System Tool 2011

System Tool 2011 Description

ScreenshotSystem Tool 2011 is an especially badly-made rogue anti-virus program. If you've seen this one active on a computer, you probably have noticed that by now. Nonetheless, System Tool 2011 is still a threat, and one that tries to steal money, so it should be taken seriously as an online threat.

What You Shoud Expect if You are Infected with System Tool 2011

In most ways, System Tool 2011 creates symptoms that are completely typical for fake anti-virus software. System Tool 2011 will alter the registry in order to start every time Windows starts. So when you start your computer, the first thing you see after it boots is this fake interface for System Tool 2011. This interface is where System Tool 2011 runs its fake little system scans, which always turn up a list of threats, which System Tool 2011 always says it can't remove unless you purchase its "full" version. None of these threats is actually present on the system; the con-artists behind System Tool 2011 are just trying to scare you into believing that you have to purchase their bogus program.

After the fake system scan, System Tool 2011 will cause very frequent pop-up alerts, which have some really amazingly bad content. Some of these alerts are very bland, and they say general things about some threat being detected on the system, and then they prompt you to purchase System Tool 2011. However, one of these alerts – with the longest text of any of them – has a whole paragraph that says that all kinds of personal and damaging information is stored on your computer and is at risk of being stolen, which, as a result, could “break your life.” (It's full of spelling and grammatical errors, too.) Clearly, the crooks behind System Tool 2011 are trying to incite panic, so that you'll rush off to their payment site and give them your credit card number and pay money for System Tool 2011, after which they will give you absolutely nothing for that money.

In addition to these blatant scare tactics, System Tool 2011 can disrupt the normal functions of your computer by preventing you from running other applications. Usually, when you try to start another program, System Tool 2011 will shut it down with some lame message about the program in question being infected with a virus. You may be able to access Internet Explorer, but chances are, System Tool 2011 will just redirect you to its own malicious site.

How System Tool 2011 Spreads Across the Web

System Tool 2011 infections begin with a Trojan, usually. In general, what happens is that a Trojan that supports System Tool 2011 is hidden in some other thing that you download, and then once the Trojan is on board, it makes sure that System Tool 2011 gets installed. There are reports that one of the most common camouflaging methods for these Trojans is in fake Adobe Acrobat or Flash updates, downloaded from third-party sites. Of course, sometimes the presence of System Tool 2011 is the result of falling for a fake "free virus scan" on a malicious site, which downloads System Tool 2011, or pretends to scan for viruses and then claims that a download of System Tool 2011 is necessary in order to remove the threats it has found.

Where Does System Tool 2011 Come From?

System Tool 2011 is part of a family of rogue anti-virus applications, and the family has been around for a long time, in virus terms – since 2008. All of these fake programs support the same scam, which is Russian in origin. Some of the other rogue anti-virus applications in the same family are PC Tool 2011, System Tool, and System Tool 2.20, although the family is active and will almost certainly add new members. System Tool 2011 began causing infections in October and November of 2010.[template:lass="adrotate-container" data-group="location:p6" data-title="">

Technical Information

Screenshots & Other Imagery

Tip: Turn your sound ON and watch the video in Full Screen mode to fully experience how System Tool 2011 infects a computer.

System Tool 2011 Video

System Tool 2011 Image 1 System Tool 2011 Image 2 System Tool 2011 Image 3 System Tool 2011 Image 4 System Tool 2011 Image 5 System Tool 2011 Image 6 System Tool 2011 Image 7

File System Details

System Tool 2011 creates the following file(s):
# File Name Size MD5 Detection Count
1 %ALLUSERSPROFILE%\pAkBd01819\pAkBd01819.exe 466,432 2d670614a7b41ab4a6ef0bbe4edc86ea 2
2 %ALLUSERSPROFILE%\Application Data\hOfPd01803\hOfPd01803.exe 466,432 3edf7137e715bfc18adf70614cdbcd37 2
3 %ALLUSERSPROFILE%\Application Data\jNlAe02900\jNlAe02900.exe 466,432 660a3161c5cad33fad99dfc7a44909fa 2
4 %ALLUSERSPROFILE%\oKdNa01829\oKdNa01829.exe 466,432 746b737e810c1c1ae213a678c7e89bce 2
5 %ALLUSERSPROFILE%\mIiCg01805\mIiCg01805.exe 790,016 36a65271dfec4405e54f37c0ef371c13 1
6 %ALLUSERSPROFILE%\Application Data\bCeLg01804\bCeLg01804.exe 466,432 a656b3d5a88d1dd61e615c519c91b219 1
7 %ALLUSERSPROFILE%\nEeEe01811\nEeEe01811.exe 466,432 bb20613d81fb921d995475872dbe3f7f 1
8 %ALLUSERSPROFILE%\jGfFk01843\jGfFk01843.exe 466,432 17c95d6acb856861ac2ea9d7197a5f6d 1
9 %ALLUSERSPROFILE%\nNcKp01805\nNcKp01805.exe 466,432 0e236b9b4e005318e1885eaccdf71c11 1
10 %ALLUSERSPROFILE%\aIgLa01819\aIgLa01819.exe 466,432 bc54352a5912eb7c614c21b4d82ecb2c 1
11 %ALLUSERSPROFILE%\Application Data\dDlEd01803\dDlEd01803.exe 466,432 893b25e71c7dacee4a9a3a3b02f92d79 1
12 %ALLUSERSPROFILE%\oEkGd01823\oEkGd01823.exe 466,432 a9df67451944fac5e815898136a3feca 1
13 %ALLUSERSPROFILE%\aPhEl02613\aPhEl02613.exe 466,432 75bed09b7177c37d93870f89336a8257 1
14 %ALLUSERSPROFILE%\oNhFm03000\oNhFm03000.exe 466,432 d0c9077e4ded4b0472afbf6541dcae5e 1
15 %ALLUSERSPROFILE%\oOkFh01803\oOkFh01803.exe 466,432 57bc5d15f9dd622abd67618106dda221 1
16 %ALLUSERSPROFILE%\kPcFe02900\kPcFe02900.exe 466,432 881d0f50890bcfc3c533add492a471ff 1
17 %ALLUSERSPROFILE%\pIjCp03000\pIjCp03000.exe 466,432 75fe6f4e4f0c6736a4889e9826ec74eb 1
18 %ALLUSERSPROFILE%\nMgPj01803\nMgPj01803.exe 466,432 2001362a06262efaa57232ef2adc6ce0 1
19 %ALLUSERSPROFILE%\Application Data\pFeFg01803\pFeFg01803.exe 466,432 6d93341782a6bfaaa876d1e6717c0c38 1
20 %ALLUSERSPROFILE%\jMcBh01803\jMcBh01803.exe 466,432 e8930375b355720b5047aca0db8e4c7e 1
21 %ALLUSERSPROFILE%\oPjFm01804\oPjFm01804.exe 466,432 6062d192e945a06be453f89aeb61df2f 1
22 %ALLUSERSPROFILE%\cAlJh03000\cAlJh03000.exe 466,432 d3935f4781e0fee02742cc8ce3a4799e 1
23 %ALLUSERSPROFILE%\cOnFp03000\cOnFp03000.exe 466,432 b07d1314b34fd93d8f5ef9ce93aebfa4 1
24 %ALLUSERSPROFILE%\lDlMb03000\lDlMb03000.exe 466,432 e907ac83cf1141a59d678451b9051ab1 1
25 %ALLUSERSPROFILE%\fEoLi01818\fEoLi01818.exe 466,432 97eb9470a715974ad87c64545a5b0dc5 1
26 %ALLUSERSPROFILE%\fKiLp01804\fKiLp01804.exe 466,432 7f82f17d5d9697e89b6ac6933c485295 1
27 %ALLUSERSPROFILE%\dPgKj01819\dPgKj01819.exe 466,432 3fd34f8b116bb0d5c9267bab6963d9cd 1
28 %ALLUSERSPROFILE%\cNlGa01601\cNlGa01601.exe 466,432 8e1360e188ca0903bd05b020019c1ebf 1
29 %ALLUSERSPROFILE%\hCfMl01834\hCfMl01834.exe 466,432 4c6b1ca8c32151c17b7c77ffa75e1c2c 1
More files

More Details on System Tool 2011

The following messages associated with System Tool 2011 were found:
WARNING!
YOUR'RE IN DANGER!
YOUR COMPUTER IS INFECTED WITH SPYWARE!

ALL YOU DO WITH COMPUTER IS STORED FOREVER IN YOUR HARD DISK.
WHEN YOU VISIT SITES, SEND EMAILS??? ALL YOUR ACTIONS ARE LOGGED. AND IT IS IMPOSSIBLE TO REMOVE THEM WITH STANDARD TOOLS. YOUR DATA IS STILL AVAILABLE FOR FORENSICS. AND IN SOME CASES

FOR YOUR BOSS, YOUR FRIENDS, YOUR WIFE, YOUR CHILDREN
Every site you or somebody or even something, like spyware, opened in your browsers,
will all the images and all the downloaded and maybe later removed movies or mp3 songs -
ARE STILL THERE and could break your life!

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

10 Comments

  • melissa:
    9 years ago Reply

    How the frigg do you delete it? It wont let me do anything! I had to go on my friends computer just to find out how to fix it. HELP PLEASE!!

  • jackie:
    9 years ago Reply

    im in the same position there is nothing i can do to remove this friggin thing!
    wont let me open any programmed and computer shuts down every 10 mins or so

  • louie:
    9 years ago Reply

    it wont let u do any thing

  • Dylan:
    9 years ago Reply

    Well, I had AVG and it always popped up with an internet browser, which was functional. All of your files are infected? FAKE! They are NOT. Go to Start>All Programs and look for System Tools. Hurry now, you don't have long. DON'T restart your pc. Download this or whatever and remove it. Then install a genuine anti-virus. Tada! Your welcome :3

  • cindaec:
    9 years ago Reply

    I got this wonderful virus yesterday night! God it was so friggin annoying, took me 3 hours to get the damn thing off!!! It doesn't let you run anything all programs are mostly blocked (the blue screen of death scared the crap out of me). Restart your comp, go to your boot setup menu, and restore your computer to an older timepoint from boot setup, then it should work. Once the timepoint recovered, then all your antivirus and everything else should work again. Immediately scan the whole comp, remove the damn thing, and you should be good to go. If you happen to have one of those antispyware bootable CDs, then u are in luck, cuz it will be easier to remove. GOOD LUCK!

  • Adam Alhassan:
    9 years ago Reply

    I am very disappointed with this system Tools that nearly made me disposed off my computer. It is so annoying can't they be sued for this malicious act? i had important things to do but failed comleptely as anyone else. Please help I jsut wanted to get rid of this useless tool

  • Mick Brown:
    9 years ago Reply

    I use XP and eventually got rid of System Tool by restarting in Safe Mode and then went to Systems Restore and restored to the date before the PC became effected and to date that appears to have worked

  • John Y:
    9 years ago Reply

    What a nightmare this is can't remove it can't find it had to go to safe mode to try and get it sorted

  • MARIELLE ALLARD:
    6 years ago Reply

    I suddenly have the bing bar appearing to my internet explorer. I had google chrome and want to stay with google chrome. What should I do? I've tried almost everything and still cannot get rid of that Bing bar

  • stacey stewart:
    5 years ago Reply

    Have had mawlware on pc and android for about 2 years it was telling me it has been driving me crazy please help get it off

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

Comments (10)
By GoldSparrow in Rogue Anti-Spyware Program
Translate To: Español Português
Threat Scorecard
?
The ESL Threat Scorecard is an assessment report that is given to every malware threat that has been collected and analyzed through our Malware Research Center. The ESL Threat Scorecard evaluates and ranks each threat by using several metrics such as trends, incidents and severity over time.

In addition to the effective scoring for each threat, we are able to interpret anonymous geographic data to list the top three countries infected with a particular threat. The data used for the ESL Threat Scorecard is updated daily and displayed based on trends for a 30-day period. The ESL Threat Scorecard is a useful tool for a wide array of computer users from end users seeking a solution to remove a particular threat or security experts pursuing analysis and research data on emerging threats.

Each of the fields listed on the ESL Threat Scorecard, containing a specific value, are as follows:

Ranking: The current ranking of a particular threat among all the other threats found on our malware research database.

Threat Level: The level of threat a particular computer threat could have on an infected computer. The threat level is based on a particular threat's behavior and other risk factors. We rate the threat level as low, medium or high. The different threat levels are discussed in the SpyHunter Risk Assessment Model.

Infected Computer: The number of confirmed and suspected cases of a particular threat detected on infected computers retrieved from diagnostic and scan log reports generated by SpyHunter's Spyware Scanner.

% Change: The daily percent change in the frequency of infected computers of a specific threat. The formula for percent changes results from current trends of a specific threat. An increase in the rankings of a specific threat yields a recalculation of the percentage of its recent gain. When a specific threat's ranking decreases, the percentage rate reflects its recent decline. For a specific threat remaining unchanged, the percent change remains in its current state. The % Change data is calculated and displayed in three different date ranges, in the last 24 hours, 7 days and 30 days. Next to the percentage change is the trend movement a specific malware threat does, either upward or downward, in the rankings. Each level of movement is color coded: a green up-arrow (∧) indicates a rise, a red down-arrow (∨) indicates a decline, and a brown equal symbol (=) indicates no change or plateaued.

Top 3 Countries Infected: Lists the top three countries a particular threat has targeted the most over the past month. This data allows computer users to track the geographic distribution of a particular threat throughout the world.
Ranking: N/A
Threat Level: 10
Infected Computers: 261