| 29 | %ALLUSERSPROFILE%\hCfMl01834\hCfMl01834.exe | 466,432 | 4c6b1ca8c32151c17b7c77ffa75e1c2c | 1 |
More Details on System Tool 2011
| WARNING! YOUR'RE IN DANGER! YOUR COMPUTER IS INFECTED WITH SPYWARE! ALL YOU DO WITH COMPUTER IS STORED FOREVER IN YOUR HARD DISK. WHEN YOU VISIT SITES, SEND EMAILS??? ALL YOUR ACTIONS ARE LOGGED. AND IT IS IMPOSSIBLE TO REMOVE THEM WITH STANDARD TOOLS. YOUR DATA IS STILL AVAILABLE FOR FORENSICS. AND IN SOME CASES FOR YOUR BOSS, YOUR FRIENDS, YOUR WIFE, YOUR CHILDREN Every site you or somebody or even something, like spyware, opened in your browsers, will all the images and all the downloaded and maybe later removed movies or mp3 songs - ARE STILL THERE and could break your life! |
Site Disclaimer
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.
TrustScore 4.4 | See all 49 Reviews on 
Trustpilot.
How the frigg do you delete it? It wont let me do anything! I had to go on my friends computer just to find out how to fix it. HELP PLEASE!!
im in the same position there is nothing i can do to remove this friggin thing!
wont let me open any programmed and computer shuts down every 10 mins or so
it wont let u do any thing
Well, I had AVG and it always popped up with an internet browser, which was functional. All of your files are infected? FAKE! They are NOT. Go to Start>All Programs and look for System Tools. Hurry now, you don't have long. DON'T restart your pc. Download this or whatever and remove it. Then install a genuine anti-virus. Tada! Your welcome :3
I got this wonderful virus yesterday night! God it was so friggin annoying, took me 3 hours to get the damn thing off!!! It doesn't let you run anything all programs are mostly blocked (the blue screen of death scared the crap out of me). Restart your comp, go to your boot setup menu, and restore your computer to an older timepoint from boot setup, then it should work. Once the timepoint recovered, then all your antivirus and everything else should work again. Immediately scan the whole comp, remove the damn thing, and you should be good to go. If you happen to have one of those antispyware bootable CDs, then u are in luck, cuz it will be easier to remove. GOOD LUCK!
I am very disappointed with this system Tools that nearly made me disposed off my computer. It is so annoying can't they be sued for this malicious act? i had important things to do but failed comleptely as anyone else. Please help I jsut wanted to get rid of this useless tool
I use XP and eventually got rid of System Tool by restarting in Safe Mode and then went to Systems Restore and restored to the date before the PC became effected and to date that appears to have worked
What a nightmare this is can't remove it can't find it had to go to safe mode to try and get it sorted
I suddenly have the bing bar appearing to my internet explorer. I had google chrome and want to stay with google chrome. What should I do? I've tried almost everything and still cannot get rid of that Bing bar
Have had mawlware on pc and android for about 2 years it was telling me it has been driving me crazy please help get it off